Skip to content

CTurt/shogihax

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 

shogihax

A remote code execution exploit against the game Morita Shogi 64 for the Nintendo 64. From CTurt and ppcasm.

Read more here.

Video demo of early homebrew channel proof-of-concept here.

Install

There are some dependencies:

sudo apt-get install python2
sudo apt install python-pip
sudo pip install sh
sudo pip install pyserial

Use

Compile your stage 3 payload (entry-point at offset 0 in the binary), and then run the below command:

sudo python shogihax.py /dev/ttyACM0 payload/stage2.bin payload/stage3.bin

To trigger the exploit from the N64, select the bottom menu item, then the top menu item.

You can also specify a custom stage 2 payload (exploit can be configured to use up to 0x1000 bytes for that stage), or just use the default, which downloads and executes stage 3 from 0x80000400.

About

Remote code execution exploit against Morita Shogi 64 for Nintendo 64

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published