Main Menu
Main Page
Forums
New pages
Recent changes
Random page
Help

Glitches
Arbitrary code execution
Pokémon cloning
Pomeg glitch
Tweaking
Glitches by generation
Glitch categories

References/Resources
Databases
Disassembly projects
The Big HEX List
Pokémon cheat codes
Pokémon glitch terminology
Useful tools
More

Affiliates
Legendary Star Blob 2 (Hakuda)
Pokémon Speedruns wiki
PRAMA Initiative
Become an affiliate!

Technical
Site source code

Search Wiki

 

Search Forums

 

Author Topic: Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE.  (Read 443 times)

0 Members and 1 Guest are viewing this topic.

treg

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Hi,

  I am an (ex?) Java developper. Since I work less these days, I took time to have a look at how the Old Man Glitch worked and hade a lot of fun. I gave a talk about it at local Java User Group, and have been asked to give it again at DevFest Toulouse (developper conference with about 550 people, maybe 150 people choosed to attend this talk).

  I tryed to make a precise writeup of the presentation and it is available on github: https://github.com/FabienTregan/TheOldManGlitch/ . It is meant at people who would like to give the talk, or attendees who would like to reproduce it at home.

  I am by no way an expert in Pokémon nor GameBoy dev, and english is not my first language. There are probably lots of errors and imprecise things: feedback is greatly appreciated.

  While writting the talk, I did not find much information about how / when / by who the glitch was discovered and when the RCE was crafted. I could only tell that I've found all information on this forum and on the disassembled Pokered code on github. Any verified information is welcome.

  I gave this talk mainly to show new or old devloppers who are more into java / javascript / php that security and assembly can be fun and that they can learn the basis. This lead to some choices, e.g. using the Fossil method instead of the Dry one to underflow the item count because it was more interesting to explain what was happening.

Thanks for all the great information on this forum,
thanks also for any feedback.

treg.
« Last Edit: November 15, 2018, 08:29:15 am by treg »

Sherkel

  • The first unquiring one to bare arms
  • Staff
  • *****
  • Offline Offline
  • Gender: Male
  • リリー再び!
    • View Profile
Re: Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE.
« Reply #1 on: November 15, 2018, 09:45:45 am »
Wow, this is really great to see! There truly is so much to learn from taking apart these games and even just looking at the deconstructed parts and seeing the exploits they allow for. Going to proofread now; major props for having the idea to use the site's information for this!

I read through it. The presentation is excellent, both accurate and pleasingly thorough. I only have one small nitpick: mentioning the sprite decompression routine out of nowhere (which actually does cause data to be written to an unintended place in 'M's case, that being the Hall of Fame) isn't really necessary, as it doesn't relate to any of the other content in the presentation. As I said, though, minor nitpicks; no audience would know the difference, and they don't detract from the quality and thoroughness of the research. Knowing that this is going to be presented in a lecture setting is awesome. :D
« Last Edit: November 15, 2018, 10:30:17 am by Sherkel »
 
 

treg

  • GCLF Member
  • Offline Offline
  • CHARIZRAD 'M ROXORX or is it.
    • View Profile
Re: Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE.
« Reply #2 on: November 15, 2018, 11:43:58 am »
Thank you Sherkel ! :)

I only have one small nitpick: mentioning the sprite decompression routine out of nowhere (which actually does cause data to be written to an unintended place in 'M's case, that being the Hall of Fame) isn't really necessary, as it doesn't relate to any of the other content in the presentation. As I said, though, minor nitpicks; no audience would know the difference,

The intent was to show how security researchers can try looking for things to exploit. I think (hope) this was clearer when I talked than when I later did the writeup. I'll improve that, thanks !
Thank you for telling me about the 'M's case, I correct this :)

Quote
and they don't detract from the quality and thoroughness of the research. Knowing that this is going to be presented in a lecture setting is awesome. :D
I gave it twice already, about 150-200 attendees total. And people seem to enjoy it and to learn more than they expected. I'll try to post the video (in french) when it's available.
Apprently organizers of two different conferences want me to give it again. If somebody here want to try giving the talk I may be able to help :)

treg.

Sherkel

  • The first unquiring one to bare arms
  • Staff
  • *****
  • Offline Offline
  • Gender: Male
  • リリー再び!
    • View Profile
Re: Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE.
« Reply #3 on: November 16, 2018, 07:06:17 pm »
I gave it twice already, about 150-200 attendees total. And people seem to enjoy it and to learn more than they expected. I'll try to post the video (in french) when it's available.
Apprently organizers of two different conferences want me to give it again. If somebody here want to try giving the talk I may be able to help :)

treg.
Amazing! Thanks for telling us about this, and good luck with all upcoming presentations. The reinvitations to those conferences are well-deserved.