Glitch City Laboratories Archives

Glitch City Laboratories closed on 1 September 2020 (announcement). This is an archived copy of a thread from Glitch City Laboratories Forums.

You can join Glitch City Research Institute to ask questions or discuss current developments.

You may also download the archive of this forum in .tar.gz, .sql.gz, or .sqlite.gz formats.

Generation I Glitch Discussion

Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE. - Page 1

Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE.

Posted by: treg
Date: 2018-11-15 08:28:33
Hi,

  I am an (ex?) Java developper. Since I work less these days, I took time to have a look at how the Old Man Glitch worked and hade a lot of fun. I gave a talk about it at local Java User Group, and have been asked to give it again at DevFest Toulouse (developper conference with about 550 people, maybe 150 people choosed to attend this talk).

  I tryed to make a precise writeup of the presentation and it is available on github: https://github.com/FabienTregan/TheOldManGlitch/ . It is meant at people who would like to give the talk, or attendees who would like to reproduce it at home.

  I am by no way an expert in Pokémon nor GameBoy dev, and english is not my first language. There are probably lots of errors and imprecise things: feedback is greatly appreciated.

  While writting the talk, I did not find much information about how / when / by who the glitch was discovered and when the RCE was crafted. I could only tell that I've found all information on this forum and on the disassembled Pokered code on github. Any verified information is welcome.

  I gave this talk mainly to show new or old devloppers who are more into java / javascript / php that security and assembly can be fun and that they can learn the basis. This lead to some choices, e.g. using the Fossil method instead of the Dry one to underflow the item count because it was more interesting to explain what was happening.

Thanks for all the great information on this forum,
thanks also for any feedback.

treg.

Re: Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE.

Posted by: Sherkel
Date: 2018-11-15 09:45:45
Wow, this is really great to see! There truly is so much to learn from taking apart these games and even just looking at the deconstructed parts and seeing the exploits they allow for. Going to proofread now; major props for having the idea to use the site's information for this!

I read through it. The presentation is excellent, both accurate and pleasingly thorough. I only have one small nitpick: mentioning the sprite decompression routine out of nowhere (which actually does cause data to be written to an unintended place in 'M's case, that being the Hall of Fame) isn't really necessary, as it doesn't relate to any of the other content in the presentation. As I said, though, minor nitpicks; no audience would know the difference, and they don't detract from the quality and thoroughness of the research. Knowing that this is going to be presented in a lecture setting is awesome. :D

Re: Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE.

Posted by: treg
Date: 2018-11-15 11:43:58
Thank you Sherkel ! :)


I only have one small nitpick: mentioning the sprite decompression routine out of nowhere (which actually does cause data to be written to an unintended place in 'M's case, that being the Hall of Fame) isn't really necessary, as it doesn't relate to any of the other content in the presentation. As I said, though, minor nitpicks; no audience would know the difference,


The intent was to show how security researchers can try looking for things to exploit. I think (hope) this was clearer when I talked than when I later did the writeup. I'll improve that, thanks !
Thank you for telling me about the 'M's case, I correct this :)


and they don't detract from the quality and thoroughness of the research. Knowing that this is going to be presented in a lecture setting is awesome. :D

I gave it twice already, about 150-200 attendees total. And people seem to enjoy it and to learn more than they expected. I'll try to post the video (in french) when it's available.
Apprently organizers of two different conferences want me to give it again. If somebody here want to try giving the talk I may be able to help :)

treg.

Re: Talk at Jug and DevFest Toulouse 2018 about The Old Man Glitch and RCE.

Posted by: Sherkel
Date: 2018-11-16 19:06:17
I gave it twice already, about 150-200 attendees total. And people seem to enjoy it and to learn more than they expected. I'll try to post the video (in french) when it's available.
Apprently organizers of two different conferences want me to give it again. If somebody here want to try giving the talk I may be able to help :)

treg.
Amazing! Thanks for telling us about this, and good luck with all upcoming presentations. The reinvitations to those conferences are well-deserved.