21 users online: Ahrion, BanzaiChuck, drspork, Goobie Doobie, HeitorPorfirio2006, margot, mmmdoggy, muzzl, ninj,  Noivern, OEO6, RollingRigatonis, Russ, Samie Zuccati, Shuttles, Soul, spooonsss,  Tahixham, TheBourgyman, wye, Yoshioshi59_ - Guests: 113 - Bots: 360
Users: 55,715 (2,330 active)
Latest user: Afda1983

#serioushax presents: Serious Hacks. (ZSNES USERS READ)

Originally posted by Mindevous
I don't understand how people just don't like ZSNES, up to the point where there was even a patch warning others about music breakage, etc.

Because, tldr;

1. ZSNES is horribly inaccurate
2. ZSNES is holding back progress
3. ZSNES can execute malicious code and infect your PC

Seriously how much of a contrarian can you be? You're putting yourself at risk.
Since avoiding malicious software on my computer is my top priority, I say, I'll use zmz. Even though the fast foward, recording sucks, but at least it's more compatable with vldc8. And that it's more accurate. (By the way when they say accurate, does it mean audio, graphic is better?)
Give thanks to RPG hacker for working on Asar.
Originally posted by GreenHammerBro
By the way when they say accurate, does it mean audio, graphic is better?

It means it emulates the original SNES hardware better. A lot of issues happen with ZSNES that shouldn't happen. Try to play Super Mario RPG for example. It will crash sooner or later. There's many more issues, though.

And yes, I also wish ZMZ was updated someday but if I heard correctly it's not going to happen.
Originally posted by RanAS
Try to play Super Mario RPG for example. It will crash sooner or later.
I've played and beaten Super Mario RPG on ZSNES and I don't remembrer it ever crashing(it was a translated version though so I don't know if that might have affected it in some way)

My hacks: Justice for Mario / Unnamed Kaizo Hack
An accurate emulator means a closer emulation to the original SNES hardware which implies better graphics and sound quality, at least in terms of proximity with the SNES. Of course some people may prefer using filters like HQ2X-4X for graphics or Sinc Interpolation for sound, which is not available in hardware but still an accurate emulator helps with making the graphical/sound quality better. An obvious comparison is Mario's sound effects when you play SMW on ZSNES versus snes9x/bsnes/higan/real hardware.
GitHub - Twitter - YouTube - SnesLab Discord
Originally posted by byuu

There are rumors across the Internet of a ROM that can break out from ZSNES and launch a program on the host computer.

Even more reason to use ZSNES! Just imagine how much more powerful your SMW ROM hacks could be if you harness the power of the host x86 PC! MSU1 can't hold a candle to having a quad-core i7 at your disposal.

We will release the ROM once ZSNES 1.52 is released

So, in other words, never =(

(I kid, but only a little bit ...)

if it's released before that, it'll put all ZSNES users at risk.

Just noting that they're still completely at risk. It's possible black hats have already found this, or will seek this out now.

Infosec set deadline dates to motivate vendors to patch quicker. You should give them 2-4 weeks before releasing this.

And yes, I would say the same thing if this were my software that was exploited here.

Probably there's lot of exploits on ZSNES so even if you stick to v1.52, it's still better to use an accurate emulator instead.

There is absolutely many more exploits like this to be found.

I do want to warn everyone though, other emulators aren't immune to this either.

We're better protected by nature of having cleaner, less dangerous code. But this sort of thing happens to all sandbox software (in a way, an emulator is a sandbox.) It would be foolish of me to act like bsnes is immune.

However, one thing I am working on with bsnes/higan, is to offer **optional** ROM signing. That would ensure this sort of thing wouldn't happen, if you were to stick to signers you trust.

It's currently unknown how many others have known of this exploit or if ROMs exist in the wild yet that make use of it.

I am 90% certain I saw one many years ago that called MessageBoxA. But unfortunately, it was so long ago, I have no idea how to go about finding it. It was probably pre-v1.51 too.

Can you make it FORMAT c:\ ?

Yes, you absolutely can. And much, much worse.

Despite how many people hate it, I'm not switching to Higan nor Snes9x.

Don't worry, pretty soon SMW hacks will silently replace your ZSNES with ZMZ, and you'll be none the wiser ;)


Mod edit: Fixed BBCode a bit to make the post slightly less confusing.
And now all I can think of is "Wow, I could make a way better Rickrom using this".


In fact, I hereby formally request that the public release of this exploit opens Rickroll on YouTube.