Slashdot Mirror

← Back to Stories (view on slashdot.org)

Plumber Injection Attack In Bowser's Castle

Posted by Soulskill on from the what-they-want-probably-isn't-there-anyway dept.

An anonymous reader writes to make sure everybody Yoshi Bullet Bill Reznor is aware of Security Advisory SMB-1985-0001: Plumber Injection Attack in Bowser's Castle. "Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser's Castle. An Italian plumber could exploit jump on headbutt fireball this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for unspecified other impact theft of giant gold coins consumption of narcotics vicious attacks on Koopas . This vulnerability is demonstrated by 'happylee-supermariobros,warped.fm2.' Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A bouncing star patch radioactive flower Tanooki suit has been made available."

59 comments

  1. Plumber injection attack? by Shikaku · · Score: 2

    Are we talking about pipe cleaning?

    1. Re:Plumber injection attack? by DigiShaman · · Score: 4, Funny

      Yes, that's what Peach calls it.

      --
      Life is not for the lazy.
    2. Re:Plumber injection attack? by Tackhead · · Score: 1

      Are we talking about pipe cleaning?

      Yes, that's what Peach calls it.

      The Princess? She had a crush on Trent Reznor, couldn't get enough of that Nine Inch Goombas action in her never-ending quest to get Closer to Mario...

    3. Re:Plumber injection attack? by Anonymous Coward · · Score: 0

      Trent didn't care much for the princess, instead opting for the (Mari)Queen.

    4. Re:Plumber injection attack? by TitusC3v5 · · Score: 1

      More like spanking the monkey, really.

      --
      And the masses cried out, "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0!"
    5. Re:Plumber injection attack? by Kagura · · Score: 1

      High-production-value Mario parody called "Do the Mario". It's highly relevant.

    6. Re:Plumber injection attack? by Anonymous Coward · · Score: 0

      Insightful? You guys don't seem to understand what a fellatio is I think. Should have been modded "funny".

    7. Re:Plumber injection attack? by Anonymous Coward · · Score: 0

      1 reply below your threshold.

  2. Italian? by Anonymous Coward · · Score: 1

    What about a Swedish Plumber? Or is the difference in meatball consumption important?

  3. It just keeps getting worse. by kyrio · · Score: 2

    I just want my achievement!

    1. Re:It just keeps getting worse. by aitmanga · · Score: 1

      I just want my achievement!

      Me too

      --
      He who knows when he can fight and when he cannot will be victorious.
    2. Re:It just keeps getting worse. by SteveFoerster · · Score: 1

      Sure, why not?

      --
      Space game using normal deck of cards: http://BattleCards.org
    3. Re:It just keeps getting worse. by J053 · · Score: 1

      Me too!

  4. I'm usually game for these, by Anonymous Coward · · Score: 2, Funny

    ...but this has got to be the least-creative April fools article in history. Really, really lame.

    1. Re:I'm usually game for these, by macshit · · Score: 1

      You've got to admit it's a great headline though -- reading that was the first time I actually laughed out loud this april 1st...

      Sure, it's all pretty lame, especially compared to the sublime "OMG ponies!1!" -- but except for that (what on earth happened that year?!), slashdot's april fools have always been lame.... it's a slashdition!

      --
      We live, as we dream -- alone....
    2. Re:I'm usually game for these, by Anonymous Coward · · Score: 0

      "...but this has got to be the least-creative April fools article in history. Really, really lame."

      You beat me to it. I was going to submit a counter-story involving the discovery of objects smaller than the Planck scale, and the size of the weak-assed straws people will grab for in an attempt to make an AFJ, but I've been infected with lame and have lost the will to live.

    3. Re:I'm usually game for these, by Anonymous Coward · · Score: 0

      You, uh, do realize that they're distributing a legitimate, working hot-patch for a glitch in the game, right?

  5. Plumbers high on mushrooms by thomasdz · · Score: 2

    It always seem that they are hopped up on mushrooms and screaming that they're running away from "Goombas" or some other ridiculous thing.

    --
    Karma: Excellent. 15 moderator points expire sometime.
  6. Re:GOD DAMN IT by Anonymous Coward · · Score: 2, Interesting

    Please STOP with the reading of Slashdot on April Fools' day. You do NOT have a sense of humor.

  7. Ok I actually laughed at this one. by AbRASiON · · Score: 0

    Pretty good, but I only just logged in this morning (Australia) so I saw them in all in a row.
    Plumber injection attack indeed, which reminds me - on topic
    http://www.pbfcomics.com/?cid=PBF213-Mario_Too.jpg

  8. Re:April Fool's Day by Thud457 · · Score: 0

    holy crap /., all day , notstop, and not a serious article worthy of discussion.
    oh, wait, that's every day around here...

    way to go fucking overboard. It would be more sneaky to keep the normal submission queue going and slip a few carefully-crafted ringers into YRO and then watch the resulting 1500-post flamefest.

    "fool me once, shame on me. fool me 23 times without respite, fuck you!" hhok...

    --

    the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

  9. Re:GOD DAMN IT by Jon.Laslow · · Score: 1

    I just use the "Mark All Read" feature on my RSS feed.

  10. Epic by Reapman · · Score: 1

    Great read, but seriously, isn't this news a bit old? I mean we're talking about a product several revisions old. I'm sure in the years since this product was originally published Bowsers had a chance to install additional safeguards to the perimeter. I doubt a single plumber could ever break in now....

    1. Re:Epic by jd2112 · · Score: 1

      No, but two could...

      --
      Any insufficiently advanced magic is indistinguishable from technology.
  11. Old story, but someone go tell Nintendo by Anonymous Coward · · Score: 0

    This exploit has been known for 25 years, but has never been patched!

  12. Rated: Not Funny by Haedrian · · Score: 1

    (Title is a throwback to a very old game, anyone want to guess?)

    Seriously, the first few were good, it was all quite funny.. this one is just... meh.

    Can we be finished with this day already?

    1. Re:Rated: Not Funny by Anonymous Coward · · Score: 0

      If it were Sonic 2, suitably for your "Tails is the yiff god" tastes, it'd be Rating: Funniest thing ever.

    2. Re:Rated: Not Funny by geekoid · · Score: 1

      No mater how much you wish it, this day will be as long as all the others. so..go away.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  13. Somewhat on topic by nebaz · · Score: 1

    This is old, but I enjoyed it. 'New Super Mario Bros'. movie trailer.

    --
    Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
  14. Re:April Fool's Day by TaoPhoenix · · Score: 1

    No, then the next story will come through next week that the law saying basically "every copyrighted word or picture in any form is a felony" will go through Congress except it will be real, and we'll be begging for April Fool's day.

    --
    My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
  15. Does the patch actually work? by Daetrin · · Score: 1

    Did they just make up something random, or could you actually apply the patch to a ROM and "fix" the "bug"?

    --
    This Space Intentionally Left Blank
    1. Re:Does the patch actually work? by godblessthenet · · Score: 1

      It's a real patch. The second video is the result of attempting to run the same speed run on a patched copy.

    2. Re:Does the patch actually work? by Shikaku · · Score: 1

      http://blog.ksplice.com/2011/04/smb-1985-0001-advisory/ Which can be viewed here. You know, the first link in the article.

    3. Re:Does the patch actually work? by Daetrin · · Score: 1

      Ok, as long as you want to point out the obvious, does the second video (which i'd already watched before i asked the question, thanks) actually show the results of a patched rom? Or did they just tweak the speed run script a tiny bit so that it looks the same but the bug fails to be triggered? If it were a serious article i'd be willing to take them at their word, but since the whole thing is a joke anyways i couldn't blame them if they "cheated" in order to make it more humorous.

      --
      This Space Intentionally Left Blank
    4. Re:Does the patch actually work? by RabidJackal · · Score: 1

      Whoops, didn't notice this comment before I posted :)

      It works; but it messes with the wall ejection routine to the point that you'll easily get stuck in normal gameplay. see my technical comment for further info on how it works.

    5. Re:Does the patch actually work? by godblessthenet · · Score: 1

      Yes, it actually shows the results of a patched ROM. There is a (short) analysis of the patch at: http://www.reddit.com/r/programming/comments/ggeac/security_advisory_plumber_injection_attack_in/c1nefj4

  16. Who still runs smb anymore? by rsilvergun · · Score: 1

    I'm an old codger, and even I've upgraded to the 64-bit version.
    , and I suspect most people are at least running the 128-bit version, although I've heard it's a downgrade.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  17. yay news! by Pheonix28 · · Score: 1

    Gotta love April 1st... all the wonderful "news" stories that get posted, just wonderful.

    1. Re:yay news! by Anonymous Coward · · Score: 0

      I know, right? While most news websites have only 1 joke, Slashdot has all the jokes from every websites... Lame. Make up your own Slashdot or publish just one.

  18. Better than other forms of injection by Tisha_AH · · Score: 1

    They could have injected it into Bowser's shorts. He would be walking really funny.

    --
    Tisha Hayes
  19. triplegood holiday in spite of the terrorists? by Anonymous Coward · · Score: 0

    O’Brien’s manner became less severe. ... When he spoke his voice was gentle and patient. He had the air of a doctor, a teacher, even a priest, anxious to explain and persuade rather than to punish.
    “I am taking trouble with you, Winston,” he said, “because you are worth trouble. You know perfectly well what is the matter with you. You have known it for years, though you have fought against the knowledge. You are mentally deranged. You suffer from a defective memory. You are unable to remember real events, and you persuade yourself that you remember other events which never happened. ...You have never cured yourself of it, because you did not choose to.... Even now, I am well aware, you are clinging to your disease under the impression that it is a virtue.
    Now we will take an example. At this moment, which power is Oceania at war with?”
    “When I was arrested, Oceania was at war with Eastasia.”
    ‘With Eastasia. Good. And Oceania has always been at war with Eastasia, has it not?”
    Winston drew in his breath. He opened his mouth to speak and then did not speak. He could not take his eyes away from the dial....

    “Another example,” [O'Brien] said. “Some years ago you had a very serious delusion indeed. You believed that three
    men, three one-time Party members...were not guilty of the crimes they were charged with. You believed that you had seen unmistakable documentary evidence proving that their confessions were false....
    “It exists!” he cried.
    “No,” said O’Brien.... It does not exist. It never existed.”
    “But it did exist! It does exist! It exists in memory. I remember it. You remember it.”
    “I do not remember it,” said O’Brien.
    Winston’s heart sank. That was doublethink. He had a feeling of deadly helplessness.... Perhaps that lunatic dislocation in the mind could really happen: that was the thought that defeated him.
    The intentional result of such interrogation is today's postmodern thinking: no certainty, no truth, no absolute moral standard.... Any new or evolving "truth" is determined by group consensus -- through the Media or through small groups led by a trained facilitator (a nicer version of O'Brien) who creates a safe place and becomes your friend and confidante as well as trainer. Individual thinking is out! Group think is in! Only its synthesis is acceptable!

  20. Remeber the Republican's caused all of this by Anonymous Coward · · Score: 0

    The Republicans are in bed with big business. The Republicans are Microsoft's bitches - remember that!

    And if you're one of those "Social Conservative" morons, get a fucking life! Remember this, you social conservative asshole, the Bible is a book about rape, incest, child pornography, and cannibalism!

    So, ban all you want and you'll just be greasing a nice slippery slope to ban all of Christianity and Judaism and Islam!

    Goddamn hypocritical assholes!

    You'll burn in your own Hell!!

  21. Heh! by Anonymous Coward · · Score: 0

    I like the forms control in this one. Oh, and where I live, its already 4:09 PM, and April Fools Day(tm) pranks usually stop at noon. Since I'm only 5 time zones from the international date line, there is only one time zone left where its still before noon (and while its true that there are a number of islands in that time zone, the majority of that zone is Pacific Ocean. Perhaps the time for AFD(tm) jokes should end soon?

  22. Re:GOD DAMN IT by Anonymous Coward · · Score: 0

    Sure I do. An entire site basically offline for an entire day with prosaic, fake stories is not funny. If you thinks so, then it is YOU with the faulty sense of humor, ass-bag.

  23. OK by guybrush3pwood · · Score: 1

    Ok, why am I getting all these combo boxes in the posts? It's driving me nuts.

    --
    Perhaps I'm trolling, perhaps I'm not.
    1. Re:OK by geekoid · · Score: 1

      What are you talking about?

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
    2. Re:OK by farkus888 · · Score: 1

      I don't think anyone else is seeing them, must be something wrong with your browser.

      --
      thats right, I rarely use capitals. deal with it. but don't mistake my laziness for stupidity
    3. Re:OK by mattack2 · · Score: 1

      Or even his Bowser.

    4. Re:OK by Anonymous Coward · · Score: 0

      i am rubber, you are glue

    5. Re:OK by guybrush3pwood · · Score: 1

      I'm getting this in two different PCs in both Chrome and Internet Explorer. The HTML code of the posts has select tags in some words. I'm not getting this in any other page. I want to kill somebody.

      --
      Perhaps I'm trolling, perhaps I'm not.
    6. Re:OK by guybrush3pwood · · Score: 1

      Oh my, oh my... Let it be noted: we don't have April Fools over here...

      --
      Perhaps I'm trolling, perhaps I'm not.
  24. Ih he had uses by geekoid · · Score: 2

    Open Sewer he could have patched these himself years ago.

    --
    The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  25. no Gottlieb / Premier make you pay $30+ rom update by Joe+The+Dragon · · Score: 1

    no Gottlieb / Premier will make you pay $30+ rom update and use the DMCA to shutdown any giving out the code for free.

  26. Patch Mechanics by RabidJackal · · Score: 1

    For those interested, the provided patch works by loading a fixed value of 1 into register A during the wall ejection routine instead of loading the value in address 0x45. 0x45 keeps track of the way Mario is facing.

    So basically, the wall ejection routine kicks in, thinks Mario is facing right (1), and ejects him left (back out of this wall).

    (Information collaborated with Ilari of TASvideos and the SMB RAM Map on Data Crystal.)