Slashdot Mirror

← Back to Stories (view on slashdot.org)

Plumber Injection Attack In Bowser's Castle

Posted by Soulskill on from the what-they-want-probably-isn't-there-anyway dept.

An anonymous reader writes to make sure everybody Yoshi Bullet Bill Reznor is aware of Security Advisory SMB-1985-0001: Plumber Injection Attack in Bowser's Castle. "Ksplice, working in conjunction with Lakitu Cloud Security, has released a high-severity advisory about a Plumber Injection attack in multiple versions of Bowser's Castle. An Italian plumber could exploit jump on headbutt fireball this bug to bypass security measures (walk through walls) in order to rescue Peach, to defeat Bowser, or for unspecified other impact theft of giant gold coins consumption of narcotics vicious attacks on Koopas . This vulnerability is demonstrated by 'happylee-supermariobros,warped.fm2.' Attacks using this exploit have been observed in the wild, and multiple other exploits are publicly available. A bouncing star patch radioactive flower Tanooki suit has been made available."

39 of 59 comments (clear)

  1. Plumber injection attack? by Shikaku · · Score: 2

    Are we talking about pipe cleaning?

    1. Re:Plumber injection attack? by DigiShaman · · Score: 4, Funny

      Yes, that's what Peach calls it.

      --
      Life is not for the lazy.
    2. Re:Plumber injection attack? by Tackhead · · Score: 1

      Are we talking about pipe cleaning?

      Yes, that's what Peach calls it.

      The Princess? She had a crush on Trent Reznor, couldn't get enough of that Nine Inch Goombas action in her never-ending quest to get Closer to Mario...

    3. Re:Plumber injection attack? by TitusC3v5 · · Score: 1

      More like spanking the monkey, really.

      --
      And the masses cried out, "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0!"
    4. Re:Plumber injection attack? by Kagura · · Score: 1

      High-production-value Mario parody called "Do the Mario". It's highly relevant.

  2. Italian? by Anonymous Coward · · Score: 1

    What about a Swedish Plumber? Or is the difference in meatball consumption important?

  3. It just keeps getting worse. by kyrio · · Score: 2

    I just want my achievement!

    1. Re:It just keeps getting worse. by aitmanga · · Score: 1

      I just want my achievement!

      Me too

      --
      He who knows when he can fight and when he cannot will be victorious.
    2. Re:It just keeps getting worse. by SteveFoerster · · Score: 1

      Sure, why not?

      --
      Space game using normal deck of cards: http://BattleCards.org
    3. Re:It just keeps getting worse. by J053 · · Score: 1

      Me too!

  4. I'm usually game for these, by Anonymous Coward · · Score: 2, Funny

    ...but this has got to be the least-creative April fools article in history. Really, really lame.

    1. Re:I'm usually game for these, by macshit · · Score: 1

      You've got to admit it's a great headline though -- reading that was the first time I actually laughed out loud this april 1st...

      Sure, it's all pretty lame, especially compared to the sublime "OMG ponies!1!" -- but except for that (what on earth happened that year?!), slashdot's april fools have always been lame.... it's a slashdition!

      --
      We live, as we dream -- alone....
  5. Plumbers high on mushrooms by thomasdz · · Score: 2

    It always seem that they are hopped up on mushrooms and screaming that they're running away from "Goombas" or some other ridiculous thing.

    --
    Karma: Excellent. 15 moderator points expire sometime.
  6. Re:GOD DAMN IT by Anonymous Coward · · Score: 2, Interesting

    Please STOP with the reading of Slashdot on April Fools' day. You do NOT have a sense of humor.

  7. Re:GOD DAMN IT by Jon.Laslow · · Score: 1

    I just use the "Mark All Read" feature on my RSS feed.

  8. Epic by Reapman · · Score: 1

    Great read, but seriously, isn't this news a bit old? I mean we're talking about a product several revisions old. I'm sure in the years since this product was originally published Bowsers had a chance to install additional safeguards to the perimeter. I doubt a single plumber could ever break in now....

    1. Re:Epic by jd2112 · · Score: 1

      No, but two could...

      --
      Any insufficiently advanced magic is indistinguishable from technology.
  9. Rated: Not Funny by Haedrian · · Score: 1

    (Title is a throwback to a very old game, anyone want to guess?)

    Seriously, the first few were good, it was all quite funny.. this one is just... meh.

    Can we be finished with this day already?

    1. Re:Rated: Not Funny by geekoid · · Score: 1

      No mater how much you wish it, this day will be as long as all the others. so..go away.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  10. Somewhat on topic by nebaz · · Score: 1

    This is old, but I enjoyed it. 'New Super Mario Bros'. movie trailer.

    --
    Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
  11. Re:April Fool's Day by TaoPhoenix · · Score: 1

    No, then the next story will come through next week that the law saying basically "every copyrighted word or picture in any form is a felony" will go through Congress except it will be real, and we'll be begging for April Fool's day.

    --
    My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
  12. Does the patch actually work? by Daetrin · · Score: 1

    Did they just make up something random, or could you actually apply the patch to a ROM and "fix" the "bug"?

    --
    This Space Intentionally Left Blank
    1. Re:Does the patch actually work? by godblessthenet · · Score: 1

      It's a real patch. The second video is the result of attempting to run the same speed run on a patched copy.

    2. Re:Does the patch actually work? by Shikaku · · Score: 1

      http://blog.ksplice.com/2011/04/smb-1985-0001-advisory/ Which can be viewed here. You know, the first link in the article.

    3. Re:Does the patch actually work? by Daetrin · · Score: 1

      Ok, as long as you want to point out the obvious, does the second video (which i'd already watched before i asked the question, thanks) actually show the results of a patched rom? Or did they just tweak the speed run script a tiny bit so that it looks the same but the bug fails to be triggered? If it were a serious article i'd be willing to take them at their word, but since the whole thing is a joke anyways i couldn't blame them if they "cheated" in order to make it more humorous.

      --
      This Space Intentionally Left Blank
    4. Re:Does the patch actually work? by RabidJackal · · Score: 1

      Whoops, didn't notice this comment before I posted :)

      It works; but it messes with the wall ejection routine to the point that you'll easily get stuck in normal gameplay. see my technical comment for further info on how it works.

    5. Re:Does the patch actually work? by godblessthenet · · Score: 1

      Yes, it actually shows the results of a patched ROM. There is a (short) analysis of the patch at: http://www.reddit.com/r/programming/comments/ggeac/security_advisory_plumber_injection_attack_in/c1nefj4

  13. Who still runs smb anymore? by rsilvergun · · Score: 1

    I'm an old codger, and even I've upgraded to the 64-bit version.
    , and I suspect most people are at least running the 128-bit version, although I've heard it's a downgrade.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  14. yay news! by Pheonix28 · · Score: 1

    Gotta love April 1st... all the wonderful "news" stories that get posted, just wonderful.

  15. Better than other forms of injection by Tisha_AH · · Score: 1

    They could have injected it into Bowser's shorts. He would be walking really funny.

    --
    Tisha Hayes
  16. OK by guybrush3pwood · · Score: 1

    Ok, why am I getting all these combo boxes in the posts? It's driving me nuts.

    --
    Perhaps I'm trolling, perhaps I'm not.
    1. Re:OK by geekoid · · Score: 1

      What are you talking about?

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
    2. Re:OK by farkus888 · · Score: 1

      I don't think anyone else is seeing them, must be something wrong with your browser.

      --
      thats right, I rarely use capitals. deal with it. but don't mistake my laziness for stupidity
    3. Re:OK by mattack2 · · Score: 1

      Or even his Bowser.

    4. Re:OK by guybrush3pwood · · Score: 1

      I'm getting this in two different PCs in both Chrome and Internet Explorer. The HTML code of the posts has select tags in some words. I'm not getting this in any other page. I want to kill somebody.

      --
      Perhaps I'm trolling, perhaps I'm not.
    5. Re:OK by guybrush3pwood · · Score: 1

      Oh my, oh my... Let it be noted: we don't have April Fools over here...

      --
      Perhaps I'm trolling, perhaps I'm not.
  17. Ih he had uses by geekoid · · Score: 2

    Open Sewer he could have patched these himself years ago.

    --
    The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  18. no Gottlieb / Premier make you pay $30+ rom update by Joe+The+Dragon · · Score: 1

    no Gottlieb / Premier will make you pay $30+ rom update and use the DMCA to shutdown any giving out the code for free.

  19. Patch Mechanics by RabidJackal · · Score: 1

    For those interested, the provided patch works by loading a fixed value of 1 into register A during the wall ejection routine instead of loading the value in address 0x45. 0x45 keeps track of the way Mario is facing.

    So basically, the wall ejection routine kicks in, thinks Mario is facing right (1), and ejects him left (back out of this wall).

    (Information collaborated with Ilari of TASvideos and the SMB RAM Map on Data Crystal.)