SuperNull is a coding term that refers to exploits that use engine vulnerabilities to allow for arbitrary code execution during the character selection.
Most used vulnerabilties for SuperNull exploits would be the following:
- WinMUGEN: StateDef Overflow, AssertSpecial Overflow, and Command Overflow.
- 1.00/1.1b: AssertSpecial Overflow and Type Overflow
History[]
Information about the first character who used this exploit is ambigue, but it seems to indicate the author ydccdy used it on Guanyin, as a proof of concept was shown in 2013.
As years passed, upgraded versions of this exploit appeared, Guanyin-Ancients and Dsrugal being the first ones at using such versions.
A lot of authors used the exploits created by ydccdy on their SuperNull characters for a long time, until some of them started creating their own exploits, which allowed them to distinguish from other authors.
1.0/1.1[]
As these engine versions have the NX Bit protection enabled by default, shellcodes can no longer be directly executed while any attempt of doing so will just cause the program to abruptly terminate, so an exploit technique is required in order to circumvent said protection: Return-Oriented Programming
Creation of complex SuperNull exploits may be significantly hard to do, so it is preferable to create an exploit that allows the author to load external libraries from the character folder.
External type version is called as Invoker or Reloader.
Images and Videos[]
Guanyin by ydccdy
Nyan Cat by CyberAkumaTv
Chaos-Kronk by CyberAkumaTv