display | more...

Arbitrary code injection is the process of writing seemingly innocuous data to a part of a computer processor where it will run as commands. For example, in an excel spreadsheet, normal numerical data in the cells might be transferred to the processor as instructions. This process has often been used for malicious purposes, in such things as buffer overflow attacks. The exact reason this works is kind of complicated, but it could in some ways be compared to an overloaded shopping bag. The bagger puts too many groceries in the bag, and something on the top, perhaps a zucchini, rolls out, and goes somewhere it is not intended to go. In the case of the zucchini, that is under the seat of your car, where it decays until you find it weeks later. In the case of code, the bag it rolls out of is the place it is supposed to be on your computer, and the place it rolls is somewhere else in your computer, where it likewise causes a suspicious stench until someone digs it out. There is, for those interested, many places on this site and elsewhere to receive a more technical, and less melonous, explanation.

Usually this is a bad thing. With classic gaming, it is a fascinating exercise in human ingenuity to make small, old, computer programs do totally unexpected things.

Take a game. Lets use Super Mario World, because it is one of the most popular and most studied games. All of the objects in Super Mario World, all the coins, and koopas and swinging platforms are code, of some sort. When you see a Koopa, the computer sees hexadecimal. Because Nintendo is good at programming, that hexadecimal data usually does what is expected of it. But because Nintendo never foresaw that people with powerful computer tools would spend decades studying this game, they didn't make the code totally perfect. There are ways to circumvent the program. Most of these involve doing two contradictory things at once: let Mario and Yoshi both gain a coin at once. Let one Yoshi hatch and another disappear down a pit simultaneously. What this does is cause the program to misassign variables. Then, data that should stand for one thing is shifted to other places in the memory, where it means something totally different. The hexadecimal code for a koopa is now the data that specifies where the exit to a pipe is. By first "breaking" the game, and then by manipulating normal, onscreen objects, someone can write code into the memory of the game.

The first usage of this was in performing a "wrong warp". In Tool Assisted Speedruns, a player could trick the game, place objects in certain places, and cause a pipe or door to exit to the end of the game. Because this involved a precise set of inputs, it was considered only a computer trick. Until some people started to be able to do it semi-reliably in real time. Mitch Fowler, one of the best Super Mario Bros 3 players ever, performed the trick live on the Stephen Colbert show. Other people became proficient in doing it for Super Mario World. Then, going a step beyond the "wrong warp", someone decided to perform truly arbitrarily code. Using a bewildering series of inputs, Super Mario World was turned into a totally different game: two of them in fact. Programmers were able to program Snake and Pong with the Super Mario World code. But, of course, this could only be done with computer inputs firing scores of precise commands per second, right? Well, recently, SethBling, one of the experimenters with the game, did this by himself, in real time. By painstakingly following a series of steps of moving objects around in game, he injected the code of a Flappy Bird clone into Super Mario World, which he then played in real time.

Here are four youtube videos showing the progress of the technique:

My interest in this is not only in the sheer wow factor. It also brings up an interesting philosophical question: how do we view the world, as a series of "common sense objects", or as a mathematical model of something malleable? To paraphrase Edmund Husserl (and forgive me if I abbreviate this thought even worse than with the zucchini metaphor): if science is only descriptive, it is only making lists. If science is only theoretical, it is dealing with mathematical abstractions. And the thing about mathematical abstractions is, you can do whatever you want with them. A glass of water is a series of tiny tiny particles held together by forces that can only be described by mathematics. For this reason, despite our "common sense" experience with water, we can add a pinch of another chemical to it, strengthen those bonds, and turn water solid at room temperature. Doing things like this, like realizing that cinnamon can change how our liver functions, that a sound we can't hear can repel or attract animals, that little slivers of iron will always point in one direction: all of these are ways that we take something and realize that what we think we see is a piece of an underlying reality. A Koopa Troopa isn't just a Koopa Troopa because a glass of water isn't just a glass of water.

Or maybe I just want to work Mitch Fowler and Edmund Husserl into one conversation.

Log in or register to write something here or to contact authors.