- Linux: "./snake.com: line 20: lzma: command not found". Installing the xz package makes it work (already had XWayland enabled so X11 worked, but may be needed if you have a strict Wayland session).
- Windows: As either .com or renaming to .exe I get "The application was unable to start correctly (0xc0000005). Click OK to close the application." Not sure how to make this one work, it's definitely not AV related though (I have that stripped in this sandbox VM).
Edit: Got it working in all 3 now. On Windows I still had DEP enabled on all programs to test some apps earlier, turning that back off allowed it to launch.
On a related note -- when I see the minuscule filesize of the original Zelda game on emulators, I marvel at how little text/code/information could produce how much wonder, how far-reaching impact, and how many hours of enchantment for me.
What I think is really great about The Legend of Zelda is that Breath of the Wild is very clearly a more fully realized version of the same core vision that guided the design of the original game thirty years earlier.
I think you can use something similar to get the entire page contents as a blob, but I never tested with binary data in actual browsers. Perhaps even patch it to avoid the initial windows error.
I love the idea of applications which exist in one file which you can run anywhere. I've been working towards this with my serverless platform; you can build complex data-driven apps with just one .html file and mostly declarative HTML markup (thanks to web-components which are loaded from a remote server). With modern browser features, you don't need a bundling system. Once you do away with it; a whole universe is opened up.
The ability to load .html files over the file:// protocol is a powerful, often neglected feature. In practice, it means you can double-click an HTML file and it runs an app in your browser instantly.
Semi-related: Windows EXE files are runnable in DOS (at least when DOS was a thing, so for Windows 3.1x or 9x), but most of the time the DOS part just prints "This program requires Microsoft Windows." and exits. An exception is regedit.exe, that one can use to import registry values even in DOS. (Huh, although, how does it do that without using Windows API?)
I extracted the linux executable and was surprised to find that both readelf and objdump choke on it despite it loading and running correctly. Some investigation reveals that the name of the dynamic linker was shoved into the "unused" fields in the PT_DYNAMIC header entry to save space:
Program Headers:
Type Offset VirtAddr PhysAddr
FileSiz MemSiz Flags Align
INTERP 0x0000000000000088 0x0000000000010088 0x0000000000010088
0x000000000000001c 0x000000000000001c 0x0
[Requesting program interpreter: /lib64/ld-linux-x86-64.so.2]
DYNAMIC 0x00000000000000e0 0x00000000000100e0 0x6c2f343662696c2f <-- "/lib64/ld-linux-x86-64.so.2"
0x2d78756e696c2d64 0x732e34362d363878 0x322e6f
readelf: Error: the dynamic segment offset + size exceeds the size of the file
LOAD 0x0000000000000000 0x0000000000010000 0x0000000000000000
0x0000000000001dc0 0x0000000000005660 RWE 0x1000
Two questions:
1. Was this done manually or is there a tool you're using which does this? I see other size-reduction tricks in here as well.
2. Does anybody know of a tool for examining executables which doesn't crap out on binaries like this?
In short: Compilers don't help l, but with a good macro assembler it is quite convenient. Maybe the author used custom tooling but the assembler route is the easiest if you only need this once or a couple of times.
To the second question, reverse engineering software like IDA Pro or Binary Ninja are not only made for strange and broken binaries but often used for binaries with deliberate anti-reversing measures. They are as good as it gets when it comes to not choking on unusual binaries.
i wonder if such a mechanism could be "enhanced" to produce a true "universal" binary, using a source-to-source compiled language like Haxe?
With Haxe, you can write the application once, target both win32 and linux by compiling to C++ (which then you compile using the platform specific tooling for each paltform), and then target html by compiling to javascript. Then use the same concatenation mechanism and header abuse as described in the article to have all three targets merged into one file that can then be run on all platforms!
What entertains me most is that the thing contains three independent implementations of a graphics-based game, strung together, wrapped into a crafty multiplatform loader... and it all still takes 13 kiB.
The fun part is that it's actually 3 executables in a single file. Meaning there is no particular reason it should have the same program on each platform.
> The HTML version is also packed and abuses the fact that browsers will happily process all the benign garbage at the start of the file before reaching the actual HTML content.
Long live RCE.
The thing looks interesting. Very close to a virus. Can it be used to make and spread a virus ?
30 comments
[ 3.7 ms ] story [ 61.3 ms ] thread- Browser: works after renaming to .html
- Linux: "./snake.com: line 20: lzma: command not found". Installing the xz package makes it work (already had XWayland enabled so X11 worked, but may be needed if you have a strict Wayland session).
- Windows: As either .com or renaming to .exe I get "The application was unable to start correctly (0xc0000005). Click OK to close the application." Not sure how to make this one work, it's definitely not AV related though (I have that stripped in this sandbox VM).
Edit: Got it working in all 3 now. On Windows I still had DEP enabled on all programs to test some apps earlier, turning that back off allowed it to launch.
https://web.archive.org/web/20100304155706/http://www.thepro...
https://en.wikipedia.org/wiki/The_Legend_of_Zelda_(video_gam...
You could distribute it as `.html` only, and use JS to offer a local download link to itself in the correct extension. A polyglot installer, of sorts.
For example, this gist is an HTML that, when opened, offers a download zip of its DOM in whatever state it currently is:
https://gist.github.com/alganet/c904acb57282402fc0bd724f1eeb...
I think you can use something similar to get the entire page contents as a blob, but I never tested with binary data in actual browsers. Perhaps even patch it to avoid the initial windows error.
The ability to load .html files over the file:// protocol is a powerful, often neglected feature. In practice, it means you can double-click an HTML file and it runs an app in your browser instantly.
1. Was this done manually or is there a tool you're using which does this? I see other size-reduction tricks in here as well.
2. Does anybody know of a tool for examining executables which doesn't crap out on binaries like this?
"A Whirlwind Tutorial on Creating Really Teensy ELF Executables for Linux"
tutorial has some good answers for you.
https://www.muppetlabs.com/~breadbox/software/tiny/teensy.ht...
In short: Compilers don't help l, but with a good macro assembler it is quite convenient. Maybe the author used custom tooling but the assembler route is the easiest if you only need this once or a couple of times.
To the second question, reverse engineering software like IDA Pro or Binary Ninja are not only made for strange and broken binaries but often used for binaries with deliberate anti-reversing measures. They are as good as it gets when it comes to not choking on unusual binaries.
EDIT: Forgot to mention Ghidra.
Content-Type: text/html
Forma instance, a static compiled and linked "hello world" in C on Linux is around ~785KB
With Haxe, you can write the application once, target both win32 and linux by compiling to C++ (which then you compile using the platform specific tooling for each paltform), and then target html by compiling to javascript. Then use the same concatenation mechanism and header abuse as described in the article to have all three targets merged into one file that can then be run on all platforms!
Long live RCE. The thing looks interesting. Very close to a virus. Can it be used to make and spread a virus ?