[TAS] Real Life "arbitrary code execution" in 1:05.133
53Discord: https://discord.gg/UxEZMja
This is a tool-assisted speedrun of the critically acclaimed video game called "Real Life". The goal of this run is to execute arbitrary code as fast as possible without the use of external hardware modifications or devices.
0:00-0:18 Heap Manipulation
We boil precisely 2 cups of water at 78% heat. Once the water begins boiling in the pot we transfer the water to a pan. We don't boil in the pan initially because we need to manipulate the memory address 0x8104de42 which is a pointer to the 'boil water in pot' function. By boiling the water in the pan, we end up changing where address 0x8104de42 points to. Now it points to the draw function of the pan which draws the textures you see on the pan.
0:19-0:37 Code Injection
Since you can't manipulate your file name in Real Life, we have we need to work a little harder than most games to inject our code. Luckily, we have a microwave and a Gamecube controller handy. Our goal here is to write the memory address we want 0x8104de42 to point to. We enter 69:69 into the microwave to be interpreted as the last 2 bytes of the address and stop it at 04:20 to be interpreted as the first 2 bytes. Entering the Konami Code allows us to change where the pointer at 0x8104de42 points to. With this step complete, we have 0x8104de42 pointing to address 0x04206969.
0:37-0:45 Enabling the Debugger
Under normal circumstances, the game doesn't access address 0x04206969. Located at this address is an instruction to run the crash debugger. However, even if we were to access it in this state and crashed the game, we wouldn't see the debugger. Running the dishwasher with a 4-hour delay, a feature the developers thought no one in their right mind would use, actually sets the 'debugger access flag' to TRUE.
0:46-0:48 Crash to Debugger
It's well-known that if you enter a room with the toilet seat up and exit, a new water texture is created every time with the previous one remaining. This is known as a memory leak. Flushing the toilet triggers the draw function for all 5000 water textures and crashes the game. By holding up and pressing 'Y' every other frame in the bathroom, we change where the 'flush the toilet' function points to. We point it to address 0x8104de42 instead which points to address 0x04206969 which can run the crash debugger.
0:49-1:04 Debugger
Once we're at the debugger, we don't want to view the crash report. The developers were cheeky and hid an Easter egg within the game at the 'Was life wearing a seatbelt at least?' option which is what I showcase in this run.
1:05-1:21 ????
Other Videos By mariomasters1
| 2020-10-23 | MELEE BABY |
| 2020-09-22 | Super Smash Brothers Melee for the Nintendo GameCu🅱️e |
| 2020-07-26 | MELEE WITH ROLLBAAAAAAAAACK |
| 2020-07-04 | [TAS] Real Life "arbitrary code execution" in 1:05.133 |
| 2020-05-21 | Tranquility |
| 2020-05-10 | Onward! |
| 2020-04-14 | the best pokemon game NOT made by gamefreak |
| 2020-04-06 | Peter Perkins |
| 2020-04-03 | Reading Sonic High School |
| 2020-03-28 | I Wrote a Mean Letter in Animal Crossing and This Happened... |
| 2020-03-27 | ANIMAL CROSSING WITH FACECAM?!??111 |
| 2020-03-22 | LAST IMPACT |
| 2020-03-17 | more gaming with Super Mario 64 Last Impact |
| 2020-03-14 | gaming with Super Mario 64 Last Impact |
| 2020-03-14 | gaming with Super Mario 64 Last Impact |
| 2020-03-12 | An Immovable Object meets a Stoppable Force |
| 2020-03-10 | the deadly mission |
| 2020-02-07 | poking people with my sword - Melee Friendlies |
| 2020-02-01 | Persistence |
| 2020-01-30 | poking people with my sword - Melee Friendlies |
| 2020-01-28 | Tuesday Night Melee |
Other Statistics
Mario Bros. Statistics For mariomasters1
Currently, mariomasters1 has 2,091 views for Mario Bros. across 4 videos. Less than an hour worth of Mario Bros. videos were uploaded to his channel, making up less than 0.14% of the total overall content on mariomasters1's YouTube channel.