Why do people not just update? - Some versions after 1.6 came bundled with adware/malware and have a 30 second nag screen asking you to donate before you can play games. (But nowadays the ad/malware is gone, so if you don't mind the nagscreen, go for it) What emulator should I use now? - Parallel Launcher is a good option and take 2 minutes to set up. Here is a guide; th-cam.com/video/CTNhulgpH6Y/w-d-xo.html I'm using Version ... of this emulator, am I safe? - If it is newer than 1.7, you are safe. I want to emphasize that exploits like this can happen in any emulator and have been found in others as well. This wouldnt be an issue if they were patched and people updated, but for a ~20 year old emulator thats still used, this is not realistic.
I used the older version of Project64 because Ocarina of Time mods crashed on the newer version. I think that's why many people prefer the older version.
Except they don't? I use Project64 2.3 and so long as you don't have an attention span of a TikTok child you can just opt out of the adware in the installation menu. You will be left with the nagging, but it's easily disabled in the configuration files. I never had any issues with Project64.
Dear foreigners, "Project 64," despite being pronounced as if spelt "Project sixty-four," is not supposed to be spelt with "S." Therefore, Project 64 is not secure.
@@notalostnumber8660 this exploit has no effect at all on real hardware.. and most likely no effect on any other emulators. So basically automatically detects PJ64 bc it will only work on there.
I have been learning GBA homebrew and sent a demo to a friend; she said she didn't trust the file, to which I said "nah mate, that's not a problem unless someone figured out a way to install a virus through an emulator" This conversation was two weeks ago
@@gluttonousmaximus9048 my mate is kinda paranoid about those things (good reason too, people on discord get hacked all the time, so if my account had been compromised that could be a way in)
A similar vulnerability exists in an old GBA emulator called VBA. I don't know the technical details, but basically the emulator could execute ELF files, but there is an unchecked strcpy() in the ELF header parser which leads to RCE. Programmers, please, check buffer write bounds, or at the very least compile with -fstack-protector. Edit: The ELF file is supposed to run on the emulated GBA like a ROM, not on the host computer like another program.
@@kodicraft The ELF files are supposed to be executed as GBA binaries within the emulator sandbox, not host binaries running outside the emulator. Should have clarified.
I'm a bit confused. It's been awhile since I dabbled with emulators, and VBA used to be the chosen one akin to P64. So... did someone figure out the Dolphin compatibility for the GBA Link up functions for the systems? I thought that was the main reason people kept using it.
Kaze confirmed that there's a team of people working on a version 1.6.2 to fix the vulnerability, so you'll be still getting to play PJ64 1.6 without this issue if released
@@medhathobo That's already done, it's called Luna's Project 64 and it's the cross-platform Win-Linux fork. It's forked from 2.4 and it removed the nagware and has a bundle of pre-config'd plugins
Unrelated, but LUA scripts used to mod/compatibility patch ROMs are essentially EXE files and can do anything. People are very willing to download and run random ones
@@v0xl yes, but it still opens a window for vulnerability, if the sandbox implementation is flawed. A high profile sandboxing flaw are what led both PS4 and PS5 to be jailbroken from a web exploit, for instance.
@@v0xl Lua in emulators have kept the ability to load compiled C libraries as a useful tool for script creators. Most popular C library is probably LuaSocket which works great in emulators that didn't already include a socket library.
People are still talking about those? One of the dumbest "recent" trends. Creepypasta are classics but if you try to do it nowadays its just laughable.
@@SilentOnion Most of the mario 64 creepypasta hacks have died out The only reason why B3313 is actually like popular, is because of how massive the romhack actually is It's like 420 worlds btw, and it does great montage to the Greenio ARG series, while doing the most insane things
I guess that obnoxious support us screen that precedes using Project 64, and that sent me over to Mupen64 and Parallel for RA, turned out to be a blessing in disguise.
Ended up doing much the same, though the move was less for that reason and just, well, Retroarch. “Wait, so this is a ton of emulators wrapped into one? Sign me up!” Of course, the problem there is that it’s harder to adjust settings for individual emulators in Retroarch. Bit me in the @$$ recently when DSemue decided that pressing B on Deck/A on DS force quits the emulation.
Mupen64 is the way! As soon as Project64 started looking sus, I switched over and never looked back. No Retroarch for me though - I like the concept, but in practice it just gives me a headache. I run Rosalie's Mupen GUI, it does a nice impression of PJ64.
@@lpfan4491 Learned something along those lines when my Zelda Randomizer journey got to Wind Waker. WW Rando just about worked on Retroarch, but photos with the Picto Box wouldn’t show up (though they’d still count for triggers) and it was prone to crashing. And I think it was JUST Wind Waker I could get running. Ultimately I just got Dolphin standalone, and the big emulator bunch I got for Steam Deck has Dolphin separate too.
same thing happened to the SNES emulator ZSNES back in the day. luckily most romhackers had already switched to a more accurate emulator by then but ZSNES was still the mainstream emulator people used when they didnt know better
Isn't ZSnes still the major emulator for experimental romhacking-enhancements like widescreen? I don't remember because I admit, I always only used Snes9X.
Me: I wonder what kind of arcane combination of obscure glitches they used to break out of the virtual machine Kaze: So yea the emulator doesn't validate the store instruction correctly 🤦♀
It's a pretty basic issue I'm seriously questioning how hasn't been brought up until now. Certainly he can't be the first to realize this exploit. Chances are most rom hackers of back then would stay quiet on this...
@@nicklespale22 It's probably been brought up repeatedly every few years, these things usually are when they date back that far in the history of less-than-entirely-accepted programming. Trying to find out who's personally responsible for oversights like this is next to impossible and almost as impossible as finding out who first discovered the vulnerability, described it in an online post somewhere and was ignored by everyone else. It sure wasn't me.
I still don't understand why the speedrun community only allow PJ64 1.6 and some Mupen fork with the same timing as PJ64 1.6 instead of an accurate emulator. I just get the impression that they're afraid of change.
@@Spax_well that and newer emulators have much higher system requirements than pj64 and I assume the speedrunning communities for most n64 games want to make it as accessible as possible, but at the same time project 64 isnt particularly accurate which is why emulator and real console always have to be separate categories for n64 speedruns so maybe n64 speedrunners should just tell people to git gud and "just buy a better pc", idk
Really sad news to hear regarding PJ64. I used it like a decade and a half ago already to play my N64 games and loved how easy it was to setup compared to others.
I saw that in one of the Romhacks for Simple's comp had like a shared database for images that it could pull from so Simple drawing in one hack could be used in another, and as soon as I saw that I was like "DAMN THATS SO SICK" and "oh that's DEFINETLY a vulnerability"
I think it's always good to remind everyone using Linux that Wine and Proton (Steam) aren't emulators and also aren't sandboxing your system. There's been demonstrated attacks how malicious code can escape and gain root access to host system.
Yep, they're compatibility layers to allow windows programs to run as if they're linux ones, and as such, you should only run programs you trust in them
Heck, even Windows malware can oftentimes do their job under Wine. By default, Wine mirrors your user folders inside the simulated Windows filesystem, so ransomware has no trouble finding your data and encrypting it. Stay safe out there, folks. It's a lot more inconvenient, but simply installing the flatpak version of Wine under a different user and switching to it to run Windows software, while inconvenient and tough to set up, will do a great job to keep your OS safe.
Yes, and while they absolutely shouldn't be seen as any kind of security tool, it can take additional work from a malware developer for non-trivial things. You have to check if the system is actual Windows or Wine, then write Linux-specific functionality to actually damage the host system (enable auto-starting, infecting system files, etc). I find it unlikely someone would go through that extra effort unless they had reason to believe it would be very easy to deliver to Linux users.
Joke’s on that, I couldn’t figure out how to make Wine work in the first place. And frankly I’ve gotten so used to sticking to Linux for the Deck that I don’t care about learning anymore.
How did nobody notice this vulnerability for so long?! It's a textbook bounds-checking bug, and nobody even thought that it might be in an emulator until now? Shit, now we need to look at all the other emulators for _other_ consoles, to make sure such a problem doesn't _also_ exist in _them_!
@@KazeN64 can you share that information? Where did you first read about this issue with pj64? I am curious as to which forums can people read to be properly informed.
First updated versions of PJ64 comes bundled with malware and now the "safe" versions of the emulator can install malware if you use the wrong roms. Glad I dropped PJ64 years ago.
It almost feels like the Project64 developers have completely lost any sort of passion for making the emulator & now see it as nothing more than a paycheck.
I use the project 64 version recommended by B3313 in one of their video descriptions, which seems like a modified version of the emulator, I think it's lunar's or smth? Is that one safe?
@@mariotheundying Luna's Project 64 is a good one. From the dev's site on what's different from normal PJ64 "This is a build of Project64 3.0.1 that I made to have a Linux compatible alternative to 2.4 (Yes, it works on Windows too). It removes the nagware and adds all of the good plugins for SM64 romhacks with good settings. Read the info below, then download it by clicking the icon on the left." Kaze says the vulnerability isn't present in PJ64 versions past 1.7, so this is safe (it's using a fork from PJ64 2.4 that's intended to work on both Linux and Windows and it's currently on version 3.0.1)
I just downloaded a rom a few hours ago and thought "at least no one is messing with roms, like putting viruses in them or something". I guess I jinxed it.
At this point I just assume hackers can use pretty much any file type to execute an attack. You know it's bad when you've gotten paranoid about downloading image files, like me, because maybe some hacker found some ultra obscure vulnerability in the photos app or smth.
@@MultiCool55 And you wouldn't even be far off. At one point, people were hacking people's computers through Team Fortress 2 sprays and Minecraft skins by hiding code in the image files. More recently, a libpng vulnerability was discovered that affected everything that has ever used libpng, including most browsers, apps, and Discord. Sooner or later they'll probably be able to poison you by hacking the Apple Water Bottle™️ and injecting poison.bin into your liquid.
yep - imagine a Mario 64 ROM that acts like it's haunted by screwing with your computer as you play it could kill explorer or minimize all other applications, although you'd have to be careful because there's a point where the game straight-up becomes a virus if you go too far with this concept :P
This is so sad to see, pj64 1.6 has served me well for a long time, and the newer versions have long been known to be major downgrades. Ah well, sadly bugs like this are inevitable sooner or later, glad Aglab caught it before any nefarious people did!
Really, downgrades is never a great reason not to update an emulator because the improvements are going to outshine it over time. Especially considering it's still open source and you can potentially get someone who knows code to restore cut features.
This is a bit of a strange take. You can still use 1.6 if you want to, just don't run untested/untrustworthy ROM's on it, keep it to strictly only ROM's you've checked the SHA-256 on. It's not like you can't have multiple emulators installed if you really want to try the latest and greatest random modded ROM from user25832.
After that donate screen appeared for the first time for me I just gave up and used another emulator, I agreed those guys deserved to receive donations but forcing you to wait 30 seconds to use the software was just an asshole move. I guess this security risk was just the final nail on the coffin. R.I.P Project 64 - You won't be missed.
@@Crazy_Gamer_OGThat is objectively untrue. In fact it's made worse that the intro sequences happen only after the 30 second waiting period. Don't stick to PJ64. It's actually awful at emulating the N64 accurately and is the bane of most decomp romhackers for its many issues with displaying materials wrong. Pleasure just use Parallel Launcher, you have so many more options and plugins for emulating N64 games.
@@Crazy_Gamer_OGagreed. I haven't used PJ64 as much recently, but I accepted it's just part of using it. Besides, they put in a lot of work to get games working at all. It's a small price to pay for being able to use it. Besides, I would support emulator devs if I could, I just don't have money to.
In fact you don't need to wait 30s, when you launch the emulator at the beginning you just have to right click on PJ64 in the taskbar and then click on Project 64, the emulator will restart without displaying the donation screen!
Used PJ64 since forever. It was my very first emulator. Ever since updating to the newer versions, I would always get a nag screen bypass and they would usually work, but last time I tried, it didn't. So I said goodbye old friend and moved to mupen. Honestly just a better experience overall. I'm definitely gonna try out this parallel launcher, I'd never heard of it before now, sounds sweet.
Insane timing, I recently got back into my childhood games and decided that I'd take a look at Majora's Mask since I always love OoT and always wanted to see what Majora's Mask is like. I was cautiously looking for the best most reliable N64 Emulator and saw that the public opinion was a mix of "Project64 is the best/standard" and "Project64 is one of the worse N64 emulators", so I held back from making a choice for the time being and wowie was my patience rewarded with crucial knowledge.
MM has SO MANY GRAPHICS BUGS in emulation. Currently funnily enough the best way to go emulate it is to get citra and play the 3DS version. I'm not messing with you, the 3DS version has less issues than the N64 version emulation wise. (if you have a Gamecube IRL that can play disc ISOs, get the Zelda Collector's Edition disc that came with Wind Waker, it has the least broken version of MM that's emulated).
@@neoqwertyThe 3DS version is NOT the best version, unless you're also using a mod in Citra that fixes a few things. Sure it looks great, but a lot of stuff they did is really bizzare (especially the swimming)
@@neoqwerty this hasn't been true for a very long time, you can just use parallel launcher OR ares if you have a decent pc, the latter being the most accurate n64 (and snes!) emulator out right now. if you want qol features then you can use majora's mask redux, which is a much better qol improvement than even the 3ds version
@@neoqwerty dolphin works too as an emulator for the GC Collectors Edition version which is what I do, can do graphical enhancements like upscaling and texture replacements and all that jazz, though the decompile project for MM is 93% done (OOT is already 100%, and has been ported to run on PC natively by someone else, moddable and running at 60fps) so I'll be swapping to that once it's finished. only downside with the dolphin version is the FPS - since the game's physics are tied to the framerate, it needs to be modified on the code level for it to not break so I'd advise against the 30/60FPS hacks. the PC porters should fix that like they did with OOT
Parallel Launcher is a godsend if you're not on a Windows machine. I'm glad you and Vinny mentioned it. I really recomended it for how easy it is to install mods and for the graphics plugins Kaze mentioned.
I was blown away when I was watching a video on the history of SM64 hacks and got a look at what Parallel could really do. I have it through Retroarch…and mainly play on the Steam Deck. So that potential is shackled twice over with how I have access to it. I could get it separately on my laptop, but that’s Windows. Not sure what the problem would be, but doesn’t sound like you recommend it.
@ami7810 the steamdeck is just running a modified version of Arch Linux isn't it? should be able to access the AUR to install it if that's the case (but arch being arch something might break if you're not paying attention lol). and there's no problem with the windows version, it's just one of the only cross-platform ones whereas others are windows ONLY (linux wasn't as big 20 years ago except for server stuff so was never developed for it). robomike said Vinny mentioned it, and he's a windows user, so yeah edit: just did a quick sanity check and apparently the steamdeck has flatpak compatibility built in, so you could just grab parallels off the flathub (or the Discovery app in case of steamdeck) and go that route since it has no chance of breaking (flatpaks are containerised, nothing on your system gets installed/modified, so they don't risk breaking your system)
I know this going to sound crazy but I remember a long but long time ago when I was playing Mario Kart 64 the emulator suddenly crashed with a error message saying "WTF" and after that I swear Mario Kart 64 never worked again.
Very good video. Used PJ64 for a long time and have always been too casual with downloading tons of ROMs online. Thanks for putting this out there. That nag screen is super weird so I’ll probably download GlideN. That Anti-piracy screen was amazing btw lmao
I'm glad I stumbled upon this video, as it's been a while since I've considering even using Project 64, and hadn't already uninstalled it from my computer. From now on, I'll be using N64 emulators through Retroarch, and maybe RMG on the Steam Deck assuming it's any decent, since I haven't tested it much as of yet.
I was told like 8 years ago that PJ64 was scummy and needs to be avoided at all costs. I didn't realize so many people were still using it after the near-decade of drama about how horrible and unsafe it is.
There are certain safe versions of it I've used in the past (I believe they were community forks) but yeah PJ64 is the anti-Dolphin. Where Dolphin is almost better than the original hardware and flawlessly integrates multiple play styles, PJ64 is pretty stone age still to this day
PJ64 it's the face of the sad state of N64 emulation. So many people using this crap simply because there aren't many good alternatives. It's awful to have to rely on outdated plugins to run N64 instead of running everything natively. The same thing was happening with the PSX emulation, where ePSXe was the standard but it was terrible, an emulator worse than PJ64. If you didn't want to mess around with plugins, you either had to use the even older PSFin, completely outdated with no usuable configurations; or Mednafen which doesn't even have a GUI, making it a huge pain in the ass to use. Then Duckstation came along and improved everything, no need for plugins, command lines or outdated code, works out of the box and with a great optimization. I just wish we have a good N64 emulator just like Dolphin or Duckstation.
I somewhat predicted this would happen. When rom hacks are getting your system information and detecting what your romhacking account is, I wondered how long it would be until people make viruses.
This played just like one of Mutahar's scare videos: sounds like something scary because it is vaguely relevant to me, until I hear the details and learn it has nothing to do with me lol I currently have PJ64 2.6, honestly a holdover saved from a previous machine, and the installer had no prompts for any extra wares, and the nag screen was negated by typing in a phrase (so no config file modifying or anything). I can imagine switching to another emulator at some point, but considering my needs at the moment, it doesn't seem necessary.
I feel like this can make creepypasta rom hacks scarier as long as it doesn't contain any malware or any bad code since coders and game devs can do wacky things with this, so it's both good and bad at the same time if you look at it this way, bad due to security reasons, but good in the creepypasta sense for more scares
What the fuck was the point of making this vulnerability public just like that? I doubt anyone knew about it before this, now that people actually know how this all works thanks to this info, people WILL start posting these virus roms NOW.
It's **never** a better idea to ignore serious sercurity issues. In **some** cases, it's considered polite to notify the company who makes the product first and give them some time to fix it. But since the bug has appareantly already been fixed in newer versions, ignoring it just means people don't know the risks they're unintentionally subjecting themselves to.
Dispite the obvious security problems with this I can't help but see this being useful for a awesome horror rom hack that takes advantage of your pc and does stuff like changing your wallpaper and sending you messages through websites.
a few weeks ago i was thinking exactly about "i should look into seeing if any emulators have major bugs, because theyre just VMs" and here this video is. I might go see if i can find any other bugs myself
Hello Kaze, I really I appreciate you putting out this video, but I just have one question. I don’t know if you’ve heard the Mario Party Netplay emulator, but it’s just a modified version of project 64 that comes with everything needed to play Mario Party 1-3 with netplay. As such, those are the only games running on the emulator. Is it safe to continue using this modified version of Project 64. If it will help, I would like to add that I got the roms from Vimm’s lair.
if there is a checksum verification, it should be fine (since that'd mean noone could have edited the official rom). but if it says unknown checksum, it is not 100% safe. though i dont think anyone would have put the exploit into a rom this fast.
PJ64 1.6 always fills me with so much nostalgia, so I'm very sad to find out it's not safe to use anymore. But, I'm glad we're at the point that the emulator is no longer needed anyways, because communities around the N64 and SM64 are constantly changing and improving. There's so much more resources and tools than there were before since PJ64 1.6's inception. For making SM64 machinima, 1.6 can still be used, but there's already a fork of Project64 specifically for that purpose. Like always, thank you for making this video and spreading awareness about this!
I need to give a shoutout to the ares emulator which is the go-to for homebrew developers (not ROM hacks) on the N64. Thanks to the work of developers like Rasky, LuigiBlood, Luke Usher, and others, ares' N64 core boasts the highest accuracy of any current N64 emulator including very accurate DMA timings, FPU exceptions, cache coherency, basically perfect RSP timings, and others; more than I can name. Of course, with high accuracy also come higher requirements so it's not the best for people who just want to play something but I can't recommend it enough for developers, testers, and enthusiasts.
I remember using Pj64 in the early 2010s. I made a lot of content that it’s still live to this day on my channel and helped me to revive those nostalgic times by allowing me to play classic games. It had a great run, and it will be missed, but it’s time to move on.
What surprises me is how long it took for someone to find this. I thought I found a similar bug in Dolphin, but they were clever and set up the memory map specifically to make this kind of thing impossible. (I can write to arbitrary addresses within a given range, but nothing important is put there, so all it can do is cause a non-exploitable crash.)
Honestly, the guy is a total chad for showcasing the vulnerability with something silly instead of exploiting it for malicious intent. Reminds me of the ol' gmod cough virus that popped up deliberately to make that massive problem as visible as possible to garry.
With the amount of N64 emulators we have today, there's no damn good excuse for anyone to use PJ64 1.6 Take 5 minutes of your time and setup Mupen or Parallel
@@based980 Does that care? Why people play NFS MW on PS2 when its on PC? Why people play Big Rigs if we all know is a piece of trash? Why people use emulators when they have the original hardware? Sometimes there is not a clear answer. The only thing that matters is the actual solution.
@@sebastianaliandkulcheWhich is absolutely worth pursuing, but I think the point being made is that *most* people who use PJ64 would be better off on a different emulator. There will be a few people who have very specific use-cases as always with existing software. Hell, some people still use MS DOS
Thought this was a known thing for a few years that it was vulnerable to exploits, or maybe it was something else like someone in the comments mentioned VBA had a similar exploit. I was just wondering which N64 emulator I should install or if I should just hope 1.6 can run ok in Wine now (had issues in 2014) since I'm planning to move back to Linux, but I guess that's answered with Parallel Launcher.
So which emulator should I use for Pokemon Stadium 1 & 2 and be able to use my pokemon GB/GBC games? PJ64 1.6 has a plug in that supports the transfer pak, which alternates can I use to still get this feature to work?
@KazeN64 am i safe if i use retro-arch? i know there exists other emulators such as pj64 and mupen. btw i like what you do in your videos about the sm64 fps optimisation and so. do you have thought about giving a Talk or a lecture about your work so far?
I'm using the version that has the 30-second ad at the moment. I was only using it for Banjo-Kazooie rom-hacks and they don't lag at moments unlike Project64 1.6, but now it looks like that is my main emulator to use at least until I find a better option.
An efficient way to handle this without checks is just have two tables, one for reading and one for writing. Unmapped write entries go to a dummy page in memory that's never read. Unmapped read entries go to another dummy page that's filled with whatever open-bus value gets read.
That's what I did in my ancient emulator years ago. The lookup tables got huge but ram was getting plentiful in the early 2000s. I am guessing zil didn't want the increased ram requirements
@@CDJAM-webm Not that I know of. But I'm curious to see what crazy stuff it could do if it did, and now extended it's madness to execute any kind of code using the PJ64 emulator bug, lol. As long as there's nothing permanently harmful, I'd love to see it USE this bug and do some crazy stuff with it.
If/when Joel does another Windows Destruction stream, this exploit should absolutely be a part of it somehow. It'd be a great way to get the word out to people about the insecurity of Project 64, and it''d also be funny as hell.
Why do people not just update?
- Some versions after 1.6 came bundled with adware/malware and have a 30 second nag screen asking you to donate before you can play games. (But nowadays the ad/malware is gone, so if you don't mind the nagscreen, go for it)
What emulator should I use now?
- Parallel Launcher is a good option and take 2 minutes to set up. Here is a guide; th-cam.com/video/CTNhulgpH6Y/w-d-xo.html
I'm using Version ... of this emulator, am I safe?
- If it is newer than 1.7, you are safe.
I want to emphasize that exploits like this can happen in any emulator and have been found in others as well. This wouldnt be an issue if they were patched and people updated, but for a ~20 year old emulator thats still used, this is not realistic.
wait... new versions have malware?
@4 i've been using new version of pj64 for 8 months 😭😭
I used the older version of Project64 because Ocarina of Time mods crashed on the newer version. I think that's why many people prefer the older version.
Except they don't?
I use Project64 2.3 and so long as you don't have an attention span of a TikTok child you can just opt out of the adware in the installation menu. You will be left with the nagging, but it's easily disabled in the configuration files. I never had any issues with Project64.
Been also using the latest version of Project64. How do I know if my installer is clean or compromised?
Rick Astley never could have predicted his role in the exploitation of countless vulnerabilities in computing systems.
Yeah 😂
I guess he really did give us up 💀
@@DarkSackOfficialI don't blame him
@@WyvernLP Better than Ohio skibidi toilet among us palestine amazing digital circus
Funniest thing is, he probably already played a role in XSS vulnerability or another RCE vuln
The S in Project64 stands for Secure
Dear foreigners,
"Project 64," despite being pronounced as if spelt "Project sixty-four," is not supposed to be spelt with "S." Therefore, Project 64 is not secure.
my guy 👍
to be fair, they fixed that bug over a decade ago before this exploit was discovered.
Project Secureixty-Four?
@@alexc4924 🌮
That anti-piracy screen at the end is genuinely amazing
who was it made by or did Kaze make it?
I wonder if you can detect PJ64 so it doesn't crash real hardware/other emulators
@@notalostnumber8660It's def possible using a silent and timed payload.
@@Kat-01 Devwizard made it
@@notalostnumber8660 this exploit has no effect at all on real hardware.. and most likely no effect on any other emulators.
So basically automatically detects PJ64 bc it will only work on there.
I have been learning GBA homebrew and sent a demo to a friend; she said she didn't trust the file, to which I said "nah mate, that's not a problem unless someone figured out a way to install a virus through an emulator"
This conversation was two weeks ago
If she didn't trust the file YOU made and sent, there's something else you need to be concerned about.
@@gluttonousmaximus9048 some people are just really scared of running stuff on their pc lmao
@@gluttonousmaximus9048 my mate is kinda paranoid about those things (good reason too, people on discord get hacked all the time, so if my account had been compromised that could be a way in)
If you sent it to her by Discord, then she did the right thing.
@@muizzsiddique aye, she's a smart cookie - that's what I like about her
The next simple flip troll hack competition is going to be wild
Anything can happen in a roll hack after all
A similar vulnerability exists in an old GBA emulator called VBA. I don't know the technical details, but basically the emulator could execute ELF files, but there is an unchecked strcpy() in the ELF header parser which leads to RCE. Programmers, please, check buffer write bounds, or at the very least compile with -fstack-protector.
Edit: The ELF file is supposed to run on the emulated GBA like a ROM, not on the host computer like another program.
I feel like there's an easier way to get RCE with a crafted ELF and a program willing to execute ELF files...
@@kodicraft The ELF files are supposed to be executed as GBA binaries within the emulator sandbox, not host binaries running outside the emulator. Should have clarified.
damn, when i play mmz2 i get the elf wars irl
There is a reason (actually more than one) why it’s called Very Bad Amulator
I'm a bit confused. It's been awhile since I dabbled with emulators, and VBA used to be the chosen one akin to P64. So... did someone figure out the Dolphin compatibility for the GBA Link up functions for the systems? I thought that was the main reason people kept using it.
Kaze confirmed that there's a team of people working on a version 1.6.2 to fix the vulnerability, so you'll be still getting to play PJ64 1.6 without this issue if released
When/if that happens, I'll need to get it.
Figured someone would just make a version that works best. Though, I thought someone would just remove the nag screen on a newer version.
@@medhathobo That's already done, it's called Luna's Project 64 and it's the cross-platform Win-Linux fork. It's forked from 2.4 and it removed the nagware and has a bundle of pre-config'd plugins
Huge
wouldn't it be a good idea to pin this comment? @KazeN64
Unrelated, but LUA scripts used to mod/compatibility patch ROMs are essentially EXE files and can do anything. People are very willing to download and run random ones
isn't it sandboxed by default in most emulators? lua was designed for this after all
@@v0xl yes, but it still opens a window for vulnerability, if the sandbox implementation is flawed. A high profile sandboxing flaw are what led both PS4 and PS5 to be jailbroken from a web exploit, for instance.
At least you could read one before running it
@@kolskytraveller1369 I hope that means that it is like a batch file.
@@v0xl Lua in emulators have kept the ability to load compiled C libraries as a useful tool for script creators. Most popular C library is probably LuaSocket which works great in emulators that didn't already include a socket library.
Oh no, this creates such a scary potential for those "every mario 64 copy is personalised" mods.
B3313 with a crash that crashes your computer would go so hard 🔥
@@MarioKartSuperCircuitme using a virtual machine
People are still talking about those? One of the dumbest "recent" trends. Creepypasta are classics but if you try to do it nowadays its just laughable.
@@SilentOnion Most of the mario 64 creepypasta hacks have died out
The only reason why B3313 is actually like popular, is because of how massive the romhack actually is
It's like 420 worlds btw, and it does great montage to the Greenio ARG series, while doing the most insane things
God no, that stuff was unbearable slop as is.
I guess that obnoxious support us screen that precedes using Project 64, and that sent me over to Mupen64 and Parallel for RA, turned out to be a blessing in disguise.
Same xD
Ended up doing much the same, though the move was less for that reason and just, well, Retroarch. “Wait, so this is a ton of emulators wrapped into one? Sign me up!”
Of course, the problem there is that it’s harder to adjust settings for individual emulators in Retroarch. Bit me in the @$$ recently when DSemue decided that pressing B on Deck/A on DS force quits the emulation.
@@isenokami7810 Another issue with Retroarch is that the compilation is often less polished than just having each emulator individually.
Mupen64 is the way! As soon as Project64 started looking sus, I switched over and never looked back.
No Retroarch for me though - I like the concept, but in practice it just gives me a headache. I run Rosalie's Mupen GUI, it does a nice impression of PJ64.
@@lpfan4491 Learned something along those lines when my Zelda Randomizer journey got to Wind Waker. WW Rando just about worked on Retroarch, but photos with the Picto Box wouldn’t show up (though they’d still count for triggers) and it was prone to crashing. And I think it was JUST Wind Waker I could get running. Ultimately I just got Dolphin standalone, and the big emulator bunch I got for Steam Deck has Dolphin separate too.
the Waverace 64 rom that stole your Ruenscape gold
Wisdom from Mononobe no Futo
@@heyhackursFr
@@heyhackursFor real.
same thing happened to the SNES emulator ZSNES back in the day. luckily most romhackers had already switched to a more accurate emulator by then but ZSNES was still the mainstream emulator people used when they didnt know better
zsnes is still sort of the mainstream emulator sadly, probably because it has the best interface of all emulators
@@standoidontwantalastname6500 What about ZMZ? Do just not enough people know about it or is there something else?
The only good thing about ZSNES is that it's very nostalgic...
Other than that, oh God not ZSNES
Isn't ZSnes still the major emulator for experimental romhacking-enhancements like widescreen? I don't remember because I admit, I always only used Snes9X.
@@standoidontwantalastname6500Use ZMZ.
Me: I wonder what kind of arcane combination of obscure glitches they used to break out of the virtual machine
Kaze: So yea the emulator doesn't validate the store instruction correctly
🤦♀
It's a pretty basic issue I'm seriously questioning how hasn't been brought up until now. Certainly he can't be the first to realize this exploit. Chances are most rom hackers of back then would stay quiet on this...
@@nicklespale22 It's probably been brought up repeatedly every few years, these things usually are when they date back that far in the history of less-than-entirely-accepted programming. Trying to find out who's personally responsible for oversights like this is next to impossible and almost as impossible as finding out who first discovered the vulnerability, described it in an online post somewhere and was ignored by everyone else. It sure wasn't me.
I still don't understand why the speedrun community only allow PJ64 1.6 and some Mupen fork with the same timing as PJ64 1.6 instead of an accurate emulator. I just get the impression that they're afraid of change.
"if it ain't broke, don't fix it" is an all too common fallacy
to clarify, I meant in general. not the emulator specifically
@@Spax_well that and newer emulators have much higher system requirements than pj64 and I assume the speedrunning communities for most n64 games want to make it as accessible as possible, but at the same time project 64 isnt particularly accurate which is why emulator and real console always have to be separate categories for n64 speedruns so maybe n64 speedrunners should just tell people to git gud and "just buy a better pc", idk
@@Spax_ that's not a fallacy, its just out of place. this thing is really broken and needs to be fixed, so that argument never applied to begin with.
@@freedustin As broken as the Atari Jaguar CD amirite?
@@ExtremeWreck i just felt a part of my soul shatter the way it usually only does when I hear "the phillips CD-i controller".
Really sad news to hear regarding PJ64.
I used it like a decade and a half ago already to play my N64 games and loved how easy it was to setup compared to others.
I saw that in one of the Romhacks for Simple's comp had like a shared database for images that it could pull from so Simple drawing in one hack could be used in another, and as soon as I saw that I was like "DAMN THATS SO SICK" and "oh that's DEFINETLY a vulnerability"
Thats likely parallel launcher. It has a few things to integrate with rhdc
I think it's always good to remind everyone using Linux that Wine and Proton (Steam) aren't emulators and also aren't sandboxing your system. There's been demonstrated attacks how malicious code can escape and gain root access to host system.
Yep, they're compatibility layers to allow windows programs to run as if they're linux ones, and as such, you should only run programs you trust in them
Heck, even Windows malware can oftentimes do their job under Wine. By default, Wine mirrors your user folders inside the simulated Windows filesystem, so ransomware has no trouble finding your data and encrypting it.
Stay safe out there, folks. It's a lot more inconvenient, but simply installing the flatpak version of Wine under a different user and switching to it to run Windows software, while inconvenient and tough to set up, will do a great job to keep your OS safe.
I believe Steam runs games in a sandbox, but the point still stands.
Yes, and while they absolutely shouldn't be seen as any kind of security tool, it can take additional work from a malware developer for non-trivial things.
You have to check if the system is actual Windows or Wine, then write Linux-specific functionality to actually damage the host system (enable auto-starting, infecting system files, etc). I find it unlikely someone would go through that extra effort unless they had reason to believe it would be very easy to deliver to Linux users.
Joke’s on that, I couldn’t figure out how to make Wine work in the first place. And frankly I’ve gotten so used to sticking to Linux for the Deck that I don’t care about learning anymore.
How did nobody notice this vulnerability for so long?! It's a textbook bounds-checking bug, and nobody even thought that it might be in an emulator until now?
Shit, now we need to look at all the other emulators for _other_ consoles, to make sure such a problem doesn't _also_ exist in _them_!
there are a few emulators with confirmed similar bugs already!
@@KazeN64is there a list?
oh this will be interesting
i would be a good idea if something bad was found to also check the alternatives if they have a similar problem
I hope this does not affect duckstaion, 🐬,citra,cemu,pcxs 2
@@KazeN64 can you share that information? Where did you first read about this issue with pj64? I am curious as to which forums can people read to be properly informed.
First updated versions of PJ64 comes bundled with malware and now the "safe" versions of the emulator can install malware if you use the wrong roms. Glad I dropped PJ64 years ago.
It's sad too because some mods can only run on P64, but I dislike P64 a lot so I just avoid it
It almost feels like the Project64 developers have completely lost any sort of passion for making the emulator & now see it as nothing more than a paycheck.
I use the project 64 version recommended by B3313 in one of their video descriptions, which seems like a modified version of the emulator, I think it's lunar's or smth? Is that one safe?
@@mariotheundying Luna's Project 64 is a good one. From the dev's site on what's different from normal PJ64
"This is a build of Project64 3.0.1 that I made to have a Linux compatible alternative to 2.4 (Yes, it works on Windows too). It removes the nagware and adds all of the good plugins for SM64 romhacks with good settings. Read the info below, then download it by clicking the icon on the left."
Kaze says the vulnerability isn't present in PJ64 versions past 1.7, so this is safe (it's using a fork from PJ64 2.4 that's intended to work on both Linux and Windows and it's currently on version 3.0.1)
yes i only use mupen64plus (and various versions of it like simple64 aka m64p) because i only use linux and that is the best one for linux
I just downloaded a rom a few hours ago and thought "at least no one is messing with roms, like putting viruses in them or something". I guess I jinxed it.
use a rommanager for verification, checksums are a thing
At this point I just assume hackers can use pretty much any file type to execute an attack.
You know it's bad when you've gotten paranoid about downloading image files, like me, because maybe some hacker found some ultra obscure vulnerability in the photos app or smth.
@@MultiCool55 And you wouldn't even be far off. At one point, people were hacking people's computers through Team Fortress 2 sprays and Minecraft skins by hiding code in the image files. More recently, a libpng vulnerability was discovered that affected everything that has ever used libpng, including most browsers, apps, and Discord. Sooner or later they'll probably be able to poison you by hacking the Apple Water Bottle™️ and injecting poison.bin into your liquid.
A similar thing was discovered in ZSNES a long time ago.
@@MultiCool55 only unusual image formats should concern you, it's really not that bad. lol
pj64: this emulator can get you *HACKED*
kaze's n64 emulator: this emulator can get you *JACKED*
Explain *JACKED* real quick, if you'd please.
@@mightywaranvil2912 getting fuckin ripped man, like buff AF. Muscles for days son.
@@trulyinfamousbro was thinking "jacked" as in "jacked off" 💀
Creepypasta hacks are about to get wild 😎
yep - imagine a Mario 64 ROM that acts like it's haunted by screwing with your computer as you play
it could kill explorer or minimize all other applications, although you'd have to be careful because there's a point where the game straight-up becomes a virus if you go too far with this concept :P
@@SKCro.Playing hacks on console should start becoming more common then cause there's nothing else the console can do other than work within the game.
@@SKCro. SM64 can't close Explorer, unless it's an .exe game programmed to do this.
Get ready, the next generation of Ben Drowned is gonna be hilarious AF
This is so sad to see, pj64 1.6 has served me well for a long time, and the newer versions have long been known to be major downgrades.
Ah well, sadly bugs like this are inevitable sooner or later, glad Aglab caught it before any nefarious people did!
Depends on what you mean by downgrade. The newer versions have better compatibility, but are less mod-friendly.
What's wrong with PJ64 3.0? And soon we 4.0 will see the day of light.
the downgrades is that other emulators cannot make games run in 21:9 without stretching the image, PJ64 1.6 could...
Really, downgrades is never a great reason not to update an emulator because the improvements are going to outshine it over time.
Especially considering it's still open source and you can potentially get someone who knows code to restore cut features.
This is a bit of a strange take. You can still use 1.6 if you want to, just don't run untested/untrustworthy ROM's on it, keep it to strictly only ROM's you've checked the SHA-256 on. It's not like you can't have multiple emulators installed if you really want to try the latest and greatest random modded ROM from user25832.
After that donate screen appeared for the first time for me I just gave up and used another emulator, I agreed those guys deserved to receive donations but forcing you to wait 30 seconds to use the software was just an asshole move. I guess this security risk was just the final nail on the coffin.
R.I.P Project 64 - You won't be missed.
It's just 30 seconds, man... That's less time than it takes for most roms to get past the intro sequences.
@@Crazy_Gamer_OGThat is objectively untrue. In fact it's made worse that the intro sequences happen only after the 30 second waiting period. Don't stick to PJ64. It's actually awful at emulating the N64 accurately and is the bane of most decomp romhackers for its many issues with displaying materials wrong. Pleasure just use Parallel Launcher, you have so many more options and plugins for emulating N64 games.
@@Crazy_Gamer_OGagreed. I haven't used PJ64 as much recently, but I accepted it's just part of using it. Besides, they put in a lot of work to get games working at all. It's a small price to pay for being able to use it. Besides, I would support emulator devs if I could, I just don't have money to.
In fact you don't need to wait 30s, when you launch the emulator at the beginning you just have to right click on PJ64 in the taskbar and then click on Project 64, the emulator will restart without displaying the donation screen!
@@mozydiaz8296 Also they figured out launching it through a batch file that bypasses it
Used PJ64 since forever. It was my very first emulator. Ever since updating to the newer versions, I would always get a nag screen bypass and they would usually work, but last time I tried, it didn't. So I said goodbye old friend and moved to mupen. Honestly just a better experience overall. I'm definitely gonna try out this parallel launcher, I'd never heard of it before now, sounds sweet.
You have never heard of it?
@RoseQuartz692 nah
@@gibberishdump1648 how
@@RoseQuartz692 green beans
Insane timing, I recently got back into my childhood games and decided that I'd take a look at Majora's Mask since I always love OoT and always wanted to see what Majora's Mask is like.
I was cautiously looking for the best most reliable N64 Emulator and saw that the public opinion was a mix of "Project64 is the best/standard" and "Project64 is one of the worse N64 emulators", so I held back from making a choice for the time being and wowie was my patience rewarded with crucial knowledge.
MM has SO MANY GRAPHICS BUGS in emulation. Currently funnily enough the best way to go emulate it is to get citra and play the 3DS version.
I'm not messing with you, the 3DS version has less issues than the N64 version emulation wise. (if you have a Gamecube IRL that can play disc ISOs, get the Zelda Collector's Edition disc that came with Wind Waker, it has the least broken version of MM that's emulated).
@@neoqwertyThe 3DS version is NOT the best version, unless you're also using a mod in Citra that fixes a few things. Sure it looks great, but a lot of stuff they did is really bizzare (especially the swimming)
@@neoqwerty this hasn't been true for a very long time, you can just use parallel launcher OR ares if you have a decent pc, the latter being the most accurate n64 (and snes!) emulator out right now. if you want qol features then you can use majora's mask redux, which is a much better qol improvement than even the 3ds version
@@Infindox The reply was about emulation-compatibility, not the game itself.
@@neoqwerty dolphin works too as an emulator for the GC Collectors Edition version which is what I do, can do graphical enhancements like upscaling and texture replacements and all that jazz, though the decompile project for MM is 93% done (OOT is already 100%, and has been ported to run on PC natively by someone else, moddable and running at 60fps) so I'll be swapping to that once it's finished. only downside with the dolphin version is the FPS - since the game's physics are tied to the framerate, it needs to be modified on the code level for it to not break so I'd advise against the 30/60FPS hacks. the PC porters should fix that like they did with OOT
I would also recommend Rosalie's Mupen GUI for anyone that is familiar with P64's interface and wants to stick with something similar to it.
Unfortunately it seems to not run some rom hacks for me
Parallel Launcher is a godsend if you're not on a Windows machine. I'm glad you and Vinny mentioned it. I really recomended it for how easy it is to install mods and for the graphics plugins Kaze mentioned.
I was blown away when I was watching a video on the history of SM64 hacks and got a look at what Parallel could really do. I have it through Retroarch…and mainly play on the Steam Deck. So that potential is shackled twice over with how I have access to it.
I could get it separately on my laptop, but that’s Windows. Not sure what the problem would be, but doesn’t sound like you recommend it.
@ami7810 the steamdeck is just running a modified version of Arch Linux isn't it? should be able to access the AUR to install it if that's the case (but arch being arch something might break if you're not paying attention lol). and there's no problem with the windows version, it's just one of the only cross-platform ones whereas others are windows ONLY (linux wasn't as big 20 years ago except for server stuff so was never developed for it). robomike said Vinny mentioned it, and he's a windows user, so yeah
edit: just did a quick sanity check and apparently the steamdeck has flatpak compatibility built in, so you could just grab parallels off the flathub (or the Discovery app in case of steamdeck) and go that route since it has no chance of breaking (flatpaks are containerised, nothing on your system gets installed/modified, so they don't risk breaking your system)
What can it do that rmg can't?
yeah well I am on windows and I HATE IT! Is there a safe version of PJ64 or is my version safe? Mine is version 2.3
These days, all you need is Rosalie's Mupen GUI for your N64 emulation needs.
+1, I use it and it's good but the vulkan rendering backend crashes a lot
That crash screen is magical.
this is a really good short video! you got my sub, keep it up! :)
I know this going to sound crazy but I remember a long but long time ago when I was playing Mario Kart 64 the emulator suddenly crashed with a error message saying "WTF" and after that I swear Mario Kart 64 never worked again.
That last clip is pure gold and had me dying. xD
you talking about virus rom one or sub one?
I was talking about the last clip with the "anti-piracy" feature. Not the outro.
@@itranscendencei7964 that what sain "pj664 not supported" and crashed PC?
Yes
Very good video. Used PJ64 for a long time and have always been too casual with downloading tons of ROMs online. Thanks for putting this out there. That nag screen is super weird so I’ll probably download GlideN. That Anti-piracy screen was amazing btw lmao
Thanks for telling us and the explanation!
You either die a legendary emulator or you live long enough to see yourself become a villain
If anything, it became the villain a decade ago when they started bundling malware in it, even if they did eventually sort it out.
You either die a Kega Fusion or live long enough to see yourself become a PJ64.
@@acronym.4328 Gens: I ain't a legend? I can run 32x!
Project 64 was never not the villain, from when they only released the source code to old versions, to now
@@alexc4924Is only distributing in source code an evil thing?
6:18 It concerns me more that userspace code can crash the whole system on windows ...
NtRaiseHardError with OptionShutdownSystem still causes a BSOD on windows 11.
It can't unless you run It as admin.
@@ehs03y3ol then I hope that he ran pj64 as admin to implement this joke only, and that it's not required to run pj64 or any games for that matter.
@@ehs03y3ol it doesn't require admin to use NtHardError to create a BSOD.
Wow, thanks for telling us this! I never would have thought that that could even happen!
Seriously, thanks for the heads up!
In Soviet Russia, ROM hacks you!
Good thing I recently switched to Parallel Launcher.
Did you run random mods from unknown sources before?
Luckily, I only use the emulator Neko Project II, to play Touhou 1-5 xd
I'm glad I stumbled upon this video, as it's been a while since I've considering even using Project 64, and hadn't already uninstalled it from my computer. From now on, I'll be using N64 emulators through Retroarch, and maybe RMG on the Steam Deck assuming it's any decent, since I haven't tested it much as of yet.
I was told like 8 years ago that PJ64 was scummy and needs to be avoided at all costs. I didn't realize so many people were still using it after the near-decade of drama about how horrible and unsafe it is.
My knowledge was always that 1.6 was fine but after that they went off the deep-end with malware & stuff
+1
There are certain safe versions of it I've used in the past (I believe they were community forks) but yeah PJ64 is the anti-Dolphin. Where Dolphin is almost better than the original hardware and flawlessly integrates multiple play styles, PJ64 is pretty stone age still to this day
Same. I've used Simple64 for a long time, and now that Ares works with the OoTMM combo randomizer that's become my main
PJ64 it's the face of the sad state of N64 emulation. So many people using this crap simply because there aren't many good alternatives. It's awful to have to rely on outdated plugins to run N64 instead of running everything natively. The same thing was happening with the PSX emulation, where ePSXe was the standard but it was terrible, an emulator worse than PJ64. If you didn't want to mess around with plugins, you either had to use the even older PSFin, completely outdated with no usuable configurations; or Mednafen which doesn't even have a GUI, making it a huge pain in the ass to use. Then Duckstation came along and improved everything, no need for plugins, command lines or outdated code, works out of the box and with a great optimization. I just wish we have a good N64 emulator just like Dolphin or Duckstation.
PJ64 1.6 had a great run, it will be missed!
Commenting to help the video performance and spread awareness. Thanks for putting this out there!
Creepypasta romhacks are gonna be on a whole new level
I somewhat predicted this would happen. When rom hacks are getting your system information and detecting what your romhacking account is, I wondered how long it would be until people make viruses.
Prpject 1.6 is very old, did you really predict it when it already happened
Well, Project64 1.6 was released 13 years ago. Of course vulnerabilities would be found.
yep, it's just that people still use it so they have to be warned
This played just like one of Mutahar's scare videos: sounds like something scary because it is vaguely relevant to me, until I hear the details and learn it has nothing to do with me lol
I currently have PJ64 2.6, honestly a holdover saved from a previous machine, and the installer had no prompts for any extra wares, and the nag screen was negated by typing in a phrase (so no config file modifying or anything). I can imagine switching to another emulator at some point, but considering my needs at the moment, it doesn't seem necessary.
On the topic of N64 emulators, I would really love to hear your opinion on the N64 core of Ares.
RMG > PJ64
Vimm is our best friend!
Our savior!
Thank you for the explanation, Kaze!
I feel like this can make creepypasta rom hacks scarier as long as it doesn't contain any malware or any bad code since coders and game devs can do wacky things with this, so it's both good and bad at the same time if you look at it this way, bad due to security reasons, but good in the creepypasta sense for more scares
What the fuck was the point of making this vulnerability public just like that? I doubt anyone knew about it before this, now that people actually know how this all works thanks to this info, people WILL start posting these virus roms NOW.
i had the same concern about posting the video for this reason, but the people that found the exploit thought it was a better idea to warn people.
To be fair this vulnerability could've been discovered by hackers at one point, we never truly know.
@@LerrycapetimeThere likely would have been warnings and it would've become common knowledge or something like that if it was exploited already.
It's **never** a better idea to ignore serious sercurity issues. In **some** cases, it's considered polite to notify the company who makes the product first and give them some time to fix it. But since the bug has appareantly already been fixed in newer versions, ignoring it just means people don't know the risks they're unintentionally subjecting themselves to.
@@AliceGorgoniaThis just doesnt work with what I've already replied and the comment itself
Dispite the obvious security problems with this I can't help but see this being useful for a awesome horror rom hack that takes advantage of your pc and does stuff like changing your wallpaper and sending you messages through websites.
a few weeks ago i was thinking exactly about "i should look into seeing if any emulators have major bugs, because theyre just VMs" and here this video is.
I might go see if i can find any other bugs myself
Hello Kaze, I really I appreciate you putting out this video, but I just have one question. I don’t know if you’ve heard the Mario Party Netplay emulator, but it’s just a modified version of project 64 that comes with everything needed to play Mario Party 1-3 with netplay. As such, those are the only games running on the emulator. Is it safe to continue using this modified version of Project 64. If it will help, I would like to add that I got the roms from Vimm’s lair.
if there is a checksum verification, it should be fine (since that'd mean noone could have edited the official rom). but if it says unknown checksum, it is not 100% safe. though i dont think anyone would have put the exploit into a rom this fast.
@@KazeN64 My apologies, but if I may, how would I check to see if my checksum is verified or not?
Phew... So glad that all my rom files are years old. Thank you for the heads up.
PJ64 1.6 always fills me with so much nostalgia, so I'm very sad to find out it's not safe to use anymore. But, I'm glad we're at the point that the emulator is no longer needed anyways, because communities around the N64 and SM64 are constantly changing and improving. There's so much more resources and tools than there were before since PJ64 1.6's inception.
For making SM64 machinima, 1.6 can still be used, but there's already a fork of Project64 specifically for that purpose.
Like always, thank you for making this video and spreading awareness about this!
Great video, Kaze!
I need to give a shoutout to the ares emulator which is the go-to for homebrew developers (not ROM hacks) on the N64. Thanks to the work of developers like Rasky, LuigiBlood, Luke Usher, and others, ares' N64 core boasts the highest accuracy of any current N64 emulator including very accurate DMA timings, FPU exceptions, cache coherency, basically perfect RSP timings, and others; more than I can name. Of course, with high accuracy also come higher requirements so it's not the best for people who just want to play something but I can't recommend it enough for developers, testers, and enthusiasts.
I remember using Pj64 in the early 2010s. I made a lot of content that it’s still live to this day on my channel and helped me to revive those nostalgic times by allowing me to play classic games.
It had a great run, and it will be missed, but it’s time to move on.
A righteous Rick Roll? Wonders never cease.
I instantly switched to the Parrel Launcher when I found this out.
The malware thing with PJ64 was back when it was closed source. The project went open source years ago.
Thanks for sharing this :)
Why you got the self deletion squad pfp?
@@DarkSackOfficial Why do you choose to be rude on the internet?
@@DarkSackOfficial
Transformers: Men in Disguise
@@SergalCheeseHead dont be a bigot
this is the type of stuff that gets me to feel that i gotta get smarter asap cuz i dont fully get it, BUT i get that its a dangerous emulator
Thanks for the information! It sounds pretty easy to compromise ROMs
What surprises me is how long it took for someone to find this.
I thought I found a similar bug in Dolphin, but they were clever and set up the memory map specifically to make this kind of thing impossible. (I can write to arbitrary addresses within a given range, but nothing important is put there, so all it can do is cause a non-exploitable crash.)
I believe the late Near (formerly Byuu) demonstrated the same type of vulnerability in ZSNES.
that anti-piracy screen at the end is very clever
Thank you for spreading awareness
Honestly, the guy is a total chad for showcasing the vulnerability with something silly instead of exploiting it for malicious intent.
Reminds me of the ol' gmod cough virus that popped up deliberately to make that massive problem as visible as possible to garry.
With the amount of N64 emulators we have today, there's no damn good excuse for anyone to use PJ64 1.6
Take 5 minutes of your time and setup Mupen or Parallel
Actually Project 64 can run some few games that even the other ones couldnt do it perfectly and cant make you get softlock, like Rayman 2.
@@sebastianaliandkulche but why would you play rayman 2 on the n64
@@based980 Does that care? Why people play NFS MW on PS2 when its on PC?
Why people play Big Rigs if we all know is a piece of trash?
Why people use emulators when they have the original hardware?
Sometimes there is not a clear answer. The only thing that matters is the actual solution.
@@sebastianaliandkulcheWhich is absolutely worth pursuing, but I think the point being made is that *most* people who use PJ64 would be better off on a different emulator.
There will be a few people who have very specific use-cases as always with existing software. Hell, some people still use MS DOS
@@mgord9518 Yes, but i cant play a few games in other emulators than PJ64. Plus PJ64 is way better optimized.
So you give me the reason or not?
Something interesting to include when possible is if anyone has found stuff in the wild actively using the vulnerability
Not gonna lie, this could have been used with incredible effects for simpleflip's troll hack competition. Though it'd be more terrifying than anything
Thought this was a known thing for a few years that it was vulnerable to exploits, or maybe it was something else like someone in the comments mentioned VBA had a similar exploit. I was just wondering which N64 emulator I should install or if I should just hope 1.6 can run ok in Wine now (had issues in 2014) since I'm planning to move back to Linux, but I guess that's answered with Parallel Launcher.
I found a few emulator escape bugs before, including one in the 3DS VC GBC emulator, but was never able to exploit that one due to complications.
i... am surprised nobody caught this sooner wtf
ouuuf thank you so much for warning us!
5:01 project 64 needs your helpto defeat gigigas!
Haven’t seen a vulnerability this bad since ZSNES
So which emulator should I use for Pokemon Stadium 1 & 2 and be able to use my pokemon GB/GBC games? PJ64 1.6 has a plug in that supports the transfer pak, which alternates can I use to still get this feature to work?
Sadge. Lots of good memories with Project64.
Thankyou thankyou thankyou for this very important PSA!
@KazeN64 am i safe if i use retro-arch? i know there exists other emulators such as pj64 and mupen. btw i like what you do in your videos about the sm64 fps optimisation and so. do you have thought about giving a Talk or a lecture about your work so far?
Parallel launcher uses retroarch so I'm guessing it's fine, but I'm not an expert in programming stuff idk
I'm using the version that has the 30-second ad at the moment. I was only using it for Banjo-Kazooie rom-hacks and they don't lag at moments unlike Project64 1.6, but now it looks like that is my main emulator to use at least until I find a better option.
An efficient way to handle this without checks is just have two tables, one for reading and one for writing. Unmapped write entries go to a dummy page in memory that's never read. Unmapped read entries go to another dummy page that's filled with whatever open-bus value gets read.
That's what I did in my ancient emulator years ago. The lookup tables got huge but ram was getting plentiful in the early 2000s. I am guessing zil didn't want the increased ram requirements
Great video! Thanks!
Thank you for sharing :)
>Kaze: Here is how the ACE functions to run viruses, it's lucky that no one's taken advantage of it.
>Nintendo Ninjas: Interesting...
TY for spreading the word, like many others I've been using Project64 1.6 for ages, but now I've slam dunked that shit into the recycle bin
this seems like it has amazing potential for creepypasta hacks...
Great, now I need an emulator for my emulator
Kaze, I can’t seem to find the version of GLideN64 you showed in the video, do you have a link?
Good to know, thanks Kaze
Why do I now feel the strong urge to definitely play the next version of the B3313 mod on this specific unsafe emulator?
b3313 uses ace?
@@CDJAM-webm Not that I know of. But I'm curious to see what crazy stuff it could do if it did, and now extended it's madness to execute any kind of code using the PJ64 emulator bug, lol. As long as there's nothing permanently harmful, I'd love to see it USE this bug and do some crazy stuff with it.
If/when Joel does another Windows Destruction stream, this exploit should absolutely be a part of it somehow. It'd be a great way to get the word out to people about the insecurity of Project 64, and it''d also be funny as hell.