This NES ROM is a ZIP of its Source

Polyglots, in computing terms, are files have multiple valid meanings. We’ve seen some amazing examples of polyglot files in releases of The International Journal of PoC||GTFO. One example: a PDF that is also a ZIP, HTML file, and BPG image.

[Vi Grey] was inspired by PoC||GTFO’s release of a PDF/ZIP/NES ROM hybrid file for issue 0x14. Using a different method, [Vi] created a file which is both an NES ROM and ZIP, where the full contents of the ZIP are stored in the NES ROM.

When PoC||GTFO created their NES ROM polyglot, they stuck most the information outside the bounds of the NES ROM. While the file is valid, you’d lose the ZIP archive if it was burnt to a cartridge.

[Vi]’s polyglot is different. Rip it from a real NES cartridge and you get a ZIP file. Unzip it, and you get the source. Compile that source, and you get a valid ZIP file containing the source. Burn that to a cartridge and… hopefully you grok the recursion at this point.

The source and scripts to mangle the polyglot together are up on Github.

12 thoughts on “This NES ROM is a ZIP of its Source

      1. You are correct, Henrique. I had to store part of the PRG data and all of the CHR data of the NES rom as a ZIP file comment and then update the ZIP file offsets. Simply concatenating a ZIP file to the end of an NES rom will work for some ZIP file extractors, but without properly set offsets, some extractors will just refuse to open the ZIP file. Also, if I didn’t store the PRG and CHR data as a ZIP file comment, I wouldn’t be able to burn the NES/ZIP polyglot file on a cartridge. Details can be found on my blog post, which is the link in this article that says “different method”.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s