Decompiling Sonic Runners

Usually, when you hear about games being decompiled and rebuilt, the games are often decades-old relics, loving and saved from the ravages of time. [MattKC] recently set out to decompile the 2015 game Sonic Runners.

The game was a 2D endless runner released on mobile platforms. Despite getting praise for the gameplay, it received mixed reviews for the pop-up ads and pay-to-play elements. A little over a year later, the game was discontinued. However, the game required a constant online connection, so once the servers were offline, it rendered the over five million downloads unplayable.

A team of developers worked to reverse engineer the server, and with a little bit of binary hacking, the client could be patched to connect to a community-hosted server instead. However, as phones with notched displays came out and suggestions for improvements stacked up, the community realized a new client would bring immense benefits. Compared to many decompilation projects, Sonic Runners was pretty easy as it uses Unity, which means most of the code is in C#. Unfortunately, the build of Unity used by the game is from 2012, meaning many of the tools designed for much later versions of Unity were inoperable.

However, one native code library called UnmanagedProcess was designed to confuse reverse engineering efforts. The library handled AES encryption and communication with the server. Luckily, the library was a later addition, and earlier versions of its functions still lingered in the C# code. Since an open source server already existed, it was trivial to validate the changes. Additionally, all the shaders were in OpenGL Shading Language (GLSL), which meant rewriting them in High-Level Shading Language (HLSL) and checking that they matched the original GLSL when building for Android.

Now the client has new game modes, no ads, and a proper offline mode. The community continues adding new features and refining the game, which is very satisfying. If you’re curious about reverse engineering, [Matthew Alt] can help you get started.

Continue reading “Decompiling Sonic Runners

A two picture montage of a boy wearing a sonic the hedgehog costume with LEDs in them. The left picture is at night with the boy wearing sunglasses and a face mask with the sonic costume head piece lit up. The right picture is during the day with the boy wearing a face mask, holding a plastic pu mpkin bucket for candy and wearing a lit up sonic the hedgehog costume in the front yard of a house.

LEDs Put New Spin On A Sonic The Hedgehog Costume

[Wentworthm] couldn’t say no to his son’s plea for a Sonic the Hedgehog costume for Halloween but also couldn’t resist sprucing it up with LEDs either. The end result is a surprisingly cool light up Sonic the Hedgehog costume.

a picture of a breadboard with an Arduino Nano on it, with wires going out to 3d printed tear dropped shapes that have LED strips in them, with some LED strips on.

After some experimentation, [Wentworthm] ordered two costumes and ended up mixing and matching the head piece of one with the body suit of the other. For the head, [Wentworthm] created six 3D printed “quills” that had slots for the WS2812B LED strips to slide into and diffuse out the sides, with each quill sliding into the folds of the Sonic head “spikes”. Sewn strips of cloth were used to house the LED strips that were placed down the sides of the costume. An additional 3D printed switch housing was created to allow for a more robust interface to the two push buttons to activate the LEDs. An Arduino Nano, soldered to a protoboard, was used to drive the LED strips with a USB battery pack powering the whole project.

[Wentworthm] goes into more detail about the trials and errors, so the post is definitely worth checking out for more detail on the build. Halloween is always a great source of cool costumes and we’ve featured some great ones before, like a light up crosswalk costume to making a giant Gameboy colour costume.

Video after the break!

Continue reading “LEDs Put New Spin On A Sonic The Hedgehog Costume”

This Week In Security: Secure Boot Bypass, Attack On Titan M, KASLR Weakness

It’s debatable just how useful Secure Boot is for end users, but now there’s yet another issue with Secure Boot, or more specifically, a trio of signed bootloaders. Researchers at Eclypsium have identified problems in the Eurosoft, CryptoPro, and New Horizon bootloaders. In the first two cases, a way-too-flexible UEFI shell allows raw memory access. A startup script doesn’t have to be signed, and can easily manipulate the boot process at will. The last issue is in the New Horizon Datasys product, which disables any signature checking for the rest of the boot process — while still reporting that secure boot is enabled. It’s unclear if this requires a config option, or is just totally broken by default.

The real issue is that if malware or an attacker can get write access to the EFI partition, one of these signed bootloaders can be added to the boot chain, along with some nasty payload, and the OS that eventually gets booted still sees Secure Boot enabled. It’s the perfect vehicle for really stealthy infections, similar to CosmicStrand, the malicious firmware we covered a few weeks ago.
Continue reading “This Week In Security: Secure Boot Bypass, Attack On Titan M, KASLR Weakness”

Don’t Trust Your Ears For The Freshest Chips

We hear fables of how to restore the crispness to your crisp and the crackle to your crackers, but they are more hot air than some of the methods. We found one solution that has some teeth though, and it doesn’t require any kitchen appliances, just a pair of headphones. Keep reading before you mash potato chips into your Beats. [Charles Spence] co-authors a paper with [Massimiliano Zampini] titled The Role of Auditory Cues in Modulating the Perceived Crispness and Staleness of Potato Chips. It’s a mouthful, so folks refer to it as the “Sonic Chip Experiment,” which rolls off the tongue. The paper is behind paywalls, but you can find it if you know where to look.

The experiment puts participants in some headphones while they eat Pringles, and researchers feed them different sound waves. Sometimes the sound file is a recording of crackly chewing, and other times it is muffled mastication. The constant was the Pringles, which are a delight for testing because they are uniform. Participants report that some chips are fresher than others. This means we use our ears to help judge consumable consistency. Even people who knew all about the experiment report they can willingly fool themselves with the recordings.

What other foods would benefit from the augmented crunch, and which ones would suffer? If shapely food is your jam, we have a holy cookie which is probably best enjoyed with your eyes. If you prefer your Skittles organized by color, we have you covered.

Continue reading “Don’t Trust Your Ears For The Freshest Chips”

Sonic The Self-Balancing Robot: Face-Plants And The Challenges Of Sensor Integration

Watching a child learn to run is a joyous, but sometimes painful experience. It seems the same is true for [James Bruton]’s impressive Sonic the Self-Balancing robot, even with bendable knees and force sensitive legs.

We covered the mechanical side of the project recently, and now [James] has added the electronics to turn it into a truly impressive working robot (videos after the break). Getting it to this point was not without challenges, but fortunately he is sharing the experience with us, wipe-outs and all. The knees of this robot are actuated using a pair of motors with ball screws, which are not back drivable. This means that external sensors are needed to allow the motors to actively respond to inputs, which in this case are load cells in the legs and an MPU6050 IMU for balancing. The main control board is a Teensy 3.6, with an NRF24 module providing remote control.

[James] wanted the robot to be able to lean into turns and handle uneven surfaces (small ramps) without tipping or falling over. The leaning part was fairly simple (for him), but the sensor integration for uneven surfaces turned out to be a real challenge, and required multiple iterations to get working. The first approach was to move the robot in the direction of the tipping motion to absorb it, and then return to level. However, this could cause it to tip over slightly larger ramps. When trying to keep the robot level while going over a ramp with one leg, it would go into wild side-to-side oscillations as it drops back to level ground. This was corrected by using the load cells to dampen the motion.

Continue reading “Sonic The Self-Balancing Robot: Face-Plants And The Challenges Of Sensor Integration”

Sonic The Hedgehog Self-Balancing Robot Can Bend At The Knees

Building your own self-balancing robot is a rite of passage for anyone getting into the field of robotics. Master of robots, [James Bruton] has been there, done that, and collected a few T-shirts. Now he’s building a large Sonic the Hedgehog self balancing robot that can bend at the knees and hip, allowing it to lean while turning and handle uneven terrain. Check out the first video embedded after the break.

Standing about 1 m tall, the robot is inspired by Boston Dynamic’s box handling bot, Handle. It’s “skeleton” consists of 20×20 aluminium extrusions, bolted together using a bunch of 3D printed fittings in the signature blue and red of Sonic. The wheels and tyres are also 3D printed, and driven by brushless motor via a toothed belt. The knee/hip mechanism is actuated using a ball screw, also driven by a brushless motor.

[James] intends to implement an active shock absorption system into the leg mechanism, using the same technique he tried on his OpenDog robot. It works by bolting a load cell onto one of the leg extrusion to sense when it flexes under load, and then actuating the knee mechanism to absorb the force. His first version of the system on OpenDog used PWM signals to send the load cell data to the main controller, but the motors on the legs induced enough noise in the signal wires to make it unusable. He has since started experimenting with the CAN bus protocol, which was specifically designed to work reliably in noisy systems like modern automobiles. If he gets it working on the two legs of this Sonic robot, he plans to also implement it on the quadruped OpenDog.

Continue reading “Sonic The Hedgehog Self-Balancing Robot Can Bend At The Knees”

Hackaday Links Column Banner

Hackaday Links: November 10, 2019

In the leafy suburbs of northern Virginia, a place ruled by homeowner’s associations with tremendous power to dictate everything from the color of one’s front door to the length of grass in the lawn, something as heinous as garage doors suddenly failing to open on command is sure to cause a kerfuffle. We’ve seen this sort of thing before, where errant RF emissions cause unintentional interference, and such stories aren’t terribly interesting because the FCC usually steps in and clears things up. But this story is a little spicier given the source of the interference: Warrenton Training Center, a classified US government communications station located adjacent to the afflicted neighborhood. WTC is known to be a CIA signals intelligence station, home to spooks doing spooky stuff, including running high-power numbers stations. The interference isn’t caused by anything as cloak-and-dagger as that, though; rather, it comes from new land-mobile radios that the Department of Defense is deploying. The new radios use the 380-400 MHz band, which is allocated to the Federal Government and unlicensed Part 15 devices, like garage door remotes. But Part 15 rules, which are clearly printed on every device covered by them, state that the devices have to accept unwanted interference, even when it causes a malfunction. So the HOA members who are up in arms and demanding that the government buy them new garage door openers are likely to be disappointed.

Speaking of spooks, if you’re tired of the prying electronic eyes of facial recognition cameras spoiling your illusion of anonymity, have we got a solution for you. The Opt-Out Cap is the low-tech way to instantly change your face for a better one, or at least one that’s tied to someone else. In a move which is sure not to arouse suspicion in public, doffing the baseball cap deploys a three-piece curtain of semi-opaque fabric, upon which is printed the visage of someone who totally doesn’t look creepy or sketchy in any way. Complete instructions are provided if you want to make one before your next trip to the ATM.

It’s always a great day when a new Ken Shirriff post pops up in our feed, and his latest post is no exception. In it, Ken goes into great detail about the history of the 80×24 (or 25) line standard for displays. While that may sound a bit dry, it’s anything but. After dispelling some of the myths and questionable theories of the format’s origin – sorry, it’s not just because punch cards had 80 columns – he discusses the transition from teletypes to CRTs, focusing on the very cool IBM 2260 Display Station. This interesting beast used an acoustic delay line made of 50′ (15 m) of nickel wire. It stored data as a train of sound pulses traveling down the wire, which worked well and was far cheaper than core memory, even if it was susceptible to vibrations from people walking by it and needed a two-hour warm-up period before use. It’s a fascinating bit of retrocomputing history.

A quick mention of a contest we just heard about that might be right up your alley: the Tech To Protect coding challenge is going on now. Focused on applications for public safety and first responders, the online coding challenge addresses ten different areas, such as mapping LTE network coverage to aid first responders or using augmented reality while extricating car crash victims. It’s interesting stuff, but if you’re interested you’ll have to hurry – the deadline is November 15.

And finally, Supercon starts this week! It’s going to be a blast, and the excitement to hack all the badges and see all the talks is building rapidly. We know not everyone can go, and if you’re going to miss it, we feel for you. Don’t forget that you can still participate vicariously through our livestream. We’ll also be tweet-storming and running a continuous chat on Hackaday.io to keep everyone looped in.