Arbitrary code execution to convert Super Mario to Flappy Bird, done entirely by hand on a real device!
https://youtu.be/hB6eY73sLV0
The first exploit modifies the UI to show exact sprite co-ordinates (used for the payload), then the new game is 331 bytes written with spin jumps!
miniblog.
Related Posts
Playing flappy bird in Mario using bugs for arbitrary code execution https://www.youtube.com/watch?v=hB6eY73sLV0 (incredible, and done by hand!)