Introduction

Ape Escape is a famous PlayStation One game released in 1999 by Sony Computer Entertainment Inc.

Games released for PSX were created in three versions: NTSC, PAL and JP.

As most of you may know, back in 1999, PAL games were about 17% slower than their NTSC/JP counterparts, because our European televisions were slower (50Hz). On top of that game creators based their FPS, physics and all that stuff on the CPU clock instead of some timer. I actually don’t know much about the MIPS processor (used in the PSX), but AFAIK some games can be accelerated just by simulating a NTSC console.

Introduction

Inline hooking is a technique used to modify the behavior of functions in an application or operating system. It involves inserting code into the body of a function, and redirecting the flow of execution to the inserted code before or after the original function is executed.

Inline hooking is often used in security-related applications, such as anti-virus software or intrusion detection systems, where it is necessary to monitor or alter the behavior of system-level functions. It can also be used for debugging, profiling, or instrumentation purposes, where it is necessary to collect information about the execution of a function.

Introduction

The purpose of this document is to describe one of the most basic code injection techniques by using some of the APIs provided by the Windows operating system for process interaction.

Code injection can be used in case it is necessary to make the detection of a payload more difficult within a compromised system, because it should not be sought inside a single process.

It is possible to find an example of a more sophisticated use of the above technique into the “migrate” (ReflectiveLoader) feature of meterpreter, which completely moves the execution of the agent into a process chosen by the attacker.