SuperNull is a coding term that refers to exploits that use engine vulnerabilities to allow for arbitrary code execution during the character selection.
Most used vulnerabilties for SuperNull exploits would be the following:
- WinMUGEN: StateDef Overflow, AssertSpecial Overflow, and Command Overflow.
- 1.00/1.1b: AssertSpecial Overflow, State Filepath Overflow and Type Overflow.
History
Information on the first character to use this exploit is ambiguous, but it seems that the first author to do so is an unknown author, with a character called EFB (based on the Eternal Force Blizzard meme) in 2013, but unfortunately it doesn't work since it does not go to the match screen. It was then probably fixed and used by ydccdy with his character Guanyin.
As years passed, upgraded versions of this exploit appeared, Guanyin and Dsrugal being the first ones at using such versions.
A lot of authors used the exploits created by ydccdy on their SuperNull characters for a long time, until some of them started creating their own exploits, which allowed them to distinguish from other authors.
1.0/1.1
As these engine versions have the NX Bit protection enabled by default, Shellcodes can no longer be directly executed while any attempt of doing so will just cause the program to abruptly terminate, so an exploit technique is required in order to circumvent said protection: Return-Oriented Programming
Creation of complex SuperNull exploits may be significantly hard to do, so it is preferable to create an exploit that allows the author to load external libraries from the character folder.