Hacking Tools

Doom-Poly : A Multi-Format Polyglot Executable Running Doom

Doom-Poly is a fascinating polyglot executable that combines the functionality of a PDF, DOS executable, and Windows PE executable to run the classic game Doom.

This innovative construction leverages Robert Xiao’s Universal Doom and Allen Ading’s Doom.PDF to create a file that operates seamlessly across these formats.

The project demonstrates the versatility of file formats and the creative possibilities of polyglot programming.

The polyglot construction involves embedding multiple file format signatures into a single file. Here’s how it is achieved:

  1. PDF and EXE Header Manipulation:
    The gap between the EXE header (up to byte 0x1B) and the PE header offset (at byte 0x3C) is utilized to insert a PDF signature (%PDF-1.x) and a stream object declaration.
    • This allows the file to be identified as a valid PDF while hiding the Doom executable content.
  2. Appending PDF Content:
    The body of the EXE/PE contains the Doom executable, while the end of the file includes additional PDF structures, such as closing the stream object and appending the rest of the Doom.PDF content.
  3. Rebuilding PDF Metadata:
    To ensure compatibility with Chrome’s PDF engine, an updated cross-reference (XREF) table and startxref pointer are added, along with adjustments to the trailer’s /Size property.

The resulting file can function as:

  • A playable Doom game when executed as an EXE or PE.
  • A readable PDF document when opened in Chromium-based browsers (with limited functionality).

The PDF payload only works under Chrome due to its limited implementation of JavaScript in PDFs. Additionally, performance constraints arise from rendering Doom in grayscale ASCII characters within a text field-based framebuffer.

This project showcases the potential of polyglot files in creative programming, security research, and file format exploration.

While primarily experimental, it highlights vulnerabilities in interpreting multi-format files, emphasizing the need for robust validation mechanisms

For more details or to explore this project, refer to Allen Ading’s GitHub repository for Doom.PDF.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: cybersecurityDoom-Polyinformationsecuritykalilinuxkalilinuxtools
1 month ago

Recent Posts

goLAPS : The Ultimate Guide To Managing LAPS Passwords with Golang

goLAPS is a tool designed to interact with the Local Administrator Password Solution (LAPS) in…

1 hour ago

200-OK-Modifier : Mastering Web Application Analysis And Penetration Testing

The 200-OK-Modifier is a versatile Burp extension that allows users to modify server response codes…

1 hour ago

NullGate : Advancing Evasion Techniques In Windows Exploitation

NullGate is a sophisticated project designed to leverage NTAPI functions using indirect syscalls, incorporating the…

22 hours ago

WebHunt : A Dive Into Web App Testing For Bug Bounty Hunting

WebHunt is an innovative project that focuses on web application testing, particularly for bug bounty…

22 hours ago

Process Ghosting In Rust : Crafting Evasive Applications On Windows

Process ghosting is a sophisticated technique used to evade detection by security tools on Windows…

22 hours ago

TruffleHog Burp Suite Extension : Enhancing Security With Automated Secret Detection

The TruffleHog Burp Suite Extension is a powerful tool designed to scan HTTP traffic within…

23 hours ago