This is cracking me up!!!
http://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-compromising-linux-desktop.html

Let's make a battle out of this where we try to craft the most creative exploit.

inb4 battle of the bsod

Very fascinating read!

If I understand it correctly one of the NSF players that comes with Ubuntu does not handle bank switching appropriately so the music play routine inside the NSF actually has access to OS RAM.

i wish someone could achieve to play the first super mario bros in the ubuntu's ui lol

on the most creative exploit thing, one should make a nsf file that injects and loads a playable linux port of DOOM

DOOM runs on everything, even nsf files

loving this blog entry!

so i did a bit of research into this to wonder if this could be exploitable outside of linux. turns out possibly!

there is a custom xmpp/jabber client that uses the gstreamer-0.10 vulnerable library libgstnsf.dll/so for windows and mac osx for inline multimedia playback. ;)

potentially if you were going to create a windows or mac-specific NSF and send it to another user that used the OOB bankswitching trick and then initialized OS-specific shell code you could take advantage of this vulnerability using Gajim. ;)

http://gajim.org

subsequently all gstreamer MSI install libraries, standard or development, for windows (potentially mac) on the main gstreamer site do not include "bad plugins" which include libgstnsf.dll. you would have to use mingw/darwin to compile the bad plugin yourself. :)

https://gstreamer.freedesktop.org/

anyone want to try to exploit one another using Gajim and a custom NSF? ;)