José-Alexandre Mayan

Vulnerability Researcher at Margin Research

José-Alexandre Mayan


Let's play Mario Kart!

With over 37 million copies sold, Mario Kart Wii is the most popular Nintendo Wii game. This talk presents a remotely-exploitable bug on Mario Kart Wii.

We will go through the process of analyzing the network protocol to find a bug, then we will see how to set up a debugging environment to find the root cause of a crash and finally, we will write a working exploit targeting every versions of the game.


José-Alexandre Mayan is a vulnerability researcher at Margin Research. Before that, he worked for a few years on exotic targets including connected vehicles and biometric devices.

He spends most of his week-ends playing CTF. He uses this experience to select and coach the French national team for the yearly European Cyber Security Challenge.