Kamila Szewczyk built a Snake game that fits into 13 KiB and runs natively on three platforms from a single file. The technical approach combines PE/ELF binary packing, shell script droppers, and HTML/CSS abuse to create a unified executable.
The challenge of creating a cross-platform application often involves trade-offs: either maintain separate codebases or rely on heavy frameworks. Kamila Szewczyk took a different path with a Snake game that runs on Windows, Linux, and in a web browser from a single 13,312-byte file. The project demonstrates how platform-specific executable formats can be layered together with careful byte manipulation.
The Game
The game itself is a standard Snake variant with mechanics tuned for replayability. Players control a snake that grows when eating food, with the goal of avoiding walls. Controls are consistent across platforms: arrow keys or WASD for movement, ESC to terminate, R to reset, P to pause, and Spacebar to start.
Scoring is straightforward: each piece of food adds 10 points, but yellow fruit—spawning with a 15% chance—gives 20 points. Fruit spawns at a fixed rate but despawns proportionally to the snake's current speed, which increases with length. After ten fruits are eaten, the game advances to the next level with a randomized wall layout. The maze generation ensures a path exists from the snake's head to any food spawn, and the snake's initial position is randomized with at least five empty tiles ahead.
The technical achievement lies not in the game mechanics but in how the same logic executes across fundamentally different environments.
Three Implementations, One File
Szewczyk wrote the game three times: in C using WinAPI for Windows (i686 Visual C), in C using X11 for Linux (x86_64 clang), and in JavaScript using HTML5 Canvas for browsers. Each implementation is roughly 3-5 KiB when compiled or minified. The final polyglot file concatenates these three binaries with platform-specific wrappers that allow each system to extract and run its version.
Windows: The PE Header Trick
The Windows executable uses an unusual PE header. After the standard MZ signature, the header contains freely controllable bytes. Szewczyk exploited this by placing a shell script in those bytes that skips over the rest of the file. When executed on Windows, the system eventually reaches the valid PE executable. However, the header is so unconventional that Windows' apphelp mechanism is required; without compatibility mode, the first execution fails with "The application was unable to start correctly (0xc0000005)." A second run succeeds.
Linux: Shell Dropper with LZMA
The Linux version uses a shell script as a dropper. It extracts a compressed ELF64 binary using lzma, skips the file's head and tail, and executes the payload. The script is embedded in the same file, positioned so that it runs on Linux but is ignored by other platforms.
Browser: HTML Abuse
The browser version starts with benign garbage that browsers parse before reaching actual HTML content. A small CSS block hides this garbage and styles the canvas to fill the viewport. The JavaScript game code is packed and embedded within a <script> tag. The entire assembly is valid HTML, but only the tail portion is meaningful to a browser.
File Structure and Byte-Level Construction
The file is a carefully ordered concatenation:
- Windows PE header and dropper (starts with
MZ) - Linux shell script and compressed ELF (starts after the Windows section)
- HTML, CSS, and JavaScript (starts after the Linux section)
Each platform picks the correct part:
- Windows executes the PE header, which runs the embedded script to skip the rest.
- Linux runs the shell script, which extracts and executes the ELF.
- Browsers parse the HTML, ignoring the preceding binary data.
The hex dump reveals the structure:
0000:MZ=;:<<'ks'- Windows header with shell script assignment and heredoc marker.1060:ksmarker andtail -c+4294 $0- Linux dropper command to skip the first 4294 bytes (Windows PE) and keep the rest.2480:<html>- Start of the browser content.2550:<div><canvas>- The game canvas.35c0:</script>- End of the packed JavaScript.
The final file is exactly 13,312 bytes, meeting the sub-16 KiB goal.
Practical Implications
This project is a demonstration of executable format flexibility rather than a production-ready distribution method. The Windows version's reliance on apphelp means it won't run cleanly on fresh systems. The Linux dropper requires lzma in the PATH. The browser version works universally but depends on the browser's tolerance for garbage before HTML.
For developers, the value lies in understanding how executable formats handle extra data and how platform loaders parse headers. The technique mirrors methods used in self-extracting archives and multi-platform installers, but compressed to an extreme degree.
The source code and binary are available for download at Kamila Szewczyk's site. The project is a compact lesson in low-level binary manipulation and cross-platform constraints.
Comments
Please log in or register to join the discussion