Pwntools & GDB for Buffer Overflow w/ Arguments (PicoCTF 2022 #43 'buffer-overflow2')
Вставка
- Опубліковано 25 лип 2024
- (PS, jump into the HackTheBox Cyber Apocalypse CTF! j-h.io/htb-cyber-apocalypse2022)
Help the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
Don't be sorry. It is important for people that are new to programing to see that despite how talented and or expierenced one is that we stil can get stumbled up on things even if it is a miss spelling that can eat away hours of your time.
Great job as always and thank you.
I'm trying to get started in the infosec field after completing an unrelated undergraduate degree. It's fascinating stuff, but it's very easy to get discouraged. Seeing John encounter difficulties and work around them is inspirational. If a seasoned pro has a hard time with PicoCTF, that makes me feel a lot better about having a tough time applying the theory I'm learning.
For curiosity, what's degree have u done? :D
I'm currently learning exploit development, ur vids r rly helpful man, they give me a general idea for such things
Thanks for all the work you do it's very educative can't wait to see the next one
thanks for the video! it'll help a lot for the upcoming cyber apocalypse
Thank`s you John.
Super cool, hadnt seen pwntools or gef before this, but I love how clean that exploit script looks once it was done.
Very nice
super informative video!!
Seeing you struggle was so inspiring and encouraging. If you also have trouble sometimes then it's okay for me to struggle with almost all of the challenges 🤣
You the best!
I take a stab at Advent of Code every year, usually hitting the wall a bit over halfway through, and all I wanted last year was to make it on a leaderboard for the first time. I knew I'd have to do it with the easiest challenges in the first week, and it eventually happened to where I had "completed" a challenge fast enough that I would've finally made it. I was done and working in under two minutes... or I would have been except I had that same + instead of += typo on a line. It took me another 30 minutes of trying to find nonexistent bugs like index errors or off-by-ones before I realized the problem.... so maybe this year will be the year instead.
As others have said don't beat yourself up over it because it happens to the best of us. At the same time showing these occasional struggles over simple oversights greatly humanizes the process. It reminds us that even professionals can tunnel vision themselves away from a solution that was firmly in their grasp.
Keep up the awesome work, John!
Great python pwntool and gdb tutorial
Nothing to be sorry about, John. The topic of these videos require a longer video. I love working along on these with you and I feel good when I figure things out around the same time you do, or at least I understand what you're talking about. It means I learned well form your videos so far. Thank you!
Pwn tools seems to be targeting walk throughs which is hell helpful !!
Huntington beach California here
Hello, John! Read about subparser for argparse ;)
John please do more videos related to Buffer overflow ...
cool
I'm sure John knows this and is just using argparse manually to learn and teach. But, for anyone interested, `pwn template` actually gives you a template for your exploit including local/remote support.
Hi John, thanks for another great video!
I have a question about reading the value of ebp, when you have set it to cafef00d. I know the ebp+0x8 is cafec00d but when I do the
"x $ebp+0x8" it prints "
\360\376\312
\360\003". Why is that? 🙂
John, these are great vids- thanks! just starting out and really like rev eng but aside from CTF's , how is this an in demand skill for the real world?
i think blue team seniors do rev eng. its not a junior level skill afaik.
Very cool! How many hours you spend per day doing this stuff before you know what you're doing from daily work to late night I suppose? :)
dude i did pretty much the exact same thing, i dont understand that when i put the address of win it would jump there and anything following that would just get moved into the eip register preventing me from stepping through win.
Arg 1to transfer arg 2
Part 2
Integer value given?
Integer over /underflow what tlime.
I don’t know Seth Rogan was in infosec
Not 0?
man still playing pico ctf 🕴..
44:58 armchair programming here, but (not x OR no y) is just (x AND y)
I might be stupid but I don't think that's true?
IF ( NOT x OR NOT y) doesn't that mean either x could be 0 or y could be 0, the logic succeeds-- while with IF ( x AND y ), the logic only succeeds if both x is 1 and y is 1?
Actually, it's equal to NOT (x AND y). de Morgan's Theorem.
R vilu number what uuink k collections.
Byipas
f̸̫̱̑̒͋͂͐͋̋̐̕u̶̼̻̦̥͔̍̈́͒̆͗̃̀͂͆̚z̶̨̨̢̛̲̰̯̹͍͚͕̒͑z̸̡̛͙̖͖y̵̪̜̞͇̜͕̏̅̈́͌̀̎̕L̶̢̛̫͉͓̙̏͛̓̈́̽o̴̪͈͓̮͐̋̐̇͒̑͊̊̕ģ̷̭͕̽͊̈́̋̀͛́ỉ̵̼̮̹̖̙̣̘͔̞͜c̵̙͙̍̈́̈́̄͆̌̆̈́͘F̶̦̈̆̏̊̈́̈́͘͝Ṭ̴̛͙̺̰̬͇̫̟̞̃̀̈́́̚̚͝W̶̬̺͓̯͕̿̒
Wtf
Haaa part 2, 3, 4 opening 🪟