In an extra scene from CYBERWAR, George Hotz (geohot) shows Ben Makuch how to perform a binary exploit. This content is not owned by me. www.viceland.c...
That vice guy is a moron, thinking he can trap a guy like a geohot. These (especially vice's) reporters are so limited with their mind that they think everyone else must be limited.
In most cases, the risk of hiring a hacker outweighs the benefits. True hackers tends not to be motivated to be available for hire. But if you are lucky, you may find one.
Wayne Rooney fuckin hate html and css and JS shit they don’t teach you buffer overflows and binary exploits, they just teach you frontend web development and design that shit’s boring
@@gonzalo4658 I am actively programming for past 3+ years and I've been avoiding web development. Few days ago I started learning html with css and I must say that css is fucking. terrible. I hate it so much, it's the worst pain, I almost died in agony after 1 hour of learning it. Bleh I don't ever want to work with this fucking shit ever again (I certainly will have to someday tho :D). Next thing - javascript isn't just for web development, and it definitely isn't just for front-end web development.
@@matejpesl1 oh man i hate css, that shit is terrible, i guess you better start python its really awesome and easy to learn you will be amazed i already start like 4months ago and right now i can do alot of things with it.
You can "learn/do" most of this stuff with the use StackOverflow/BufferOverflow (if you get my drift... apparently some don't ;) Seems like GeoHotz thinks on a whole other level than most of us mere mortals. Basically he could make the host disappear in a puff of smoke if he wanted to ... lol
@@BillAnt You shouldn't compare yourself to george hotz. Guys a talented computer expert that puts alot of time in it. Some of us have lives, you know. Not saying he doesn't but I was doing something else on my 16th compared to Geo.
@V < Not sure what you mean, I wasn't comparing myself to anybody or anything, in fact I said he "thinks on a whole other level than most of us mere mortals."
@@v380riMz Can I assume you are american just because you said he is "talented"? This guy is not talented, he just loves what he does and that makes him practice a LOT! I bet that if you go on a weekend to his house he will be playing around with some piece of code he has written just for fun. Talent is a word people came up with to justify their lack of competence to learn something.
@@ev.c6 He has jailbroken the first iPhone and reverse engineered the PS3 and made a jailbreak for the PS3 too, all at a young age. He IS talented, and yes ofcourse he puts in alot of time and practice into this, but an average person won't do things he did at a young age.
MattyBoyCx No they don’t, a lot of very smart ethical (white hat) hackers that work for the government but black hats have much more of a reason to study and learn more than your average, they compete with entire countries and gov organizations alone so think about it
@@TwoLeggedTriceratops Exactly. I've read this story about a System admin that worked 7 days a week. Literally every day to work on the systems, update them, fix potential errors etc. What people didn't know is that he exploited the systems with a simple code that if he didn't check in that morning, the systems wouldn't work. So when they fired him they couldn't get their systems working, only with his help since it was hidden so well. It kept going on until he got a higher and higher paycheck. I'm not 100% sure this is a legit story, but it's a damn good one
Wow. pure knowledge. He explains so clearly. Edit 1: If any one is thinking why this simple comment has so many upvote's, its simply because this comment was made very early ,that is all there is to it.
This person is very interesting. He is at the same time undoubtable a genius and absolutely clueless. Just watch a interview with him talking about his self driving cars startup...
Julian Fuchs < I know what you mean, he's definitely good at tech, however he seems a bit conceited along with a little social awkwardness... but that 's how most geniuses are. :D
yui chan it would be triggered by a user downloading or giving access without them knowing, usually an email, downloading unknown software, etc. Then the hacker can attack and manipulate the user’s computer.
What amazes me about Geohot is his speed at which he can learn things and how he can articulate these concepts on the fly. As a fellow developer I am amazed at the speed he codes things sometimes on those live streams, I wish my mind worked at those speeds.
4 роки тому
Youd have to be born with it. Usually people with a disability of some sort mentally have a gift to learn something fast or even being a genious.
He really is built different. He joined my year in college, took the hardest classes and got all As. Said school was too easy and dropped out. I don’t think hes the smartest person ever (I’ve met smarter) but his ability to learn quickly is truly incredible.
@@mariusklinkenberg5915 Yes it does. Having minecraft on your pc is a way to play minecraft on your pc. Not having it means that you can't play minecraft on that pc.
it's a common type of weakness (a few years) where a communication protocol takes commands on how to do something and they forget to check if the command is within expected limits because they were just trying to get it to work, not thinking about hacking in every aspect of the code they make. So imagine the target computer expects something to be placed in a filing cabinet of which there are ten but you ask it to place it in cabinet number 11. Because there are no checks it simply does that which is the next place in memory. That place could be on the desk of the vice president. Which lets you write an order to the vice president and he will carry it out if it's well crafted. That's an analogy of course. In reality you write stuff to memory where you are not supposed to in the hopes that some of what you are overwriting is not data but software that is later run by the host computer. The moment the computer goes through some of the code you have written it is completely derailed relative to what it was doing prior. You may have to experiment a lot to find the right place for the right code before it works and it might freeze many times. But when found, it's found. And it's a key that can be used on all such systems. Windows had such a weakness once. It was a big problem :)
how did he act on the same level as George? Did he correct George? Did he overtalk him? No, he paid attention, listened and asked sensible questions to confirm his understanding.
@@AndyChamberlainMusic try fixing a new Apple iPhone. If you can't get a third party to fix it, and you can't fix it yourself, is it really "yours"? Isn't it essentially just part of a "service" you are leasing from them? More explicitly, Windows 10, really isn't yours to buy. You're paying money, but it isn't yours. I know you were trying to make a different point, but maybe it's a good time for you and your upvoters to rethink this.
@@squirlmy yes, I agree entirely. My point was that if you purchase something it should be considered yours. That is often effectively isn't, is a problem.
He likes to drink a ton of tea on his streams for the l theanine. Sometimes he just takes capsules of theanine (like the beginning of his bitcoin stream i think). That shit helps you focus for hours especially if you pair it with caffeine or modafinil.
People like him should be funded. Its too bad he isnt....at least not that much. Comma, AI is cool, but id like to see him venture into something else.
@@19haza97 it pretty much does nothing but counteract caffiene jitters. And green tea, even matcha, only has tiny amounts that are pretty much ineffective. I've taken a couple of grams a day for months, and it is a waste. Certainly any more than 2:1 caffeine is pointless.
@@phatzonki is he? Isn't it closer to the truth to say we, or the interviewer, is dumb enough to not get him to incriminate himself further? He's suggesting he knows, by denying he knows in a very limited context. By saying he doesn't know anyone, he's hinting that he might, but then again he might be telling the truth. Just jokingly hinting that he isn't. It's buffer overflow for the human brain.
@@sully3996 ya, it's probably one of the most common attacks, but super easy to protect against. Thats why when taking courses in computer science or software engineering, they stress patterns and overall good coding styles
@@TheFatcake1234 "they stress patterns and overall good coding styles" This.. I guess it depends on the school you go to, but a large majority of the courses I've taken in the past have forced us to use a certain style guide and certain ways of programming. We would lose major marks for failing to do so.
@@ma77bc exaclty! I think in most schools they focus on it. There's are common ground rules that must be followed to receive full marks at my university aswell.
Those who don't know, this guy is a hero for tech savy people. He's the first who hacked iPhone. He fucked Sony when he was 17, wrote a code and deployed it online so that people can enjoy whatever they want to, with complete freedom. Same with iPhone, he fully unlocked iPhone. He developed a self-driving car in his garage. He turned his normal car into a self driving car with small modifications. It cost him less than a $1000. Code was for free. Rest was the equipments. A Million props to this man!
@Hard Knight I had tried to set up an evil twin ap and recreated the router login page of my target specifically asking for the access key to be entered again ... But I failed to get it working and gave up lol ☠
I've been following George for years. He is really smart and a very simple person. Sometimes people blame a hacker who has a sense of justice and no interest in money, but turn a blind eye to organization that only care about money and power.
Here to explain for some people who still dont understand what is actually happening here . on his macbook he is running Xwindow manager and a vulnerable socket server . Then from his computer he uses first IDA tool for disassembling the executable , then he uses his own tool called QIRA to get register information so he could know when he overflowed the stack and at what address. He made an exploit that overwrites the buffer and has a shellcode that runs /bin/sh (shell) and a fictitious return address so that the instruction pointer can return to it , and after that sends the exploit to socket server on his laptop. so now when he ran the exploit and got access, he overflowed the buffer , started new process /bin/sh and ran xcalc( xwindow’s version of calculator). voilla
1:52 Geohot: See all those a's there? Interviewer: .....yeah.......... Inside interviewers head: What the hell is this guy talking about, I'll just say the least and pretend like I understand.
I love Geo he’s too fucking smart to tell that guy what he really does and makes it so believable. Social engineering hack and a computer hack in 1 video. Genius.
I know the feeling this guy gets by doing this. Its the same feeling I get when I type: "sudo apt-get install update" on my raspberry pi and it starts spitting out line after line in the terminal as I sit back rubbing my hands together like I'm awaiting the confirmation that I've just cracked the password on an NSA supercomputer.
I watched this a while ago and had no idea what he was talking about, im in my third year of CS and i get some it now lol. George must be on a ridiculous level!
A great demonstration. Buffer overflow attacks are a lot less common nowadays, as most application creators are pretty careful in making sure that buffer parameters are correctly programmed to disallow overflow attacks. But yes, the ultimate goal of establishing a shell from the target machine was accomplished. From here most hackers would look for a way to create a backdoor and install malware (like a keylogger or other malicious forms of spyware. It depends on their intentions).
That's not true. Buffer overflows are still extremely common. You can find tones of examples in big companies. Further more, a keylogger is an archaic form of malware, they really aren't that scary at a technical level. Most payloads, ie. a metasploit reverse shell, comes with one *and* other tools for malicious actors. I would even make a gander and say keyloggers are probably less common in the desktop user space than things like ransomware, botnets or crypto miners (botnets being a big one). There just isn't really an easy way to make keyloggers as effective. You would need to sort through all of the data, and then once you have the data do what? Sell it? There are more effective ways of getting data if all you want to do is sell it or use it.
Im a soft engineer, Mainly OS kernels. Ive met 1-2 people who are talented at this type of low level. This is not something you go to school for, its pure talent, its how fast their brain can make connections and transform it to code. These people will never get fired for anything lol.
@@helloVorld1212 I think that the way you learn things also plays a big role here, When I was starting to study programming and computer science in general, I remember there were some subjects that I couldn't catch as fast as other subjects, for example when I first saw what recursion is, I didn't really understood how it worked until I found some explanation that my brain accepted and after that I could actually apply it, and this happened to me with different things. I guess that different brains needs different kind of ways to see a problem in order to actually realize what is the solution. There is no universal way of explaining something that everyone will understand.
There are tons of people with low level experience. This isn't something new. The different is, most people don't show off. You probably don't know, but george didn't even jailbreak the iphone himself,most of the work was done for him and then he took credit for everything. He's a good programmer, but not the god-like prodigy that people idolize him to be.
Hey man. What would you say are the best resources for learning to hack when you are a "begginer" in the Cybersecurity field (not really in IT, since i have networking and programming background?). Like youtube channels, books, articles - anything where I actually learn some of these typical techniques.
@@homelander4926 Google tryhackme, your welcome also parrot os or Kali Linux is a good place to start for a os to use for pen testing just use a vm or old laptop also some / most Wi-Fi cards won't work in monitor mode so take a look at Wi-Fi adapters that support this feature on linux
@@JDM-Chaser Yep I got kali and also on tryhackme. Now I am watching a Zero to hero tut from Cybermentor. Its really impressive. Do you have any other resources, channels, blogs or something else that I could immerse in? Thanks :)
@@Sean-vh1rr This guy is the first person who managed to hack iphone and PlayStation, he hacked Apple and Sony and got sued for it. The only reason why he is known or got caught is because he shared these hacks for everyone to use.
Just FYI this guy is not your average hacker. Geohotz is like the boss of all the hackers you fight at the end. This guy was one of the first people to hack the iPhone at 17, then the PS3, and later formed a software to make virtually anycar seld-driving and to the point to compete with Tesla...then put it out for FREE. He regularly does bug bounty's and hacker comps and has made tons of money in that, and is currently programming A LANGUAGE. He is leagues above an average person in intelligence and is very careful in the way he speaks when he does interviews. No telling the extent of what he's in.
So, if any any of you are old enough or are interested in hacking, there was a guy by the name of Adrian Lamo. Well, I wound up in a way hacking my way into talking with him years before he died. I felt like a little legend. His AOL screenname name was "Alamo". I unintentionally used an exploit/vulnerability to randomly make communication with a legend.
Always avoid buffer owerflow by sanitizing the input points in your program. Never allow it to execute or behave unexpectedly. Yea it's hard to see . But if you are caucious enough at all the points in your program where ever there is an input points and you are able to prove theoretically that it is impossible for it to misbehave. Then you are good to go
1:03 HACKER : Point out monitor 1 and monitor 3 HOST : Checking software shortcut on middle monitor and found steam. Start wondering "Did he bought or just hack all games" for whole this lessons
its there in all the computers, shell is just a software/interface through which the person interacts with the operating system. So normally you click on files they open, you click on folder and you can go inside the folder, these things used to be done through the shell in old days (and programmers still use it)but now we have a nice graphical interface.
The ONLY thing most people in the comments are missing. While you guys give the dude a names, calling him "talented", "dedicated", "smart", etc. - the dude just grinds his shit. Meanwhile you give him names, watch his videos, live a life - meanwhile all the people of the "big offices of the big companies" sit there 50 hours a week or something and then have a happy family life... All this time dude just wacks the shit, for fun, for knowledge, for the heck of understanding how things work. And that's THAT bloody simple, that's the secret on how to beat Sony, Tesla, or whatever the fuck - not to be hobbyist. To be obsessed professional. Leon the Killer of the IT, for the sake of it all, lol. With a sniper rifle in a wardrobe... Dedication pays.
The guy was essentially trying to ask “okay, so you can open browsers. But what else can people do? What is at risk when being hacked?” But never found the words for it. But geohot took it as though he was trying to figure out what other hackers already did to people… I’m still curious what can be done once your “in” someone’s machine. What are some examples of productively malicious hacks that can be done with minimal cooperation from the victim
@@PentestsandTech what ?? how he inject the code on his laptop without touching it ?? his laptop r just connected to he's wifi . can you explain to me how he hack owe his laptop without touching it via network just by bffer overflow the software just running on the victim laptop ?
@@yuichan1866 It's called remote code execution. If the target is on the same LAN as you, and is running vulnerable software with open ports, it is very easy to exploit. For that matter if the target is on the internet and running vulnerable software it's easy to exploit too, for example if you have an outdated version of Windows running outdated Chrome with known exploits, it is very easy for anyone to hack your computer just through setting up a shady website. Updated software can be hacked too, but it's much more difficult as you need to find zero days, which are unpatched exploits the dev doesn't know about. Zero days are often worth a lot of money depending on the level of access they provide. A full exploit chain allowing remote code execution, privilege escalation, and persistence on iOS or Android can be worth literally millions.
@Oliver ive started learning c programming can you tell me how to learn it more quickly and effectively ??????? how can i go from beginner level to geohot level i mean understanding all these complex stuff ?? and languages
casually compares his skills to having a Sniper Rifle in a closet, and immediately denying “he doesn’t know any of that” it’s the Main reason it’s like having a Sniper Rifle in a closet.
In most cases, the risk of hiring a hacker outweighs the benefits. True hackers tends not to be motivated to be available for hire. But if you are lucky, you may find one.
0- Mindset Hacker Pensar Fora Da Caixa 1- Lógica De Programação 2- Linguagem C & C++ & Python 3- Web & Rede De Computadores 4- Sistemas Operacionais Linux & Windows 5- Conhecer Vulnerabilidades.
This guy is a defense attorneys dream. Never admits to anything, dodges questions and never opens up anything to guilt
It's because he's smart
Naw. A defense attorney’s dream client would’ve started by responding with “What do you mean by hack?”
That vice guy is a moron, thinking he can trap a guy like a geohot. These (especially vice's) reporters are so limited with their mind that they think everyone else must be limited.
I am always wondering if it is possible to hire a hacker without risks?
In most cases, the risk of hiring a hacker outweighs the benefits. True hackers tends not to be motivated to be available for hire. But if you are lucky, you may find one.
alright, time to come back to my html tutorial
drew luna you gotta start somewhere right?
Wayne Rooney fuckin hate html and css and JS shit they don’t teach you buffer overflows and binary exploits, they just teach you frontend web development and design that shit’s boring
@@gonzalo4658 I am actively programming for past 3+ years and I've been avoiding web development. Few days ago I started learning html with css and I must say that css is fucking. terrible. I hate it so much, it's the worst pain, I almost died in agony after 1 hour of learning it. Bleh I don't ever want to work with this fucking shit ever again (I certainly will have to someday tho :D).
Next thing - javascript isn't just for web development, and it definitely isn't just for front-end web development.
@@matejpesl1 oh man i hate css, that shit is terrible, i guess you better start python its really awesome and easy to learn you will be amazed i already start like 4months ago and right now i can do alot of things with it.
@@sul3y if you read it properly, I said that I'm programming for more than 3 years.
"I only do it on my machines."
- geohotz
I feel like he lied for legal reasons lol
and Sony's
Maybe his machine brand is sony. 😂
Depends on what he "owns"
@@FalconMasters he did it because once you buy the machine it should be yours
The guy getting the lesson has no idea what he is on about ha.
You can "learn/do" most of this stuff with the use StackOverflow/BufferOverflow (if you get my drift... apparently some don't ;)
Seems like GeoHotz thinks on a whole other level than most of us mere mortals.
Basically he could make the host disappear in a puff of smoke if he wanted to ... lol
@@BillAnt You shouldn't compare yourself to george hotz. Guys a talented computer expert that puts alot of time in it. Some of us have lives, you know. Not saying he doesn't but I was doing something else on my 16th compared to Geo.
@V < Not sure what you mean, I wasn't comparing myself to anybody or anything, in fact I said he "thinks on a whole other level than most of us mere mortals."
@@v380riMz Can I assume you are american just because you said he is "talented"? This guy is not talented, he just loves what he does and that makes him practice a LOT! I bet that if you go on a weekend to his house he will be playing around with some piece of code he has written just for fun.
Talent is a word people came up with to justify their lack of competence to learn something.
@@ev.c6 He has jailbroken the first iPhone and reverse engineered the PS3 and made a jailbreak for the PS3 too, all at a young age. He IS talented, and yes ofcourse he puts in alot of time and practice into this, but an average person won't do things he did at a young age.
Hacks in, opens calculator. Seems like a nice guy.
Lol its just a rat not hard to get
Callmebanned wrong
If you can pop a calc, you can pop anything else.
OverMighty right but he can do everything a rat can do
Moldygreenbean and what do your know about hacking
What is scary is that there is someone out there as smart as Hotz with no moral backbone.
T. Thomas actually there are many but the worst of the worst work with governments.
MattyBoyCx No they don’t, a lot of very smart ethical (white hat) hackers that work for the government but black hats have much more of a reason to study and learn more than your average, they compete with entire countries and gov organizations alone so think about it
@@skskdbehsu A white hat turns black in the dark.
@@TwoLeggedTriceratops Exactly. I've read this story about a System admin that worked 7 days a week. Literally every day to work on the systems, update them, fix potential errors etc. What people didn't know is that he exploited the systems with a simple code that if he didn't check in that morning, the systems wouldn't work. So when they fired him they couldn't get their systems working, only with his help since it was hidden so well. It kept going on until he got a higher and higher paycheck. I'm not 100% sure this is a legit story, but it's a damn good one
@@oourdumb what is a Grey Hat Hacker?
Wow. pure knowledge. He explains so clearly.
Edit 1: If any one is thinking why this simple comment has so many upvote's, its simply because this comment was made very early ,that is all there is to it.
And I still understand shit. Fuck my life.
@@RabbitConfirmed < Just hit Play again... tsk-tsk jk
This person is very interesting. He is at the same time undoubtable a genius and absolutely clueless. Just watch a interview with him talking about his self driving cars startup...
Julian Fuchs < I know what you mean, he's definitely good at tech, however he seems a bit conceited along with a little social awkwardness... but that 's how most geniuses are. :D
@@BillAnt I think you're looking for the word conceited.
Him: i analyzed the code and changed the buffer overflow
Me: *yes*
but how he attack the laptop just by using code on his computer or did he deploy the code on his laptop first to gain access ??
@garden patterns thanks , but i don't still understand . did he attack the port of vulnerable software to gain access ??
yui chan it would be triggered by a user downloading or giving access without them knowing, usually an email, downloading unknown software, etc.
Then the hacker can attack and manipulate the user’s computer.
@@J0hn.R Ow thanks for the reply so he basically social engineer the use to click the bait, thanks now i knw
@@mikimuzika i was thinking too because he doesn't use the mac laptop , so i was thinking this is buffer overflow over the network .
No one:
FBI guy:
"enhance it"
Hahaha did u make this up or am I late to a running meme
@@jayeldubyew4930 It's indeed a pretty old meme!
@@SongakuLive oh haha well it had me laughing 😂
I just LOLed so hard
Hahahahaha
he strangely reminds me of quentin tarantino, a bit toned down.
Someone described his mannerisms and behavior as being super villain-esque.
hahaha true man, very true.
LOL yeah
Holy shit that is a really good observation
He reminds me of Syndrom from the Incredibles.
Someday he becomes a crazy ass super villan.
Everytime i become demotivated i get back here to watch this guy and strangely enough i become motivated again
Geohot handles them questions well... other guy handling Geohots answers, not so much.
What amazes me about Geohot is his speed at which he can learn things and how he can articulate these concepts on the fly. As a fellow developer I am amazed at the speed he codes things sometimes on those live streams, I wish my mind worked at those speeds.
Youd have to be born with it. Usually people with a disability of some sort mentally have a gift to learn something fast or even being a genious.
Practice I guess. Lol
@@1122slickliverpoolNah, adderalls.
Then strengthen those neurons :)
He really is built different. He joined my year in college, took the hardest classes and got all As. Said school was too easy and dropped out. I don’t think hes the smartest person ever (I’ve met smarter) but his ability to learn quickly is truly incredible.
Everybody gangsta until the hacker has minecraft in his desktop
Makes no difference
@@mariusklinkenberg5915 Yes it does. Having minecraft on your pc is a way to play minecraft on your pc. Not having it means that you can't play minecraft on that pc.
Masterpiece that’s perfect
on
@@lucaslindgren3237 Unless you play the Browser version
wow... that's incredible... (I have no idea what he is talking about)
The jibbidee doo goes to the dibbidee doe and connects to the woo tang clan + sniper rifles.
no its not javascript, its python and assembly lol
it's a common type of weakness (a few years) where a communication protocol takes commands on how to do something and they forget to check if the command is within expected limits because they were just trying to get it to work, not thinking about hacking in every aspect of the code they make. So imagine the target computer expects something to be placed in a filing cabinet of which there are ten but you ask it to place it in cabinet number 11. Because there are no checks it simply does that which is the next place in memory. That place could be on the desk of the vice president. Which lets you write an order to the vice president and he will carry it out if it's well crafted. That's an analogy of course. In reality you write stuff to memory where you are not supposed to in the hopes that some of what you are overwriting is not data but software that is later run by the host computer. The moment the computer goes through some of the code you have written it is completely derailed relative to what it was doing prior. You may have to experiment a lot to find the right place for the right code before it works and it might freeze many times. But when found, it's found. And it's a key that can be used on all such systems. Windows had such a weakness once. It was a big problem :)
Very nice explanation.
@@Michael-dw7td but how would he disassemble the program on his machine if he had not yet hacked into his machine ?
"No I dont know any of those people"
"No I dont have any exploits"
Riiigghhhtt
his a white hat
This is pure comedy! That interviewer was lost as hell but he acted as he was on the same level as George
exactly
how did he act on the same level as George? Did he correct George? Did he overtalk him? No, he paid attention, listened and asked sensible questions to confirm his understanding.
ahhaaha omg
"I only do on my machines"
Sony and Apple have left the chat !!
if you buy one of their machines, it's your machine. That's what buying is
@@AndyChamberlainMusic try fixing a new Apple iPhone. If you can't get a third party to fix it, and you can't fix it yourself, is it really "yours"? Isn't it essentially just part of a "service" you are leasing from them? More explicitly, Windows 10, really isn't yours to buy. You're paying money, but it isn't yours. I know you were trying to make a different point, but maybe it's a good time for you and your upvoters to rethink this.
@@squirlmy yes, I agree entirely. My point was that if you purchase something it should be considered yours. That is often effectively isn't, is a problem.
He is so smart. He streams for hours just programming.. it's amazing the level of focus this guy has
He likes to drink a ton of tea on his streams for the l theanine. Sometimes he just takes capsules of theanine (like the beginning of his bitcoin stream i think). That shit helps you focus for hours especially if you pair it with caffeine or modafinil.
@@blo0mfilter868 imagine what he could do on Adderall, some Limitless shit
People like him should be funded. Its too bad he isnt....at least not that much. Comma, AI is cool, but id like to see him venture into something else.
@@blo0mfilter868 Is that stuff bad for you? Like do you become reliant on it if you take it as much as he does?
@@19haza97 it pretty much does nothing but counteract caffiene jitters. And green tea, even matcha, only has tiny amounts that are pretty much ineffective. I've taken a couple of grams a day for months, and it is a waste. Certainly any more than 2:1 caffeine is pointless.
"I don't know any of those people", thats what someone who really does know them would say
Yeah, hes smart enough not to bust himself. 😂
@@phatzonki is he? Isn't it closer to the truth to say we, or the interviewer, is dumb enough to not get him to incriminate himself further? He's suggesting he knows, by denying he knows in a very limited context. By saying he doesn't know anyone, he's hinting that he might, but then again he might be telling the truth. Just jokingly hinting that he isn't. It's buffer overflow for the human brain.
If anyone is a computer science major or software engineer major, they actually assign a buffer overflow attack as homework.
whatsyourAOL so we get trained in secrecy to affix with anonymous
Really?
@@sully3996 ya, it's probably one of the most common attacks, but super easy to protect against. Thats why when taking courses in computer science or software engineering, they stress patterns and overall good coding styles
@@TheFatcake1234 "they stress patterns and overall good coding styles" This.. I guess it depends on the school you go to, but a large majority of the courses I've taken in the past have forced us to use a certain style guide and certain ways of programming. We would lose major marks for failing to do so.
@@ma77bc exaclty! I think in most schools they focus on it. There's are common ground rules that must be followed to receive full marks at my university aswell.
Those who don't know, this guy is a hero for tech savy people. He's the first who hacked iPhone. He fucked Sony when he was 17, wrote a code and deployed it online so that people can enjoy whatever they want to, with complete freedom. Same with iPhone, he fully unlocked iPhone. He developed a self-driving car in his garage. He turned his normal car into a self driving car with small modifications. It cost him less than a $1000. Code was for free. Rest was the equipments.
A Million props to this man!
4:36 Geohot: It's like kinda how you have a sniper rifle and not talk about it right
Ben: nervously nods and says... right
Great editing...
talking about code and showing the screen once every full moon...
That guy has SNIPER RIFLES by the dozens in his closet. (^-^)
The guy has a freakin' rocket launcher in his closet ;)
He no need any gun to destroy empires.
Welcome to the CyberWar!
He has Nuclear Bombs
He has his massive balls stored in his closet, so he can walk around normaly.
@@RabbitConfirmed this one was lit
1.Buffer Over Flow Attack
2.Binary Exploitation
3.Virtual Machine Zero Day Exploit
@Hard Knight I had tried to set up an evil twin ap and recreated the router login page of my target specifically asking for the access key to be entered again ...
But I failed to get it working and gave up lol ☠
I want to learn 🙏
Mix Wood oh yeah
I've been following George for years. He is really smart and a very simple person.
Sometimes people blame a hacker who has a sense of justice and no interest in money, but turn a blind eye to organization that only care about money and power.
Mass media is doing that. Brain washes everyone into thinking bullshit.
The keyboard clicks orgasm to my ears.
You are sick! ☝🏻😀 But right 🤣
It's annoying as fuck they should have muted it out
its because hes sending neo for the true attack
Here to explain for some people who still dont understand what is actually happening here . on his macbook he is running Xwindow manager and a vulnerable socket server . Then from his computer he uses first IDA tool for disassembling the executable , then he uses his own tool called QIRA to get register information so he could know when he overflowed the stack and at what address. He made an exploit that overwrites the buffer and has a shellcode that runs /bin/sh (shell) and a fictitious return address so that the instruction pointer can return to it , and after that sends the exploit to socket server on his laptop. so now when he ran the exploit and got access, he overflowed the buffer , started new process /bin/sh and ran xcalc( xwindow’s version of calculator). voilla
I still don't know whats happening but i appreciate the explanation
Thanks for those details!
Cabbage?
wow geohot still at it what a legend
FAT NIGGA™
@@vanixtv9806 hahahah
1:52
Geohot: See all those a's there?
Interviewer: .....yeah..........
Inside interviewers head: What the hell is this guy talking about, I'll just say the least and pretend like I understand.
YEAH!!!
Maniac50AE have you seen cyberwar? He’s a great interviewer
I love Geo he’s too fucking smart to tell that guy what he really does and makes it so believable. Social engineering hack and a computer hack in 1 video. Genius.
This legend is not interested in knowing top hackers...He is interested in developing himself and finding vulnerabilities....
I know the feeling this guy gets by doing this. Its the same feeling I get when I type: "sudo apt-get install update" on my raspberry pi and it starts spitting out line after line in the terminal as I sit back rubbing my hands together like I'm awaiting the confirmation that I've just cracked the password on an NSA supercomputer.
This guy was expecting a Hollywood type hacking scene.
I’m not a hacker or anything but this guy gave me some great memories as a kid, the PS3 Jailbreak literally changed everything 😂 Hope he is doing good
Love that cyborg-like typing. He speeds up and slows down gradually.
If a new Matrix movie is planned in the future, please add this guy.
I watched this a while ago and had no idea what he was talking about, im in my third year of CS and i get some it now lol. George must be on a ridiculous level!
George is a genius.
Brooooo “but, it sounds cool to say that I might… right?” 😂
NPC vs Player
The man who jailbroke iPhone back in the day, genius!
and PlayStation also
I broke my iphone in jail before that 🤣🤗🤣😂
A great demonstration. Buffer overflow attacks are a lot less common nowadays, as most application creators are pretty careful in making sure that buffer parameters are correctly programmed to disallow overflow attacks. But yes, the ultimate goal of establishing a shell from the target machine was accomplished. From here most hackers would look for a way to create a backdoor and install malware (like a keylogger or other malicious forms of spyware. It depends on their intentions).
That's not true. Buffer overflows are still extremely common. You can find tones of examples in big companies. Further more, a keylogger is an archaic form of malware, they really aren't that scary at a technical level.
Most payloads, ie. a metasploit reverse shell, comes with one *and* other tools for malicious actors.
I would even make a gander and say keyloggers are probably less common in the desktop user space than things like ransomware, botnets or crypto miners (botnets being a big one). There just isn't really an easy way to make keyloggers as effective. You would need to sort through all of the data, and then once you have the data do what? Sell it? There are more effective ways of getting data if all you want to do is sell it or use it.
that guy totally has metaphorical sniper rifles in his closet haha
GEOHOTS! Don't scare off the interviewer lol
You lost the interviewer at "the only thing connected to that computer is the power cord". 🤣
Never have I wished to understand something so much lol. I'm a law student so I am loooooost. Geo really dodged those incriminating questions tho
geohotz: "I only do it on my machines."
Apple: ...
narrator: "George Hotz, does in fact, have sniper rifles in his closet"
Im a soft engineer, Mainly OS kernels. Ive met 1-2 people who are talented at this type of low level. This is not something you go to school for, its pure talent, its how fast their brain can make connections and transform it to code. These people will never get fired for anything lol.
How do they learn to become this good problem solvers?
@@rkkm67 you know, i think doing algorithms will teach you to see patterns. but still, this is not something you pick up over couple weeks to months
@@helloVorld1212 I think that the way you learn things also plays a big role here, When I was starting to study programming and computer science in general, I remember there were some subjects that I couldn't catch as fast as other subjects, for example when I first saw what recursion is, I didn't really understood how it worked until I found some explanation that my brain accepted and after that I could actually apply it, and this happened to me with different things. I guess that different brains needs different kind of ways to see a problem in order to actually realize what is the solution. There is no universal way of explaining something that everyone will understand.
There are tons of people with low level experience. This isn't something new. The different is, most people don't show off. You probably don't know, but george didn't even jailbreak the iphone himself,most of the work was done for him and then he took credit for everything. He's a good programmer, but not the god-like prodigy that people idolize him to be.
@@shadowpwls3what about when he hacked ps3
I can only imagine the script kiddies watching this not understanding a single word he says, don’t worry, we all started where you are now.
Hey man. What would you say are the best resources for learning to hack when you are a "begginer" in the Cybersecurity field (not really in IT, since i have networking and programming background?). Like youtube channels, books, articles - anything where I actually learn some of these typical techniques.
@@homelander4926 Google tryhackme, your welcome also parrot os or Kali Linux is a good place to start for a os to use for pen testing just use a vm or old laptop also some / most Wi-Fi cards won't work in monitor mode so take a look at Wi-Fi adapters that support this feature on linux
@@JDM-Chaser Yep I got kali and also on tryhackme. Now I am watching a Zero to hero tut from Cybermentor. Its really impressive. Do you have any other resources, channels, blogs or something else that I could immerse in? Thanks :)
@@homelander4926 hackthebox is also another pentesting website to learn
-So you have sniper rifles in your closet?
*Laughs diabolically*
-no. :)
We should try to make a community like this where we learn and teach each other
It does exist, search for some discord or social media group chats and you will find it mate :)
@@bro-fi4gc Do you have links?
Drop links please
A good hacker is famous, a great hacker is anonymous.
Similar to the best assassins/mercenaries you don't know until its too late.
But this guy is a cyber security expert, not a hacker committing crime....
You dont know what hacker actually means
He was sued by Sony
@@Sean-vh1rr This guy is the first person who managed to hack iphone and PlayStation, he hacked Apple and Sony and got sued for it. The only reason why he is known or got caught is because he shared these hacks for everyone to use.
Remember, this is the guy who started the psn hacking wave in 2011
Just FYI this guy is not your average hacker. Geohotz is like the boss of all the hackers you fight at the end. This guy was one of the first people to hack the iPhone at 17, then the PS3, and later formed a software to make virtually anycar seld-driving and to the point to compete with Tesla...then put it out for FREE. He regularly does bug bounty's and hacker comps and has made tons of money in that, and is currently programming A LANGUAGE. He is leagues above an average person in intelligence and is very careful in the way he speaks when he does interviews. No telling the extent of what he's in.
And I am happy to know a little bit in Kali 😭
So, if any any of you are old enough or are interested in hacking, there was a guy by the name of Adrian Lamo. Well, I wound up in a way hacking my way into talking with him years before he died. I felt like a little legend.
His AOL screenname name was "Alamo". I unintentionally used an exploit/vulnerability to randomly make communication with a legend.
This normie has no idea what's going on.
トラックリスト hes fucking clueless lol
Like you do
look out! a h4x0r leet xD
do you xD
Where the fuk can I łéăřņ to hãçķ
I hope the Government doesn't see what I said.
this guy seems like he could easily make a movie about hacking from his expressions
Its a super power i can confirm, but we tend to use it for good because jail isn't a great place of weak computer geeks.
Always avoid buffer owerflow by sanitizing the input points in your program. Never allow it to execute or behave unexpectedly. Yea it's hard to see . But if you are caucious enough at all the points in your program where ever there is an input points and you are able to prove theoretically that it is impossible for it to misbehave. Then you are good to go
He so has a truckload of exploits hidden away, burnt onto dvds and under one of his loose floorboards haha
The FBI isn’t watching George Hotz... George Hotz is watching them
You should probably explain what a shell is to him bro
Dude is thinking of a oil and gas company
He's thinking "you have a shell? Is that a metaphore or have you just come back from the beach?"
Bruh
He is really smart at dogging questions
"xploits are too valuable" what a piece of truth
he ended the conversation with probably the best sentence that could fit there hahahahahaha love this guy
0:56 "I have no idea what this guy is talking about... oh shit better keep nodding"
So Cool! Hotz sees the byte flow visually. First time I saw smtg like that.
1:03
HACKER : Point out monitor 1 and monitor 3
HOST : Checking software shortcut on middle monitor and found steam. Start wondering "Did he bought or just hack all games" for whole this lessons
He runs an exploit, thank you for the master class.
Nothing beats getting a shell.
Getting laid
@@luv2stack nope, its hard to beat the sense of accomplishment of getting a shell. Not that I have done it.
Remember watching this years ago and not understanding anything
Basically just ratted the pc through a exploit what a legend
What a beautiful room.
"I have a SHELL"...I wish i had a shell...
I prefer ARCO myself... cheaper
its there in all the computers, shell is just a software/interface through which the person interacts with the operating system. So normally you click on files they open, you click on folder and you can go inside the folder, these things used to be done through the shell in old days (and programmers still use it)but now we have a nice graphical interface.
Whoever filmed this, did they never think to point at the screen while he is explaining so that there's even a chance of me keeping up?
The ONLY thing most people in the comments are missing.
While you guys give the dude a names, calling him "talented", "dedicated", "smart", etc. - the dude just grinds his shit. Meanwhile you give him names, watch his videos, live a life - meanwhile all the people of the "big offices of the big companies" sit there 50 hours a week or something and then have a happy family life...
All this time dude just wacks the shit, for fun, for knowledge, for the heck of understanding how things work. And that's THAT bloody simple, that's the secret on how to beat Sony, Tesla, or whatever the fuck - not to be hobbyist. To be obsessed professional. Leon the Killer of the IT, for the sake of it all, lol. With a sniper rifle in a wardrobe...
Dedication pays.
Well said
Can only imagine the hell he has caused people who have seriously pissed him off. Especially those who have beat him down
Watch Dogs 3 confirmed!
...and 2 years later, Watchdogs: Legion gets announced lol
@@jamesdavis2318 Still here for watch dogs.
This is way harder than this video leads on, LOTS of work going on before he got to this point.
You lost me after "There's a vulnerable piece of software over there."
Geohot: "I only do it on my machines.."
Apple product: opens calculator
4:40 When you realize the guy front of you knows you hide sniper rifle in your closet
I personally prefer the same...the rifles are pretty expensive.
Remember, when receiving an explanation on anything from a guy like geohot, just keep nodding.
All I know is control alt delete..
Alt f4
Most famous way to stop any attack .
Power button off
The guy was essentially trying to ask “okay, so you can open browsers. But what else can people do? What is at risk when being hacked?” But never found the words for it. But geohot took it as though he was trying to figure out what other hackers already did to people…
I’m still curious what can be done once your “in” someone’s machine. What are some examples of productively malicious hacks that can be done with minimal cooperation from the victim
I don't understand how he used buffer overflow to get access to the shell of that computer.
He overrode the buffer, and then once he was outside the buffer he injected malicious code opening a shell.
@@PentestsandTech what ?? how he inject the code on his laptop without touching it ?? his laptop r just connected to he's wifi . can you explain to me how he hack owe his laptop without touching it via network just by bffer overflow the software just running on the victim laptop ?
@@yuichan1866 It's called remote code execution. If the target is on the same LAN as you, and is running vulnerable software with open ports, it is very easy to exploit. For that matter if the target is on the internet and running vulnerable software it's easy to exploit too, for example if you have an outdated version of Windows running outdated Chrome with known exploits, it is very easy for anyone to hack your computer just through setting up a shady website. Updated software can be hacked too, but it's much more difficult as you need to find zero days, which are unpatched exploits the dev doesn't know about. Zero days are often worth a lot of money depending on the level of access they provide. A full exploit chain allowing remote code execution, privilege escalation, and persistence on iOS or Android can be worth literally millions.
@Oliver send me that tutorial series pls i would love to understand how it works
@Oliver ive started learning c programming can you tell me how to learn it more quickly and effectively ??????? how can i go from beginner level to geohot level i mean understanding all these complex stuff ?? and languages
**Insert cringey comment of sk acting all weird about "normies" and pretending to be superior coz of knowing what a buffer overflow is**
lmao you just summed up 99% of the comments
@@m.j.productions2732 yeah lol
I don’t think a skid would know how or what a buffer overflow is
casually compares his skills to having a Sniper Rifle in a closet, and immediately denying “he doesn’t know any of that” it’s the Main reason it’s like having a Sniper Rifle in a closet.
He's like the Quentin Tarantino of hackers.
Lol
This guy is a legend! *THANK YOU*
why?
I have been asking and I hope someone honestly answers my question. Is it possible to hire a online without risks?
In most cases, the risk of hiring a hacker outweighs the benefits. True hackers tends not to be motivated to be available for hire. But if you are lucky, you may find one.
Well I guess I have not been lucky at all. Do you have any suggestions at all?
Search for BINARYREAP3R on Skype or gmail
B I N A R Y R E A P 3 R (AT) G M A I L C O M
Search the following on Skype
"Regardless of the hardware, service, or encoding
Connect it to the internet
And someone's gonna own it" - dual core
damn... this guy is crazily genius... as in binary programming.
This was like 5 years of computer security knowledge displayed in less than 3 min.
my face when learning a new language
0- Mindset Hacker Pensar Fora Da Caixa
1- Lógica De Programação
2- Linguagem C & C++ & Python
3- Web & Rede De Computadores
4- Sistemas Operacionais Linux & Windows
5- Conhecer Vulnerabilidades.
Binary exploitation is so underrated these days when all kids want to do is shell sites with basic web application vulns
Sadly truth, the real hacking is where you have enough patience to *analyze*
@@bro-fi4gc Where my GDB boys at