Big thank you to Brilliant for sponsoring this video! To try Brilliant for free (for 30 days) and to get a 20% discount, visit: Brilliant.org/davidbombal // UA-cam video REFERENCE // Free Exploit development training (beginner and advanced) ua-cam.com/video/LWmy3t84AIo/v-deo.html Buffer Overflow Hacking Tutorial (Bypass Passwords): ua-cam.com/video/c2BvS2VqDWg/v-deo.html // Stephen's Social // X: x.com/Steph3nSims UA-cam: www.youtube.com/@OffByOneSecurity // Stephen RECOMMENDS // Disassemblers: Binary Ninja: binary.ninja/ IDA Pro: hex-rays.com/products/%20ida/ Ghidra: ghidra-sre.org/ Free Learning Resources: An Intro to C for Windows Dev: www.sans.org/webcasts/intro-c-windows-devs/ Books Gray Hat Hacking Series by various authors: US amzn.to/3B1FeIK UK amzn.to/3A920AL The IDA Pro Book, 2nd Edition: The Unofficial Guide to the World's Most Popular Disassembler Second Edition by Chris Eagle US amzn.to/3Yv3srw UK amzn.to/3Wtz8e6 // David's SOCIAL // Discord: discord.com/invite/usKSyzb X: www.x.com/davidbombal Instagram: instagram.com/davidbombal LinkedIn: www.linkedin.com/in/davidbombal Facebook: facebook.com/davidbombal.co TikTok: tiktok.com/@davidbombal UA-cam: www.youtube.com/@davidbombal // MY STUFF // www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com // MENU // 00:00 - Intro 01:06 - Brilliant sponsored segment 02:36 - Stephen Sims // Off By One Security UA-cam channel 04:02 - Hello World 06:11 - Learning the C programming language 09:34 - Introduction to reverse engineering 13:57 - Functions explained 16:43 - Stripped explained 18:03 - Disassemble explained // Differences between flavors 25:11 - History behind the two flavors 25:58 - Disassemble explained continued 26:22 - Return oriented programming explained 27:14 - Reverse engineering demo 01:07:46 - IDA Pro Demo 01:16:42 - Conclusion Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #android #ios #hacker
A good reference for folks who like to learn from a book is Practical Binary Analysis (no starch press) - it does require familiarity with C and assembly.
I remember doing assembler language for the intel 80386 30 years ago. We had a colourful IDE all the registers were neatly displayed. It was much easier to follow then purely a text based solution. I remember stepping through my code and connecting directly to the hardware. Ridiculously fast executions.
This is probably one of my favorite videos I’ve seen this year. It does go deeper than others, but if you’re interested in this, if you’re interested in malware analysis and reverse engineering, this is a powerful primer
@@davidbombalThank you! I love your channel and videos, it’s honestly what inspires me to continue down the path of cyber security. I was also wondering about MOK management, Platform Keys, KeK Keys, etc (for UEFI bios) and TPM(secure boot) and what vulnerabilities this could prevent or even not prevent.
Smart guests, smart host, smart community makes davidbambal the legendary youtuber for not only who starting out but for intermediate and pros as well.
It's great quick overview of the underlying basic principles of Reverse Engineering. Thank you for this amazing content, that too for Free!. It really helps.
Pro tip: videos with sample code in them di much better because many can follow along and take oridw in ACTUALLY creating something to show off. Great video
There's a lot of "easy stuff" I haven't learned, so I don't mind if you cover the "easy" stuff because I still might learn something new! Steven is great, I watched every thing on his channel and learned a lot!
Thanks to all of you for this video I got better explanations. I want to learn advance things but most of the courses are expensive and trying to figure things out the hard way, since I am not following a well-known path.
Reverse engineering is really not for beginners. You need C, x86 asm, windows internals, system programming, know a dynamic debugging tool such as x64dbg, a static debugging tool like ghidra and hours of crackmes.
this is great for somebody who’s a programmer but never went this deep into it. i love it. its a great video for self teaching if you have a basic understanding of what’s going on
I try to give myself one day a week of gaming. It takes me forever to finish everything, but it is what it is. I will say this though, skyrim modding taught me a lot about how software works and is actually what got me into a lot of this.
Hello sir, this video is really great it gives a good idea about basics and how everything is going in reversing stuff this is very useful for people who are asking I want to learn reverse engineering, now this video made it clear in addition to the video was going in a simple and an interesting way at the end I want to thank you and him for that great effort best wishes ❤
awww, nice also can you make 'for dummies' introduction to this? give some analogy like morse code - code and decode the message then give a rough overview giving the starting point and the end result and then jump into the details lots of presenters jump right into nano details without linking them to the big picture
When i listen to this level of knowledge it reminds me of watching John Hammond reverse engineering videos. My brain literally brakes and pukes on itself, but once i listen to it again and i keep improving, i eventually get 0% of it. lol just kidding but also not kidding !! Please keep them coming. OTW is fun as well. Keep it fun @david. Good stuff !!
I always preferred AT&T syntax!! because it’s the way I learned and started assembly on 68k when I was seven yo. don’t get me wrong, I had to switch to Intel years after, but it was painful because 68k is kinda my “mother tongue” (and my blood is big endian lol) but things got better with ARM!
This was great! Loved the the first part dealng with Linux heap. But honestly the way Microsoft has been down right bellecose by foisting software without even asking. The're blatant disregard for security and being underhanded about bug bounties. And If Windows goes to the cloud, forget about it. Linux, Linux.
I want to move 5 apples into the basket... "move #5, basket" makes perfect logical sense. "move basket, #5" is, frankly, silly. "Ah but, with enough practice you can get used to anything" - true, but that's no excuse. It's the same with justifying "=" and "==" because context awareness doesn't exist.
This was amazing, but scary to think this was "very basic stuff". Can Stephen give a tutorial on how to go about reverse engineering and manipulating a saved game file?
Purchasing a stock may seem straightforward, but selecting the correct stock without a proven strategy can be exceedingly challenging. I've been working on expanding my $210K portfolio for a while, and my primary obstacle is the lack of clear entry and exit strategies. Any advice on this matter would be greatly appreciated.
1. Patching a DLL: How can I patch a DLL used by a Windows program so that when a function in the DLL is called, it logs a message to a file saying "I am called" and also logs the data in variables or the stack? 2. IDC Scripting: Can you help me write an IDC script for IDA Pro, or a similar script in Ghidra, that logs the functions being called, their addresses, the stack variables, and which part of the data file is being used when I run the program between two breakpoints? 3. How can I find out how a program reads an encrypted or obfuscated file and converts its content? Also, what are `bcrypt.dll` and `bcryptprimitives.dll` used for and how to use them?
Thank you for your continued sharing of valuable knowledge. Much appreciation for all you are doing. As I continue learning my ? is where would I look to see if an opensource distro is dialing out to someone after I install it.
6:01 Because if able to hex edit, imagine all the time you could save getting beyond the ninth level in super metroid using a custom exploit... 27:12 Yeah but this why y2k38 is so scary.
30:01: It's emtpy because $rip's value needs to be incremented by 0x7; i.e.: value of rip is referenced after lea is prefetched (or whatever its called). (gdb) x/s $rip+0xec0+7 0x555555556004: "Hi Mars" (gdb)
Purchasing a stock may seem straightforward, but selecting the correct stock without a proven strategy can be exceedingly challenging. I've been working on expanding my $210K portfolio for a while, and my primary obstacle is the lack of clear entry and exit strategies. Any advice on this matter would be greatly appreciated.
Big thank you to Brilliant for sponsoring this video! To try Brilliant for free (for 30 days) and to get a 20% discount, visit: Brilliant.org/davidbombal
// UA-cam video REFERENCE //
Free Exploit development training (beginner and advanced) ua-cam.com/video/LWmy3t84AIo/v-deo.html
Buffer Overflow Hacking Tutorial (Bypass Passwords): ua-cam.com/video/c2BvS2VqDWg/v-deo.html
// Stephen's Social //
X: x.com/Steph3nSims
UA-cam: www.youtube.com/@OffByOneSecurity
// Stephen RECOMMENDS //
Disassemblers:
Binary Ninja: binary.ninja/
IDA Pro: hex-rays.com/products/%20ida/
Ghidra: ghidra-sre.org/
Free Learning Resources:
An Intro to C for Windows Dev: www.sans.org/webcasts/intro-c-windows-devs/
Books
Gray Hat Hacking Series by various authors:
US amzn.to/3B1FeIK
UK amzn.to/3A920AL
The IDA Pro Book, 2nd Edition: The Unofficial Guide to the World's Most Popular Disassembler Second Edition by Chris Eagle
US amzn.to/3Yv3srw
UK amzn.to/3Wtz8e6
// David's SOCIAL //
Discord: discord.com/invite/usKSyzb
X: www.x.com/davidbombal
Instagram: instagram.com/davidbombal
LinkedIn: www.linkedin.com/in/davidbombal
Facebook: facebook.com/davidbombal.co
TikTok: tiktok.com/@davidbombal
UA-cam: www.youtube.com/@davidbombal
// MY STUFF //
www.amazon.com/shop/davidbombal
// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com
// MENU //
00:00 - Intro
01:06 - Brilliant sponsored segment
02:36 - Stephen Sims // Off By One Security UA-cam channel
04:02 - Hello World
06:11 - Learning the C programming language
09:34 - Introduction to reverse engineering
13:57 - Functions explained
16:43 - Stripped explained
18:03 - Disassemble explained // Differences between flavors
25:11 - History behind the two flavors
25:58 - Disassemble explained continued
26:22 - Return oriented programming explained
27:14 - Reverse engineering demo
01:07:46 - IDA Pro Demo
01:16:42 - Conclusion
Disclaimer: This video is for educational purposes only.
Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!
#android #ios #hacker
A good reference for folks who like to learn from a book is Practical Binary Analysis (no starch press) - it does require familiarity with C and assembly.
I remember doing assembler language for the intel 80386 30 years ago. We had a colourful IDE all the registers were neatly displayed. It was much easier to follow then purely a text based solution.
I remember stepping through my code and connecting directly to the hardware. Ridiculously fast executions.
This is probably one of my favorite videos I’ve seen this year. It does go deeper than others, but if you’re interested in this, if you’re interested in malware analysis and reverse engineering, this is a powerful primer
I'm going to watch this one twice. This guy is a great teacher.
Amazing how smart and how passionate he is, I have no idea what he was talking about half the time but I tried to lol. Great content as always David
We can all learn so much from Stephen! Look at the free C course he mentioned (linked in the video description).
@@davidbombalThank you! I love your channel and videos, it’s honestly what inspires me to continue down the path of cyber security.
I was also wondering about MOK management, Platform Keys, KeK Keys, etc (for UEFI bios) and TPM(secure boot) and what vulnerabilities this could prevent or even not prevent.
Smart guests, smart host, smart community makes davidbambal the legendary youtuber for not only who starting out but for intermediate and pros as well.
Way over my head, but I enjoyed it anyway. Thanks David!
yeah i'm so lost lmao, glad i'm not the only one
It's only over your head if you are short minded......😅
Everyone's "Hello World" is the gateway drug to programming.
😂
„gateway drug to programming“. Where have I heard that? ;)
(For anyone wondering I think the comment is mentioning fireship.)
@@atlantic_love it's a drug, therefore abused, not over-used
It was originally (if your old 😆)
10 print "hello world"
20 goto 10
@@davidbombal Bro can you make a video on how to extract vuln websites plz bombal sir ❤
It's great quick overview of the underlying basic principles of Reverse Engineering. Thank you for this amazing content, that too for Free!. It really helps.
Love to see some real deep tech videos from your channel David!
Pro tip: videos with sample code in them di much better because many can follow along and take oridw in ACTUALLY creating something to show off. Great video
There's a lot of "easy stuff" I haven't learned, so I don't mind if you cover the "easy" stuff because I still might learn something new! Steven is great, I watched every thing on his channel and learned a lot!
Was just looking into this topic. The timing couldn’t be better. Thanks! 🎉
Thanks to all of you for this video I got better explanations. I want to learn advance things but most of the courses are expensive and trying to figure things out the hard way, since I am not following a well-known path.
Reverse engineering is really not for beginners. You need C, x86 asm, windows internals, system programming, know a dynamic debugging tool such as x64dbg, a static debugging tool like ghidra and hours of crackmes.
yep it's hard but with song called omfg hello 😂 it fun am all in
this is great for somebody who’s a programmer but never went this deep into it. i love it. its a great video for self teaching if you have a basic understanding of what’s going on
Have you tried reverse engineering?
I know python its possible 😢
Great video and tutorial as RE is so critical. Thank you both!
You're welcome! I hope you enjoy the video!
Oh my god! Welcome back!!
I remember you i thought your last interview was SO COOL with David!
I can't wait to watch this episode.
This was fun, i cant fathom how good stephen courses are he is great at what he does
I try to give myself one day a week of gaming. It takes me forever to finish everything, but it is what it is. I will say this though, skyrim modding taught me a lot about how software works and is actually what got me into a lot of this.
Oh my goodness! the amount of excitement I got when I saw the video
So happy to hear that! 😀
Thank you for putting out great content David. Thank you as well Stephen!
Thank you. I hope you learn something new 😀
I was already subbed since last episode! And i read your book YEARS ago ^^
Huge fan Stephen!
Hello sir, this video is really great it gives a good idea about basics and how everything is going in reversing stuff this is very useful for people who are asking I want to learn reverse engineering, now this video made it clear in addition to the video was going in a simple and an interesting way
at the end I want to thank you and him for that great effort
best wishes ❤
@31:19, if x/s $rip+0xec4 doesn’t work, it’s because you also need to add the 7 bytes taken by the instruction, 0x…5ffd + 7 = 0x…6004
Absolutely love him. His channel is excellent too!
awww, nice
also can you make 'for dummies' introduction to this?
give some analogy like morse code - code and decode the message
then give a rough overview giving the starting point and the end result
and then jump into the details
lots of presenters jump right into nano details without linking them to the big picture
Keep sharing such amazing tutorials!!
David talks!!!
Cyber Rocks!!!😎😎😎
Thank you
Let's go over to heap internals in the next video - David please :)
When i listen to this level of knowledge it reminds me of watching John Hammond reverse engineering videos. My brain literally brakes and pukes on itself, but once i listen to it again and i keep improving, i eventually get 0% of it. lol
just kidding but also not kidding !!
Please keep them coming.
OTW is fun as well. Keep it fun @david. Good stuff !!
I always preferred AT&T syntax!! because it’s the way I learned and started assembly on 68k when I was seven yo.
don’t get me wrong, I had to switch to Intel years after, but it was painful because 68k is kinda my “mother tongue” (and my blood is big endian lol)
but things got better with ARM!
I think I’m in over my head on this one 😂
David my life ambition is to visit you atleast once
Thank you David for this video. I like it
You are very welcome. Glad to hear that!
how lucky i was to get to know this channel
This was great! Loved the the first part dealng with Linux heap. But honestly the way Microsoft has been down right bellecose by foisting software without even asking. The're blatant disregard for security and being underhanded about bug bounties. And If Windows goes to the cloud, forget about it. Linux, Linux.
I want to move 5 apples into the basket...
"move #5, basket" makes perfect logical sense.
"move basket, #5" is, frankly, silly.
"Ah but, with enough practice you can get used to anything" - true, but that's no excuse. It's the same with justifying "=" and "==" because context awareness doesn't exist.
Thank you so much David for this amazing video. I have a question what are the books for this field that are recommended for reading ?
this is exactly what I wanted
yeah, this is the content i want. Thanks
Keep the Good work david😊😊😊
Thank you!
Awesome show lads 🎉
This was amazing, but scary to think this was "very basic stuff". Can Stephen give a tutorial on how to go about reverse engineering and manipulating a saved game file?
Purchasing a stock may seem straightforward, but selecting the correct stock without a proven strategy can be exceedingly challenging. I've been working on expanding my $210K portfolio for a while, and my primary obstacle is the lack of clear entry and exit strategies. Any advice on this matter would be greatly appreciated.
Awesome Thank you for Sharing 💯✴
Hello David Bombal... ❤❤
Hello!
1. Patching a DLL: How can I patch a DLL used by a Windows program so that when a function in the DLL is called, it logs a message to a file saying "I am called" and also logs the data in variables or the stack?
2. IDC Scripting: Can you help me write an IDC script for IDA Pro, or a similar script in Ghidra, that logs the functions being called, their addresses, the stack variables, and which part of the data file is being used when I run the program between two breakpoints?
3. How can I find out how a program reads an encrypted or obfuscated file and converts its content? Also, what are `bcrypt.dll` and `bcryptprimitives.dll` used for and how to use them?
"Stephen Sims!"
the best!!!!
Thank you for your continued sharing of valuable knowledge. Much appreciation for all you are doing. As I continue learning my ? is where would I look to see if an opensource distro is dialing out to someone after I install it.
Reverse engineering is my fav
Thanks
Amazing !!!
This is some good stuff
Love this!
Brilliant!
6:01 Because if able to hex edit, imagine all the time you could save getting beyond the ninth level in super metroid using a custom exploit...
27:12 Yeah but this why y2k38 is so scary.
I'm trying to understand, if program doesn't compile with -g flag it cannot reversed?
is it still worth it to student C? or should I go python. as beginner
i followed your steps but i got a different results when i used gdb i got printif instead of puts@plt , i use gcc (Debian 13.2.0-24) 13.2.0
Can you do a video on how to run Kali Linux on Apple silicon?
I made this video in the past, but I'll make a new video: ua-cam.com/video/fcrSmbUIHuo/v-deo.html
@@davidbombal thank you! I wanted to run Kali in docker on my M1 Max but couldn’t seem to get the GUI to work. 🤨
Is this compatible with monitor mode: AWPCIE-1900U do u know?
Hi David,i am looking for an laptop can you tell is galaxy book 2 pro i5 1240p laptop is good for this field?
NICE! 😃👍
Excellent fundamentals! Thank you
Wow.
Cool
Hello
Hello!
27:15
David we need Reverse Engineering with Python
I'll ask Stephen 😀
6th David reply to me plzzzzzzzzzz idk just give me quote of the day 🤣
I appreciate your support! Make the most of your life 😀
@@davidbombal alright 😎
Am i the only one who get lost in the middle of the video???
Pizzaa
This video is too complicated. I'd say it is for advanced in cybersecurity and programming.
Type shii
🔥🔥❤
Dear sir
How to h**k cctv using wifi router
🤍
30:01: It's emtpy because $rip's value needs to be incremented by 0x7; i.e.: value of rip is referenced after lea is prefetched (or whatever its called).
(gdb) x/s $rip+0xec0+7
0x555555556004: "Hi Mars"
(gdb)
Purchasing a stock may seem straightforward, but selecting the correct stock without a proven strategy can be exceedingly challenging. I've been working on expanding my $210K portfolio for a while, and my primary obstacle is the lack of clear entry and exit strategies. Any advice on this matter would be greatly appreciated.