I really appreciate that u're explaining the "small" stuff too and not just running through it and expecting ppl to already know what certain commands do and so on, thank you for these videos
@@_CryptoCat I want to ask you about pop rsi and pop rdi. Why we should override pop rdi firstly? Can we override firstly pop rsi? And what differences between pop rsi and pop rdi? Thank you!
You could populate the RSI register before the RDI if you want. The important thing is that all the required registers are populated before a function is called. As for the difference; it's just calling convention, i.e. when a function in a 64-bit program is called, it will look for the parameters in RDI, RSI, RDX, RCX, R8, R9 and will return it's value to the RAX. If the function only takes one parameter, it should be popped into the RDI, before the function is called. If the function takes two params, the second should be popped into the RSI etc.. You can highlight functions in ghidra to check what parameters they take and it will actually show the registers those params will be read from 😉
My teammate was thinking it could be solved by leaking the name, i.e. enter 48 chars to overwrite the null terminator, so both variables will be printed but he didn't get it working. I remembered a similar challenge from last year and thought brute-forcing for random null byte was intended, interested to see some other solutions though 😊
![SEETF [Social Engineering Experts] 2022 - Challenge Walkthroughs](http://i.ytimg.com/vi/-cc4U1H53F8/mqdefault.jpg)
![Leaking Secret Data with a Heap Overflow - "Leek" Pwn Challenge [Angstrom CTF 2023]](/img/n.gif)
I really appreciate that u're explaining the "small" stuff too and not just running through it and expecting ppl to already know what certain commands do and so on, thank you for these videos
awww thank you 🙏🥰
Your vides are very good! I have only seen a few but you're very straight forward and to the point, yet not skipping the details.
thanks mate 💜
Nicely explained ❤
tyty 💜
great video bro! Btw would u upload video about the Cyber Apocalypse CTF 2022 on HTB?
Unfortunately not mate! Been over in England the past week visiting family and missed the comp 😑
AWESOME VIDEO. KEEP IT UP BROO👍🏻✊🏻✊🏻
thanks bro 🙏
@@_CryptoCat I want to ask you about pop rsi and pop rdi. Why we should override pop rdi firstly? Can we override firstly pop rsi?
And what differences between pop rsi and pop rdi?
Thank you!
You could populate the RSI register before the RDI if you want. The important thing is that all the required registers are populated before a function is called.
As for the difference; it's just calling convention, i.e. when a function in a 64-bit program is called, it will look for the parameters in RDI, RSI, RDX, RCX, R8, R9 and will return it's value to the RAX.
If the function only takes one parameter, it should be popped into the RDI, before the function is called. If the function takes two params, the second should be popped into the RSI etc..
You can highlight functions in ghidra to check what parameters they take and it will actually show the registers those params will be read from 😉
YOU ARE A LEGEND
💜
awesome video
🙏🥰
amazing video bro👊👊 thanks for sharing
thanks mate 👊
Great video 🔥
cheers bud! 👊
Good job! Thank you for videos
🙏🥰
Great vid man thanks for sharing ❤️💯
🙏🥰
Thank you master
🧙♂️
can whatsmyname solve using 'off by one' technique?
My teammate was thinking it could be solved by leaking the name, i.e. enter 48 chars to overwrite the null terminator, so both variables will be printed but he didn't get it working.
I remembered a similar challenge from last year and thought brute-forcing for random null byte was intended, interested to see some other solutions though 😊
@@_CryptoCat yeah we tried that. Leaked the value but sending it doesnt work, dont know why!
Push!
you honestly deserve more views lmao
awww tyty 💜
pls make series on smart contract bug hunting.
tbh it's not something i'm particularly familiar with. LiveOverflow has done some videos on it though 😉
thanks man
thank you! 😉
💫
💜