Pretty sure my coworkers wrote those function names.

This video is an exact representation of a programmer's life. Comitting mistakes, realizing where was the mistake 2 days later...

And this, children, is why you always write unit tests.

I used a simpler approach (in my opinion); I patched the function that prints the cells and inverted the behavior. I modified the "if" conditions so that all cells were revealed by default instead of hidden. Your solution is more elegant though!

I think it'd pretty funny how flare-on's website has no working https

He uses 7-Zip instead of WinRAR. Best KZbinr ever.

Oof, I hate when I make a silly mistake and end up with a convoluted work around. At least you learned more about the challenge

I don't know why but I decided to do this in python. I had gotten the result similar to how you did, but no matter the combinations (where I started the count for rows and columns), I couldn't get it to work. I imported ctypes, attempted to run my found cells into a generate key function I converted from C# to python, and even fruitlessly trying to rewrite all of the logic of the game into python. Turns out, I am better at programming than I am counting. I saw your video, saw that I got the same coordinates as you, and tried again, this time counting carefully. CTFs are really hard man.

Awesome job man, keep these videos coming.

"I'm so dumb" hey man, dont be so hard on yourself. You're doing amazing :)

Lol, I burst out laughing at the end. Atleast you caught it in the end before a youtube comment could ruin your day. Thanks for the video liveoverflow. I loved this one!

Great vid as always!

The first challenge had obfuscated function names?! I would have been stuck on that. You rock!

Quality content as always and this one is hilarious!

Thumbs up for leaving the bug in there! Greatly underlines the constant try and error of hacking!

My god, im so glad that i found your channel.

You're not dumb. You're a human being. And the fact that you saw it at all means you're smart.

Like always another great video

ILSpy : The "IL" stands for "Intermediate Language", cf. "Intermediate Representation" (just love ur videos btw, hevin so much fun hackin on ur hax)

This. Is. High quality!

i don't even understand what you say , but i love to watch this videos xD

I used dnSpy which acts kind of like IDE so you can patch, run, etc dotnet. I looked up the data structure that contained the minefield matrix. Looked up the positions of the no-bomb cells. But counting the tiny row colmns was tough. Also not knowing if the colms are 0-based or 1-based index added to the trouble, so I patched the exe to not exit the game on bomb reveal. Then clicked open all the cells in the vicinity of the empty cells untill I found the right one. Then in another window I open the non-patched exe. Aligned the two fields to see where the empty-cells are. :P I was happy with my approach untill I saw yours. I loved that you could do it statically and still make it look so easy. Waiting for more videos

actually met some of the lead fire-eye people, and they are so cool and get to do amazing stuff in terms of RE

Jesus Christ you’re good as fuck, and these vids are so needed. Why no patreon or BTC donations? Whatever I can do to make sure you keep this up.

3:38 The InitializeComponent initializes those ughh..... components! Hahahahaha

Man i strive to be as smart as you one day. Keep up the amazing videos!

Holy fuck, that went from 0 to 100000 real quick, i can't even imagine what the third challenge will be like.

I've had a harder time reading c++ and binary. I usually write C#. Thank you for this video!

What kind of reason that may make some one press dislike for such great video ?

very good ! For me as a beginner this was really helpfull and I understood all of it , thanks!

In the allocate memory class, you could create a string containing the flags and then just Messagebox.Show all the flags :) I did it like this in dnspy, displays all the flags: private void AllocateMemory(MineField mf) { // Initialize our string containing the flags information string flags = ""; for (uint num = 0u; num < MainForm.VALLOC_NODE_LIMIT; num += 1u) { for (uint num2 = 0u; num2 < MainForm.VALLOC_NODE_LIMIT; num2 += 1u) { bool flag = true; uint r = num + 1u; uint c = num2 + 1u; if (this.VALLOC_TYPES.Contains(this.DeriveVallocType(r, c))) { flag = false; // Save the flag x,y coordinate in the string flags += string.Format("({0}, {1}) ", c, r); } mf.GarbageCollect[(int)num2, (int)num] = flag; } } // Display our flags string MessageBox.Show(flags); }

That ending is one reason why I prefer langs where things are immutable by default :^)

When you showed the brute force code, I immediately said to myself, "but wait, where is the copy from constants back to array2?... uh, if you say so?" D'OH! :D

Nice solution for the second challenge, I just inverted the condition that decides what image is displayed on the field so i could see all bombs.

These are boss, slow learner these help so much.

I dont like Fridays cause its gonna be weekend, i like them cause i get high quality content to watch!

Great video, thanks !

holy shit, 1st time I understand and saw your mistake init array outside the loop. That a big step, lol

Very good video!

I didn't figure the RNG thing. Thanks for the video. I solved it the same way haha :) I just inserted the row and col I found from debugging to the input. (Click randomly and change the index calculation). I also tried to find the real safe slots but was too lazy :)

Love listening to stuff I know absolutely nothing about xD

degga du bist so toll

the 1st channel to which i pressed bell icon

Great videos, I really enjoyed flare-on challenges and am happy to see you covering them. I do think, however, that you should revisit this problem with one of the simpler approaches for people still learning. anything that can edit a .net binary could be used to easily solve this problem. I actually ended up using Cheat engine for this as i was familiar with the tool. that said i loved seeing a more static approach to this problem, though i cant say i would want to do it myself.

I love doing windows reversing, I wish I knew this was happening!

Actually the video end up being quite exciting even for a standard user

12:07 is priceless!

Wish I could do anything of that, but I'm just an electrician knowing the basics

hahahahaha that ending man, all too familiar

You know this man has been in the game for a while if he uses ILspy

Mind blowing..!!

The "Ohhhhhhhh" was extensively cute.

CTF 1: Open the disclosed program and copy some text CTF 2: literally run your brain around this significantly larger program for 10 hours just to realize that had you not of made one small mistake early on, you would of been done hours ago.

I can RE better than anyone you know. I RE so well you cant ever get to me... Its the worst but kinda the best. comforting in a way.

If you think you are dumb what's left for the rest of us?! lol. Thanks for sharing!

awesome content!

Great channel.. keep up

Brain.exe has stopped working

windows "NOT MY WORLD" same here. thats i reverse elf binaries and use rader2 for reversing mostly everything :)

Huh, nice bruteforce approach, I hadn't even thought about that :D Just found all this stuff about cells with no bombs (done that using calculator... I'm too dumb to copypaste the code, yep xD) Looking forward to see you working on next challenges, I'm so excited :)

Always debug the first few loop cycles ..and watch the state of variables

12:10 Man, if you are dumb, then I am bubbling mad comparing to you. Awesome vids!

Hi! For .NET i recommend DnSpy, it's Open Source of Github.

4:04 "...also, the other pictures do not have a flag" *shows a picture of a flag* ;)

Vert nice drawing of the Eevee evolution ^.^

interesting for sure, cool video

Smashed the like

Hi, I'd like to Start With ctfs But cant find a easy one to Start With. Do you have an idea? Thank you!

what an alien!!!

You need a rubber duck!

You'd also run into a bug in the brute force if the sorted array contained multiples of the same number. You assume the next number is greater, but it can be greater or equal than.

1:48 finally something i understand! 2:50 finally some c#/ .net $#!t that i know. this is going to be my episode! :D then this happens: 7:07 like wuuuuuut? XD im still 2 fuckin' young i guess lol.. :D

WOW I wish I could do that thatlooks like so much fun

the second one would have been easier with dnspy. you can edit the code with it

Now I believe that even pros can make trivial mistakes.

My dll file coded in c++, what can i do to get all c++ code ?

I’m feeling a bit like a dumb dumb since I really only know BASICS of C++, have only gone more in depth into front end languages. What language were you coding in for your own Bruteforce/your application to print out the results?

I took VALLOC_NODE_LIMIT to mean the maximal amount of nodes allocated in the vertical.

Why use ilspy instead of the better dnspy?

How about the rest of the flag...are you gonna do a walkthrough video for that?

I find CSharp really similar to java with a hint of c++.

hey bro... i tried one of wesite you suggest to open before, its "w3challs.com" i have a problem on registering and login to that website... after i registered it said "registered succesfull", but there's no notification in my email, and also i tried to login to that website but always says "login/pass Error"... and after that, i tried to click "forget password feature, and i input my email address which i used to register, but the website said "your email has not been registered"... i really confused with this problem, i thought maybe i'ts some kind a test, i tried to connect to the irc channel using xchat and hexchat.. but the connection always denied. could you help me with this kind of problem i have? thanks .

"Many of the challenges are based on Windows, which is not really my world" but LiveOverflow.. in your Google CTF 2019 qualifier video, you used Windows to run minetest! perhaps... having some problems, with hardware-accelerated 3d rendering, on your unspecified non-Windows platform? ;)

I've searched for malware source code in deeper web and found some. How to know if those code are a malware?

Dn Spy, or .net reflector would have been a much easier tool to use. You did not even have to brute force the key, that's the over complicated way to do it. Nice for content though, good stuff.

That just shows me how far im away of being an good dev. Just the slightest obfuscation shreddes me

is it possible to decompile c++ native code?

Hi at 5:25 you messed up the drawing of the rows and columns last row has 21/22/21/22/23 it should be 20/21/22/23/24

"only 4 billion options" *it took me one f-ing year to fix a typo*

I always define variables const if they are not suppose to change. So I have never encountered this kind of things after I switch to python XD.

watched this a couple times, just realized that the cell number grid example he drew i missing 20 5:20

"Give me a second..." any time i ear this message... my brain in automatic mode has the right response... NO RESPONSE AT ALL.

how come it is possible to de-compile the jar executable into java code, I thought it was only possible to find the binary assembly code using something like gdb. Sorry I am a noob, pls don't roast me

need more flareon ctf :3

did you ever finish Flare-on?

where i can learn stuff like this

you use a wacom tablet? Cool every thing else not really XD just kidding keep doing what your doing man

could you not have just compared the last four bytes of the encrypted key and undid the xor, as you already know what the key ends with edit: wait never mind, it's not the same byte xored against all of it

Lmao I love that ending

That video is missing 20 seconds