Pretty sure my coworkers wrote those function names.

This video is an exact representation of a programmer's life. Comitting mistakes, realizing where was the mistake 2 days later...

And this, children, is why you always write unit tests.

He uses 7-Zip instead of WinRAR. Best KZbinr ever.

I think it'd pretty funny how flare-on's website has no working https

I used a simpler approach (in my opinion); I patched the function that prints the cells and inverted the behavior. I modified the "if" conditions so that all cells were revealed by default instead of hidden. Your solution is more elegant though!

Awesome job man, keep these videos coming.

This is amazing! Great content!

Great vid as always!

Quality content as always and this one is hilarious!

Like always another great video

Lol, I burst out laughing at the end. Atleast you caught it in the end before a youtube comment could ruin your day. Thanks for the video liveoverflow. I loved this one!

My god, im so glad that i found your channel.

Thumbs up for leaving the bug in there! Greatly underlines the constant try and error of hacking!

I don't know why but I decided to do this in python. I had gotten the result similar to how you did, but no matter the combinations (where I started the count for rows and columns), I couldn't get it to work. I imported ctypes, attempted to run my found cells into a generate key function I converted from C# to python, and even fruitlessly trying to rewrite all of the logic of the game into python. Turns out, I am better at programming than I am counting. I saw your video, saw that I got the same coordinates as you, and tried again, this time counting carefully. CTFs are really hard man.

very good ! For me as a beginner this was really helpfull and I understood all of it , thanks!

Oof, I hate when I make a silly mistake and end up with a convoluted work around. At least you learned more about the challenge

Great video, thanks !

Man i strive to be as smart as you one day. Keep up the amazing videos!

"I'm so dumb" hey man, dont be so hard on yourself. You're doing amazing :)

This. Is. High quality!

I've had a harder time reading c++ and binary. I usually write C#. Thank you for this video!

You're not dumb. You're a human being. And the fact that you saw it at all means you're smart.

actually met some of the lead fire-eye people, and they are so cool and get to do amazing stuff in terms of RE

I used dnSpy which acts kind of like IDE so you can patch, run, etc dotnet. I looked up the data structure that contained the minefield matrix. Looked up the positions of the no-bomb cells. But counting the tiny row colmns was tough. Also not knowing if the colms are 0-based or 1-based index added to the trouble, so I patched the exe to not exit the game on bomb reveal. Then clicked open all the cells in the vicinity of the empty cells untill I found the right one. Then in another window I open the non-patched exe. Aligned the two fields to see where the empty-cells are. :P I was happy with my approach untill I saw yours. I loved that you could do it statically and still make it look so easy. Waiting for more videos

The first challenge had obfuscated function names?! I would have been stuck on that. You rock!

Holy fuck, that went from 0 to 100000 real quick, i can't even imagine what the third challenge will be like.

i don't even understand what you say , but i love to watch this videos xD

awesome content!

These are boss, slow learner these help so much.

Nice solution for the second challenge, I just inverted the condition that decides what image is displayed on the field so i could see all bombs.

I love doing windows reversing, I wish I knew this was happening!

Mind blowing..!!

ILSpy : The "IL" stands for "Intermediate Language", cf. "Intermediate Representation" (just love ur videos btw, hevin so much fun hackin on ur hax)

Love listening to stuff I know absolutely nothing about xD

I didn't figure the RNG thing. Thanks for the video. I solved it the same way haha :) I just inserted the row and col I found from debugging to the input. (Click randomly and change the index calculation). I also tried to find the real safe slots but was too lazy :)

Great channel.. keep up

3:38 The InitializeComponent initializes those ughh..... components! Hahahahaha

interesting for sure, cool video

hahahahaha that ending man, all too familiar

Smashed the like

holy shit, 1st time I understand and saw your mistake init array outside the loop. That a big step, lol

What kind of reason that may make some one press dislike for such great video ?

Jesus Christ you’re good as fuck, and these vids are so needed. Why no patreon or BTC donations? Whatever I can do to make sure you keep this up.

WOW I wish I could do that thatlooks like so much fun

I dont like Fridays cause its gonna be weekend, i like them cause i get high quality content to watch!

the 1st channel to which i pressed bell icon

degga du bist so toll

That ending is one reason why I prefer langs where things are immutable by default :^)

Huh, nice bruteforce approach, I hadn't even thought about that :D Just found all this stuff about cells with no bombs (done that using calculator... I'm too dumb to copypaste the code, yep xD) Looking forward to see you working on next challenges, I'm so excited :)

Great videos, I really enjoyed flare-on challenges and am happy to see you covering them. I do think, however, that you should revisit this problem with one of the simpler approaches for people still learning. anything that can edit a .net binary could be used to easily solve this problem. I actually ended up using Cheat engine for this as i was familiar with the tool. that said i loved seeing a more static approach to this problem, though i cant say i would want to do it myself.

When you showed the brute force code, I immediately said to myself, "but wait, where is the copy from constants back to array2?... uh, if you say so?" D'OH! :D

In the allocate memory class, you could create a string containing the flags and then just Messagebox.Show all the flags :) I did it like this in dnspy, displays all the flags: private void AllocateMemory(MineField mf) { // Initialize our string containing the flags information string flags = ""; for (uint num = 0u; num < MainForm.VALLOC_NODE_LIMIT; num += 1u) { for (uint num2 = 0u; num2 < MainForm.VALLOC_NODE_LIMIT; num2 += 1u) { bool flag = true; uint r = num + 1u; uint c = num2 + 1u; if (this.VALLOC_TYPES.Contains(this.DeriveVallocType(r, c))) { flag = false; // Save the flag x,y coordinate in the string flags += string.Format("({0}, {1}) ", c, r); } mf.GarbageCollect[(int)num2, (int)num] = flag; } } // Display our flags string MessageBox.Show(flags); }

The "Ohhhhhhhh" was extensively cute.

Wish I could do anything of that, but I'm just an electrician knowing the basics

If you think you are dumb what's left for the rest of us?! lol. Thanks for sharing!

After watching the vid, all i could say is: "Damn! Never understood a single thing."😂😂

You know this man has been in the game for a while if he uses ILspy

what an alien!!!

12:10 Man, if you are dumb, then I am bubbling mad comparing to you. Awesome vids!

windows "NOT MY WORLD" same here. thats i reverse elf binaries and use rader2 for reversing mostly everything :)

Hi, I'd like to Start With ctfs But cant find a easy one to Start With. Do you have an idea? Thank you!

12:07 is priceless!

need more flareon ctf :3

Hi! For .NET i recommend DnSpy, it's Open Source of Github.

Lmao I love that ending

My dll file coded in c++, what can i do to get all c++ code ?

Always debug the first few loop cycles ..and watch the state of variables

Now I believe that even pros can make trivial mistakes.

Vert nice drawing of the Eevee evolution ^.^

1:48 finally something i understand! 2:50 finally some c#/ .net $#!t that i know. this is going to be my episode! :D then this happens: 7:07 like wuuuuuut? XD im still 2 fuckin' young i guess lol.. :D

I always define variables const if they are not suppose to change. So I have never encountered this kind of things after I switch to python XD.

"only 4 billion options" *it took me one f-ing year to fix a typo*

Why use ilspy instead of the better dnspy?

4:04 "...also, the other pictures do not have a flag" *shows a picture of a flag* ;)

is it possible to decompile c++ native code?

"Many of the challenges are based on Windows, which is not really my world" but LiveOverflow.. in your Google CTF 2019 qualifier video, you used Windows to run minetest! perhaps... having some problems, with hardware-accelerated 3d rendering, on your unspecified non-Windows platform? ;)

I took VALLOC_NODE_LIMIT to mean the maximal amount of nodes allocated in the vertical.

I find CSharp really similar to java with a hint of c++.

How about the rest of the flag...are you gonna do a walkthrough video for that?

You need a rubber duck!

I can RE better than anyone you know. I RE so well you cant ever get to me... Its the worst but kinda the best. comforting in a way.

the second one would have been easier with dnspy. you can edit the code with it

Brain.exe has stopped working

you use a wacom tablet? Cool every thing else not really XD just kidding keep doing what your doing man

I’m feeling a bit like a dumb dumb since I really only know BASICS of C++, have only gone more in depth into front end languages. What language were you coding in for your own Bruteforce/your application to print out the results?

hey bro... i tried one of wesite you suggest to open before, its "w3challs.com" i have a problem on registering and login to that website... after i registered it said "registered succesfull", but there's no notification in my email, and also i tried to login to that website but always says "login/pass Error"... and after that, i tried to click "forget password feature, and i input my email address which i used to register, but the website said "your email has not been registered"... i really confused with this problem, i thought maybe i'ts some kind a test, i tried to connect to the irc channel using xchat and hexchat.. but the connection always denied. could you help me with this kind of problem i have? thanks .

That just shows me how far im away of being an good dev. Just the slightest obfuscation shreddes me

CTF 1: Open the disclosed program and copy some text CTF 2: literally run your brain around this significantly larger program for 10 hours just to realize that had you not of made one small mistake early on, you would of been done hours ago.

"Give me a second..." any time i ear this message... my brain in automatic mode has the right response... NO RESPONSE AT ALL.

where i can learn stuff like this

watched this a couple times, just realized that the cell number grid example he drew i missing 20 5:20

749 likes so far, 0 dislikes, what an absolute record

You'd also run into a bug in the brute force if the sorted array contained multiples of the same number. You assume the next number is greater, but it can be greater or equal than.

1:04 what is that song?

I've searched for malware source code in deeper web and found some. How to know if those code are a malware?

Dn Spy, or .net reflector would have been a much easier tool to use. You did not even have to brute force the key, that's the over complicated way to do it. Nice for content though, good stuff.

WoW

Sometimes its just one line of code that screws the hole program.. nice video!

I literally did the same thing and made the same mistake :o