Crafting Shellcode | PicoCTF [36] Shells

  Рет қаралды 14,773

John Hammond

John Hammond

Күн бұрын

Пікірлер: 13
@LanPodder
@LanPodder 6 жыл бұрын
As a computer science student, i rly enjoy your content
@mucktheman2720
@mucktheman2720 6 жыл бұрын
I highly recommend using ipython shell instead of python shell as it makes it easier to explore all the cool things that different python objects can do. Tab complete is one of the best features when working with new modules and ipython gives you that ability. :D
@zanidd
@zanidd 6 жыл бұрын
and yet I'm sitting here, manually writing/translating the adresses, while pwn tools reduces the amount of work involved. Cool video
@SlyFluffyFox
@SlyFluffyFox 3 жыл бұрын
Nice video man
@X3eRo0
@X3eRo0 6 жыл бұрын
It was amazing
@IdanBanani
@IdanBanani 4 жыл бұрын
5:52 how does pushing the function(symbol) address and returning (from main() ?) results in calling the function? Can we also use Call / other method?. I just know that the returned value should be stored at EAX
@JackDjTom6
@JackDjTom6 6 жыл бұрын
Pls continue the python challenge ^^
@oneloveafrica8860
@oneloveafrica8860 Жыл бұрын
how? without knowing return address ??where do u execute the code?????????????????/
@austinmurphy9074
@austinmurphy9074 6 ай бұрын
the vuln() function (shown in source code @1:48) has the lines void (*func)() = (void (*)())stuff; func(); Anything you pass to the program will be interpreted, cast to a function and executed
@TheNecromorfe
@TheNecromorfe 6 жыл бұрын
It is possible to resolve with r2libc?
@_JohnHammond
@_JohnHammond 6 жыл бұрын
A return2libc attack? I'm not any expert here but I am sure you could do that, if you could got your shellcode to return back to libc or did some ROP thing. There are probably some options for going with that approach, but admittedly I don't have any solid ideas off the top of my head.
@ponysopher
@ponysopher 6 жыл бұрын
I tried to do this on my own and wrote shellcode for a direct call to the win function at its address rather than pushing the address. That resulted in a segfault. Does anyone know why?
@mucktheman2720
@mucktheman2720 6 жыл бұрын
There's a problem with a lot of print methods (like pythons print and the echo shell command) that append a newline character to the string. I'd recommend using printf instead if at all possible as it doesn't pollute your output with newlines or other crap. Examples below, and notice the extra crap you get with python and echo. printf 'h@\x85\x04\x08\xc3' |hexdump -b 0000000 150 100 205 004 010 303 0000006 echo -e 'h@\x85\x04\x08\xc3' |hexdump -b 0000000 150 100 205 004 010 303 012 0000007 python -c 'print "h@\x85\x04\x08\xc3"' |hexdump -b 0000000 150 100 205 004 010 303 012 0000007
Basic SQL Injection | PicoCTF 2017 [35] My First SQL
6:41
John Hammond
Рет қаралды 16 М.
Quilt Challenge, No Skills, Just Luck#Funnyfamily #Partygames #Funny
00:32
Family Games Media
Рет қаралды 47 МЛН
Одну кружечку 😂❤️
00:12
Денис Кукояка
Рет қаралды 2,9 МЛН
If people acted like cats 🙀😹 LeoNata family #shorts
00:22
LeoNata Family
Рет қаралды 36 МЛН
How To Choose Mac N Cheese Date Night.. 🧀
00:58
Jojo Sim
Рет қаралды 116 МЛН
The HexOS Beta - TrueNAS EASY MODE?
24:54
NASCompares
Рет қаралды 4,1 М.
Getting Started in CTF: PicoCTF 2017 [09] keyz (SSH)
16:48
John Hammond
Рет қаралды 17 М.
CSAW'19 - PWN - Ret2libc w/ PWNTOOLS (baby_boi)
24:03
John Hammond
Рет қаралды 26 М.
Injecting Shellcode | PicoCTF [37] Shellz
7:17
John Hammond
Рет қаралды 11 М.
Beat Ronaldo, Win $1,000,000
22:45
MrBeast
Рет қаралды 110 МЛН
First Exploit! Buffer Overflow with Shellcode - bin 0x0E
12:23
LiveOverflow
Рет қаралды 275 М.
Malware development 101: Creating your first ever MALWARE
28:00
Leet Cipher
Рет қаралды 389 М.
GETS Buffer Overflow | PicoCTF 2017 [41] "VR Gear Console"
10:29
John Hammond
Рет қаралды 9 М.
Quilt Challenge, No Skills, Just Luck#Funnyfamily #Partygames #Funny
00:32
Family Games Media
Рет қаралды 47 МЛН