Thank you :) Glad you liked the video.

Espero que te sean de ayuda los vídeos :)

You are welcome, thank you :)

I think 23:40 answers your question.

You are more than welcome. I'm happy you like my videos and they help in any way :)

Hi there. Yes, that's totally correct. Overwriting old rbp with random padding bytes implies the old stack frame (the one about to be restored with mov rsp, rbp; pop rbp) becoming invalid. Depending on what you are trying to achieve, you may or may not have to care about the state of the stack. In this case, it is irrelevant.

I'm not sure what binaries are you talking about, but you can place arbitrary instructions with the asm() function.

like? ​@@RazviOverflow

​@@RazviOverflowwhere i put it

@@r3plican docs.pwntools.com/en/stable/asm.html

If the library is loaded and you got its dynamic base address you should be able to see it.

@@RazviOverflow Thanks for the reply Razvi! The issue with the offset bits in a virtual address is that they are only 12 bits long. But you can have a starting virtual address of 0x7FABCDEF0000A000 in the text segment and a virtual address within the segment at 0x7FABCDEF0000B000. So the real offset here is not “000” but 0x1000, which is more than 12 bits.

@@rgb123-jm5mc I think I'm not fully understanding your problem. In order to get the offset, you shouldn't care about how many bits are used for this specific addressing. If you know the base address and the dynamic address, simply subtract them. Now, where does it say the offset has to be 12 bits? Could you link some docs?

@@RazviOverflow Hey Razvi, I think I might have mistaken the segment offset with page offset (lower 12 bits in virtual address). Since KZbin filters link, I found it in the first entry from the Google search “Cornell virtual address 12 bit offset”. Even though it uses 32-bit architecture, 12 bit virtual address offset is still used in 64-bit systems

@@RazviOverflow I think YT has deleted my comment for some reason, but I searched up Cornell Linux Virtual Address Offset and clicked on the first entry. Even though the webpage talks about 32-bit architecture, the offset is still 12 bits in 64-bit architecture.

Any ret instruction would have the same effect.

Thank you :)

Hi there. Yes, sure. At the end of the description of the video you'll finde one :)

@@RazviOverflow thank u sir

You're welcome :)

@@RazviOverflow I am a user from China. It is difficult to find such excellent learning materials in China. My English is very poor. I can only use KZbin's automatic subtitle recognition to understand the meaning. However, KZbin's automatic recognition sometimes doesn't work well. I couldn't understand some parts of the video. It would be great if the video had Chinese and English subtitles. Finally, thank you so much for making such a great video.我是来自中国的用户。 在国内很难找到这么优秀的学习资料。 我的英文很差。 我只能用KZbin的自动字幕识别来理解意思。 然而，KZbin 的自动识别有时效果不佳。 我无法理解视频中的某些部分。 如果视频有中文和英文字幕就太好了。 最后，非常感谢您制作了如此精彩的视频。

I'm happy my videos are helping you. Unfortunately, I cannot help with Chinese @@小沙鳄Crocodile

when will you make more videos ? @@RazviOverflow

@@dzgamer4832As soon as I have the time and something interesting to show :)