i look forward to these videos every day and I'm not even signed-up for the CTF. hearing how you think through these challenges is priceless.

Cool challenge and a great video. Keep them coming sir.

That was a pretty cool one. Never though of printf as being an exploit to walk through the stack like that, being able to see and -even better- write to env variables…. seems like it could be useful in a future challenge.

Cool, didnt know a simple printf can be weaponize

My favorite Vulnerability

thank you as always for you incredible video.

thank you for making this ♥️♥️

I laughed hard when I saw that "vuln" vomited garbage data and other variables. I know it could be dangerous in production environment, but that was fun! :'D

That was cool! This world needs more hackers like you John:)

Let’s roll !!

Format strings vulns is my favourite, pity its pretty rare at IRL - stil I did found one exploitable in the wild once ))

Early gang

Could the missing "pico" and "john" be an alignment thing? Both are 4 bytes long... 🤔

Hey John I found a CVE in an email provider, tried to inform them about it so that I could help them fix it for some cash but they didn't care and they still haven't fixed it months later 😬 what would you do in this scenario 🤔

So how do you capture the whole flag, including 'pico'?

Just imagine if the memory was filled with a sensitive information!! All of them will be leaked!!?

Shark window opening how to repair

just use single or double quotes

hello ..would it be possible to put subtitles in portuguese ?? because we follow here in Brazil!!🇧🇷

Cool

👍!

Hello!

cool

I'm wondering if %23$s.%24$s works well🙄

Red desinr

second

First

there’s a literal man page function in the terminal cmon man