GHIDRA for Reverse Engineering (PicoCTF 2022 #42 'bbbloat')
Рет қаралды 192,386
Күн бұрынHelp the channel grow with a Like, Comment, & Subscribe!
❤️ Support ➡ j-h.io/patreon ↔ j-h.io/paypal ↔ j-h.io/buymeacoffee
Check out the affiliates below for more free or discounted learning!
🖥️ Zero-Point Security ➡ Certified Red Team Operator j-h.io/crto
💻Zero-Point Security ➡ C2 Development with C# j-h.io/c2dev
👨🏻💻7aSecurity ➡ Hacking Courses & Pentesting j-h.io/7asecurity
📗Humble Bundle ➡ j-h.io/humblebundle
🐶Snyk ➡ j-h.io/snyk
🌎Follow me! ➡ j-h.io/discord ↔ j-h.io/twitter ↔ j-h.io/linkedin ↔ j-h.io/instagram ↔ j-h.io/tiktok
📧Contact me! (I may be very slow to respond or completely unable to)
🤝Sponsorship Inquiries ➡ j-h.io/sponsorship
🚩 CTF Hosting Requests ➡ j-h.io/ctf
🎤 Speaking Requests ➡ j-h.io/speaking
💥 Malware Submission ➡ j-h.io/malware
❓ Everything Else ➡ j-h.io/etc
@micleh Жыл бұрын
Liked that one, since it is an easy example of how to disassemble code and make sense of what is readable. Perfect as a beginner tutorial.
@11ph22il 2 жыл бұрын
These videos are the spam I like to get, each one with GREAT info on CTFs. Thanks John!
@MikeDSutton 2 жыл бұрын
In case anyone else was curious what the 'unscramble_flag' function did, here's the rough equivelent in Python 3: bytes([ b + (0x2F if b < 0x50 else -0x2F) for b in bytes([ 0x41, 0x3a, 0x34, 0x40, 0x72, 0x25, 0x75, 0x4c, 0x34, 0x46, 0x66, 0x30, 0x66, 0x39, 0x62, 0x30, 0x33, 0x3d, 0x5f, 0x63, 0x66, 0x30, 0x62, 0x65, 0x35, 0x35, 0x62, 0x60, 0x65, 0x32, 0x4e ]) ])
@Lampe2020 Жыл бұрын
I first saw the code then the description you gave but I immediately recognized it as Python3-code because two of my last three Python3-projects involved exactly that, converting lists of numbers between 0x00 and 0xff to byte strings (`bytes` object) XD
@kadericketts9218 2 жыл бұрын
Been loving the PICO CTF videos you’ve been making have watch most of them and have been learning a lot as i am just a noob in IT
@deltabytes 2 жыл бұрын
I like the way you take us through step by step. I am learning a lot from these videos.
@arr3business939 Жыл бұрын
same
@DevBranch Жыл бұрын
Thank you for making these videos! I'm new to this, so being able to see how this works first-hand is extremely helpful.
@sk0r Жыл бұрын
I’ll be honest, a lot of your videos I have no idea what you are doing, but I enjoy watching you and your skill set and what is possible with the right tools. 🙏
@hardelectrolove 2 жыл бұрын
Did you just accidentally release every video for the next weeks/months at once? Holy moly, that's a lot of stuff in my Watch Later playlist now! x)
@VA3KAMA3 2 жыл бұрын
same. just have had a marathon watching them
@theamazingjay161 2 жыл бұрын
Okay, so I'm not the only one.
@HYPR.trophy 2 жыл бұрын
I appreciate hearing your thought process as you go through the challenge
@user-cl4gy7pi6q Ай бұрын
Man u r DANGEROUS! lol 🙃☺ keep ur great work up dude! 💪
@Dex_Lulz Жыл бұрын
The more spend I time on your channel the more I learn.
@tpai302 2 жыл бұрын
I'm so bad at RE but love watching others do it so I can pick up on little things each time.
@jackscalibur 2 ай бұрын
Hey! Do you feel like you're better at it now?
@1234enzor 6 ай бұрын
A flashback and relearning TY!
@P-G-77 Жыл бұрын
Love this intricate logic tricks.
@ronorocky 2 жыл бұрын
i just love you man,you are just awesome....... hope someday i will meet u in person.... u r doing a great job... keep it up. ❤️❤️
@kevinalexander4959 2 жыл бұрын
Would love to see a video on rebasing. I have a hard time with alignment using strings. Would love a newbie friendly of you rebasing binaries that do not align in disassembler. thanks!!
@HyBlock 2 жыл бұрын
couldn't this be done in some other way, my feed is filled with all those uploads making it harder to browse, don't wanna unsubscribe cus I appreciate your work though!
@TheJustinist 2 жыл бұрын
Yep, unsubbed
@KoskiK 2 жыл бұрын
Quite the same, after the first burst of videos I figured it was just a mistake or an error with the scheduler. After this new one I unsubbed unfortunately, as I enjoyed the content. KZbin should by now have made a limit, say 3 posts of a single person in the sub feed.
@ocoolwow 2 жыл бұрын
@@KoskiK ah that would actually assume that KZbin would output usable work
@zdrasbuytye Жыл бұрын
You can do reverse engineering with the Linux shell only .
@kr4k3nn 2 жыл бұрын
This is my first time seeing Reverse Engineering. I am like WOW, this is so fun to watch & do. THanks John for introducing this very interesting things to us. :)
@for14556 9 ай бұрын
Very nice video about rev, thx.
@Riiveri 2 жыл бұрын
I have no idea why KZbin decided to recommend me these videos but I'm glad it did. This is awesome!
@vivarantx Жыл бұрын
same here, I was watching people eating 30 bags of cheetos and I ended up here
@kiizuha 11 ай бұрын
@@vivarantx lmao
@mytechnotalent 2 жыл бұрын
Love me some Ghidra!
@FakeMichau 2 жыл бұрын
KZbin after seeing so many uploads: i'm gonna end this man's whole career
@inazumaeleven9102 2 жыл бұрын
I like the fact that in each ctf videos, I learn new tools to use for hacking. Now I check the bell icon. Keep on going man, u the best
@ancestrall794 12 күн бұрын
Awesome bro
@sem8973 Жыл бұрын
This would have been a perfect intro tutorial to reverse engineering with Ghidra
@KGAD0831 Жыл бұрын
I really liked this one.
@aurelienlevra3782 28 күн бұрын
Great video
@SamoCoder Жыл бұрын
This was interesting. Liked and subscribed.
@tech-wandeveloper7495 Жыл бұрын
That was cool man!
@cod4volume 2 жыл бұрын
As far as open source content goes, John, you’re an OG. A goat. Appreciate the content and knowledge dude, stay humble.
@gogogg91 2 жыл бұрын
Awesome!
@nightst0rm230 2 жыл бұрын
hello sir your videos are great it helped me for solving and understanding all the ctfs of thm
@victorkuria4734 2 жыл бұрын
Great stuff
@lancemarchetti8673 Жыл бұрын
Hi John, can you please review "angr" for us. I don't have a clue where to start...lol
@bkib Жыл бұрын
Nice!
@DanjumaMuhammad Жыл бұрын
I like the term "low-hanging fruit 🍓" 😊
@wonderweissmargela4261 2 жыл бұрын
Easy with the upload sir
@makayjozsef 2 жыл бұрын
You can use "apt search" too for package searching
@lancemarchetti8673 Жыл бұрын
agreed
@noodlechan_ Жыл бұрын
what if we reverse engineer Ghidra binarys using GHidra?
@msalih Жыл бұрын
Awesome
@yttos7358 Жыл бұрын
Another way of converting from hex to decimal is with the `printf` command which can be found on any linux system; use `printf %d 0xc0ffee` to see
@skeeberk.h.4396 2 жыл бұрын
Very Nice
@WayneModz 10 ай бұрын
I guess its kinda good you didn't have the environment requirements preinstalled
@abiodun6897 2 жыл бұрын
i got it 🙋🏾♂️. where can i learn this reverse engineering
@polinimalossi8404 Жыл бұрын
but you can make the same video with the imusic aimersoft program?
@user-zo1kn8ob7h 3 ай бұрын
oh look a user agreement, "i agree" never to be thought of again
@m4rt_ 2 жыл бұрын
6:20 (sdkman is a good tool for downloading java stuff)
@user-no5vf3kn9l 7 ай бұрын
Headless for Java means its stripped of mouse and keyboard input libraries and whatnot. Badly breaks java swing, so you probably don't want to use that.
@user-he9uj1lr1k 8 ай бұрын
Please 🙏 sir can I use this to do reverse engineering on my mobile app??? Can someone help me out
@krish12180 2 жыл бұрын
Nice one
@Walker-hh7xf 2 жыл бұрын
you should also check out cutter
@ashokshastri9101 5 ай бұрын
Sir big fan of yours from Lamatol village, golbazar-06 municipality, siraha district, sagarmatha zone, Madhesh Pradhesh (province no 2), nepal 🇳🇵
@codedsprit Жыл бұрын
I wish I had a nice laptop like yours 🥺
@superfish4603 2 жыл бұрын
There are 11 hidden videos in the playlist, when do we get them? :)
@cryproot9845 2 жыл бұрын
It's a good video
@znucii 2 жыл бұрын
MAHYOUB WE MISS YOU
@passaronegro349 2 жыл бұрын
...would it be possible to have subtitles in Portuguese ???
@untitled8027 2 жыл бұрын
nice
@tribblewing 13 күн бұрын
My etc/apt/sources.list is using Kali Linux's default repo, but I can only install strace. ltrace keeps getting an error: "Unable to locate package". Has anyone figured out a working alternative repo?
@heisenberg8055 Жыл бұрын
TF I just watched! Interesting
@TheofilosMouratidis 2 жыл бұрын
at 13:26 you already got the decimal by hovering over the number
@MrLetsGamePlayHD 2 жыл бұрын
In ghidra you can also change the display type
@Lampe2020 Жыл бұрын
The word "Bbbbbbbloat" is a bloated word and has the same effect as a mass of bloatware has on a PC: it works, but slower.
@tlocto 2 жыл бұрын
can't wait till you go over noted, was my favorite one
@vinnie3265 3 ай бұрын
Everytime I Try to run a binary file on my kali linux I am getting exec format error...so I am not able to solve any rev engineering problems....can someone plss help with it🙏🙏🙏🙏
@MisterK-YT 2 жыл бұрын
John can you post the code that formats your bash (or zsh) prompt? From your .bashrc or wtvr config file. I like that two-line prompt.
@Mathcartney 2 жыл бұрын
Its zsh the shell that he uses, it isn’t bash. And the theme is the default kali theme. There are many other custom themes and wrappers such as powerlevel10k if you dig it deeper tho
@mikerich5003 2 жыл бұрын
Has anyone on bohemia has their initial deposit asst changed..
@faxhack 2 жыл бұрын
Wait this is intresting
@Bowzerbro 2 жыл бұрын
👍
@wahabwahab2042 Жыл бұрын
im watching your video and honestly i'm 80% didn't understand what are you doing exactly. i wonder what level is that ? im sure it is advanced level . where to start to achieve your level ??
@leblanc666666 2 жыл бұрын
nice and simple, but fun nonetheless! Does picoCTF have have challenges that are more based on web applications?
@iKilleasy007 2 жыл бұрын
picoCTF has a web exploitation category
@AliYar-Khan 2 жыл бұрын
Can we reverse engineer malware and then remove them this way ?
@bmbiz Жыл бұрын
That's pretty much the _only_ way to remove previously unknown malware: reverse engineer it, figure out all changes it makes and then undo all those changes on an infected system.
@marcoamendoza5283 Жыл бұрын
Does anyone have the bbbblob file to try it out?
@Bromon655 Ай бұрын
What is the Linux wizardry… dude was flying through the terminal like nobody’s business
@SultanSaadat 2 жыл бұрын
can you send us your shell modifications? This looks so cool.
@MasterRg-cj7tt 2 жыл бұрын
Hi , I am new PicoCTF . and i try to solve that for practice if i cant i am looking for in google for solving . But I cant find picoCTF notepad Author: ginkoid . Can you help me? How can i solve that
@afrkleaks4991 10 ай бұрын
I do not have time with all these load it opens this read there and there then crack it i refuse all these stuff at the end you have to find the way to get in to the software, easy ways quickly just load malware to infect
@anujsrivastav6444 2 жыл бұрын
Hey jhon can you please tell me how I can trace the memory leak from heapdump file?
@roachxyz 2 жыл бұрын
What is this stuff called? Cybersecurity?
@NexushasTaken 11 ай бұрын
its already in the video title.
@MygenteTV Жыл бұрын
wtf, this is weird I had been watching your videos and even follow you in LinkedIn for years and just found out I wasn't subscribed to your channel. KZbin be playing tricks, they welcome you with your favorite channel for ever and you will never know you weren't subscribed because everytime you open youtube and see the same person there you automatically think you are subscribed
@mideno7619 2 жыл бұрын
Sup
@MisterK-YT 2 жыл бұрын
Question: why didn’t he “trust” the Ghidra from the official Kali repo? Why go through the process of installing manually??
@SheIITear 2 жыл бұрын
Stuff from the repos on your distro tend/might be really old. In case of ghidra you just download and extract it so thats the fastest way to get the latest.
@MisterK-YT 2 жыл бұрын
@@SheIITear noted! Thanks!
@vaisakhkm783 2 жыл бұрын
I wanted to ask same. I thought it might be the reason but to make sure... Is that a problem with distros like fedora or arch!?... those are more up to date than Debi an right!?
@patrickborys3490 2 жыл бұрын
ez
@metsfaninct 2 жыл бұрын
Man, nothing like getting spammed. Should have spaced it out.
@ocoolwow 2 жыл бұрын
You gotta stop man, this is flooding my sub box
@pitust 2 жыл бұрын
process or RE with binary ninja: step 1: load the binary. step 2: see the number in plain text from the decompiler. step 3: profit
@KirwinWebb 2 жыл бұрын
You seemed disappointed that you got the flag so quickly.
@utensilapparatus8692 2 жыл бұрын
John 1337 the king
@WaseemLaghari Жыл бұрын
I solve it by viewing your video but you did it late by looking for other stuffs. Maybe you do to let us all understand everything
@ultimultig 2 жыл бұрын
cool but i didn't understand a single word said in this video
@kraemrz 2 жыл бұрын
Yt algo
@BigWin24410 2 жыл бұрын
Is this the apparently kid all grown up?
@CodyHoskin Жыл бұрын
Have you ever got a live virus on your own system? Or a RAT?
@bohu3741 Жыл бұрын
its too simple
@fatizahra3420 2 жыл бұрын
m9wd
@nguyentrang7909 Жыл бұрын
beautiful hair ........ I want to touch it haha
@onizuka2345 2 жыл бұрын
Removed from my feed for uploading 18 videos at a time. You know how KZbin works and that is not how you do it.
@ocoolwow 2 жыл бұрын
Bye don't let the door hit you on the way out
@musa4213 2 жыл бұрын
why your voice like ill man, my tonsil hurts now AAAH
@OkOkOkIMightKnowYou 3 күн бұрын
High Level Forgetting
@infernez 2 жыл бұрын
I gotta unsub for a little bit until this wave is finished with. You are absolutely flooding my subscribe stream.
@zxCraig1690Xz 2 жыл бұрын
You my friend just got an unsub for those stupid uploads spamming my feed👺
John Hammond
Рет қаралды 42 М.
jeFF0Falltrades
Рет қаралды 282 М.
stacksmashing
Рет қаралды 135 М.