Seems you’ve stopped posting vids...but this is by far the best intro to BO and gdp our there. I salute you good sir, and please come back!
@TechinalBibek3 жыл бұрын
True
@TheRealKitWalker3 жыл бұрын
I agree. This was so much fun watching a BO practical example. I quite enjoyed it. 🤟✌️👏👏👏
@segintendorocks7 жыл бұрын
This guy is freaking awesome. He explains it so much better than my professor :D.
@OVVAISNAB3 жыл бұрын
Best video explanation of this seemingly complicated topic, thank you!
@muhammadkashif42165 ай бұрын
This is literally some of the best and practical explaination conveyed so nicely, a low level stuff (pun intended :D), great respect
@rj-nj3uk5 жыл бұрын
Hi James, very nice video. I am interested in system programming, and it is so difficult to find a tutorial video like this. Please don't stop.
@alexis-nicole13 күн бұрын
Extremely well explained! 😊
@bjarkismari2 жыл бұрын
How did you find the return pointer just by looking at the stack?
@BeSharpInCSharp5 жыл бұрын
The only thing that is NOT CLEAR from this video is how you guessed the return address? How did you know exactly which address should be replaced by B ascii values?
@christiansanchez48839 ай бұрын
“x/1x $sp” should work
@trishaatluri7 жыл бұрын
sooo helpful - would have been up all night doing my pset if it weren't for this video
@shyngyskerimbekov25146 жыл бұрын
I am delighted, acquire so much understandable infromations , TY man!
@manojamrutharaj90712 жыл бұрын
Thanks for this wonderful analysis video....
@GURUYATHI6 жыл бұрын
I understood properly, thank you sir for the video
@anoopjohn90626 жыл бұрын
Could you explain how do we identify the return address?
@adityashrest58866 жыл бұрын
anoop john by radarex
@cursedfox4942Ай бұрын
Love this gdb stuff very little missing I assume after access granted on a real system the operating system or private code would still run or would you have to point to it
@kooners69615 жыл бұрын
8:50 I'm really confused on how he can tell it's the return pointer
@tlehloba5 жыл бұрын
Exactly my point. how do u determine the return pointer
@rootabeta90155 жыл бұрын
@@tlehloba Usually, trial and error
@kraken_norse4 жыл бұрын
You can find it out by checking push/pop instructions, which push items onto the stack frame or pop from it , in the disassembled function. The return pointer of a function is pushed on the stack when it's called,.
@enesozdemir99734 жыл бұрын
@@kraken_norse thank you mann you saved the day
@ca79863 жыл бұрын
This video is really high quality content!
@nnamdyjunior9 жыл бұрын
beautiful!!! just what I was after!
@JannisAdmek3 жыл бұрын
This video was so helpful, I watched it twice :)
@etienneboutet71935 жыл бұрын
Amazing explanation. Thanks a lot
@stevecross91593 жыл бұрын
James- great video
@rootdev81066 жыл бұрын
Thank you for your awesome how-to!
@mohammadahmedragab8372 жыл бұрын
thank you so much for clear explanation. Please where can I find a full course of your courses ?
@TekiZZ3 ай бұрын
such a nice video
@surajkushwah32216 жыл бұрын
awesome video explained so much
@quaxiscorporationforresear55578 жыл бұрын
Great video sir!
@aragon595610 ай бұрын
If i want to put a shellcode , the return address is the bottom of the stacj ,isn't it ?
@Thanatos5712 Жыл бұрын
I do the same exact step but i only have seg fault. Can It be because the Memory region of my eip( return pointer) Is only readable?
@pwn0x806 жыл бұрын
Your legends sir your best ... You rock ..
@User-cv4ee5 жыл бұрын
Why does the stack store new data towards the return pointer? Wouldn't going the opposite way ensure rp is never touched?
@amjadhammoudeh79546 жыл бұрын
much appreciation mate
@ahmedlimam22414 жыл бұрын
Thank youuuuu I have a little problem, saying that I can write into the buffer through an argv[1] once I figure how much character I need and I figute what the return pointer address is, if I execute ./program my payload + p32(address I need in hex) when I check gdb the return address changed but not to the address I need it to be, as if it read the "\" and the "x" of the little endian p32 as a value on their own, how can I change that?
@omarAhmed-wt8kx7 жыл бұрын
Another good one keep up you have good representation way
@evilmulle42285 жыл бұрын
When you print the stack with x/##x $esp, the first address that you call the offset, is that just the first address of the following 4 * 4 bytes?
@mantas98265 жыл бұрын
Well explained. I got the flag I was looking for.
@anoopjohn90626 жыл бұрын
How to identify the return pointer?
@breakingcode926 жыл бұрын
first you do break main, then when you run and it hits the first break point at main you can do info frame and it will give you the rbp/ebp (depending on whether you run on 64 or 32 bit architecture). It will also give you the eip/rip this is the location of the return pointer.
@tlehloba5 жыл бұрын
@@breakingcode92 How do you determine eip/rip?
@tj61935 жыл бұрын
I'm finally getting it!!! 🎉
@new_contents_all_day5 жыл бұрын
More videos plzz .. Is it possible to exploit packet buffer overflow due to slow data rate
@yungrolex19927 жыл бұрын
how do i ignore the gcc errors because of the implicit declarations of the "gets" function
@SuperWhatusername3 жыл бұрын
Superb
@sandeepbaldawa91464 жыл бұрын
V well explained
@prakashshiv25869 жыл бұрын
This is awesome
@new_contents_all_day5 жыл бұрын
Thank you sooo much
@harishkhattar60096 жыл бұрын
Which software is this?
@stefeyes98196 жыл бұрын
You do know u used the same superman lone in both buffer videos right? Haha just teasing thank you for answering questions that nobody else could
@madimy8 жыл бұрын
what if we do not have an $esp register after the gets function? instead I have $rax register
@portgas38 жыл бұрын
its 64-bit application,you will find $rsp instead of $esp
@sharpspoon24 жыл бұрын
good stuff
@kooners69614 ай бұрын
Everything was great, but I just couldn't get access granted
@kathiravankathir30894 жыл бұрын
awesome
@siddharthpandey34175 жыл бұрын
Anybody else getting a cannot access memory address error after setting breakpoints?
@new_contents_all_day5 жыл бұрын
The code is not compiling
@GiQQ7 жыл бұрын
Why does the address of the granted function needs to be written down in little endian?
@breakingcode926 жыл бұрын
because the value we are storing at a particular memory address must be stored in hex. Little endian specifies that it is already in hex otherwise we would not be able to differentiate between python string or python reference to hex value
@modelfreak125 Жыл бұрын
This does not work! maybe it did on what ever system you used ? But it doesn't work on unbuntu 20.04, cannot over write return of gets, no matter what I try!
@ruslanlion19996 жыл бұрын
Кто сделал лабу? В лс скиньте плез)
@ibrahimgambo49047 ай бұрын
❤
@mustaphachakiri34075 жыл бұрын
>>Thank U so much
@keerthikumark.g21357 жыл бұрын
teach me more about hacking an android device
@abayzhunus50858 жыл бұрын
ne och
@Аширметова8 жыл бұрын
+Abay Zhunus главное дедлайн продлили)
@diegrootam7 жыл бұрын
ai dento
@MRX-xe3qf5 жыл бұрын
Instead of 0x41414141 I get 0x565561f5 which is my ret address.
@leesmith16093 жыл бұрын
I got the address working when I used the example code from kuafu1994.github.io/HackWithGDB/ASM.html
@-makhmutov-7 жыл бұрын
Че там 8 лабка ма? ахахахахха
@CorpOfHack6 жыл бұрын
Какая ? )
@ruslanlion19996 жыл бұрын
В будущем это уже 7я лаба)😂
@tsunningwah34718 ай бұрын
nbbbbbnbnbnkjbjkbjkbjkbjkbjkbjkbjkbjkbkjbjkb
@olzhaskairzhanov80906 жыл бұрын
Тем временем до дедлайна 47 минут
@starboy8329 жыл бұрын
Has anyone really been far even as decided to use even go want to do look more like?
@sheamus699 жыл бұрын
Oatify Er... take a deep breath and then try again...
@anthonyparra95535 жыл бұрын
you don't use nano? I can't watch this.
@sohaibesohaib29142 жыл бұрын
can I have your linkedin account i've a challnge for u
@santoshkumarpanda11806 жыл бұрын
How to identify the return pointer?
@breakingcode926 жыл бұрын
first you do break main, then when you run and it hits the first break point at main you can do info frame and it will give you the rbp/ebp (depending on whether you run on 64 or 32 bit architecture). It will also give you the eip/rip this is the location of the return pointer