Thanks for your videos mate, your whole channel is like a gold mine to me!
@_JohnHammond6 жыл бұрын
Thanks so much! Hopefully there will lots to show when PicoCTF 2018 is over after next week! :D
@rodriquh5 жыл бұрын
I loved it when you said we didn’t stay in our shell. Lolz
@HackerGprat5 жыл бұрын
BIG FAN FROM INDIA...
@k-sansenpai77744 жыл бұрын
Love your videos, great content How does cat command work with holding console for taking further comands? Kind of confused there
@thepag526 жыл бұрын
John your videos are great thank you for what you do. Do you know if 2017 will end when the 2018 competition starts
@_JohnHammond6 жыл бұрын
Thanks so much! Honestly I am not sure, that's why I had been hoping to put more pressure on the 2017 videos. 2014 and 2013 went down, but I am hoping that 2017 stays up...
@DigitalicaEG4 жыл бұрын
@4:10 I think You initial approach should've worked, the passwords were there in cleartext but the username was different (root and artist). The reason why it matches the flag is simply because the password and the flag match.
@synestematic4 жыл бұрын
i understand the gets approach but why doesn't the "normal" logic work: authenticate with admin + {{ create_long_password() }}. Is it because John needed to escape the spaces in the password with \'s ?
@avishabat51676 жыл бұрын
Why did the username overflow the access level instead of the password?
@_JohnHammond6 жыл бұрын
Check out the source. Since they still run `gets` on the password buffer, you COULD overflow the access level with that variable... but you have to go THROUGH the username buffer to do it. See how username is above password when it's declared? The access level is declared just before username -- so username is right under it on the stack. Overflowing username will get you to hit the access level first.
@sbig216 жыл бұрын
So if I for example input a valid username and overflow the password instead will it still work?
@_JohnHammond6 жыл бұрын
Yup! As long as one of the variables gets overflowed and changes the return address on the stack frame, you'll still jump to that address.