At 8:30, you checked log 64 - but wolfram alpha calculates natural logarithm, while you should take a base 2 logarithm instead. log2 64 is exactly 6, so trivial binary search needs 6 requests per letter.
@LiveOverflow7 жыл бұрын
+akrasuski1 argh oooops! Thanks for the correction
@techwithwhiteboard34834 жыл бұрын
@@LiveOverflow are u from turkey
@Rac00n4 жыл бұрын
@@techwithwhiteboard3483 3 yo video and as far as im aware he is german
@CZghost3 жыл бұрын
@@Rac00n There are lots of Turkeys in Germany actually. One is even an actor :)
@VegaDW7 жыл бұрын
I got a chuckle out of sublime being unregistered
@anunayy5 жыл бұрын
I love how lovely he makes all his code... God when will I love to code beautifully.
@wbuchmueller7 жыл бұрын
12:59 H A C K E R M A N
@sagarkapasi0995 жыл бұрын
Lol
@Meowzofficial3 жыл бұрын
YOURE RIGHT
@devikakrishna44643 жыл бұрын
@@sagarkapasi099 13:50 is what hackermen look like
@mdsdn3 жыл бұрын
@@devikakrishna4464 lmao you’re absolutely right
@rafajanicki24567 жыл бұрын
Awesome to watch how you use your knowledge from so many domains to solve one challenge.
@yamakaja12527 жыл бұрын
Amazing video, as always :D Though if "5.00E+00" was the remaining search space, that's not zero :P
@LiveOverflow7 жыл бұрын
:D I wrote the script and recorded the audio, and afterwards I realised I never reached 0 because of bad float calculations I never made it to 0
@AbbyChau5 жыл бұрын
very impressed you figured out 15% is the best split ratio
@a_llama3 жыл бұрын
its better than 50%, sure, but is it the best?
@AbbyChau3 жыл бұрын
@@a_llama i think lof's explanation makes sense. making use of maximum 2 exceptions over 13 trials is 15%.
@AbbyChau3 жыл бұрын
@@a_llama i think there is one more micro-optimization is that, the ratio can be adjusted after when the response of `Wrong Username` or `Wrong Password` is received. e.g. from 2/13, to 1/13, then to 1/9, etc., dynamically.
@alexandrerozier27587 жыл бұрын
The binary search idea killed me. Had to implement one for queries over a huge dataset, and it works great ! Thumbs up :)
@LiveOverflow7 жыл бұрын
heh! Maybe you have some input for here: www.reddit.com/r/algorithms/comments/6kunwp/looking_for_the_fastest_on_average_search/
@Shirolicious5 жыл бұрын
I am quickly becoming a fan of this channel. I love these subjects and I can only imagine how cool it is to be able to understand all this. Its like a game or a puzzle that you need to solve. I am for now just watching the videos, I hope at some point I start to understand things your explaining :)
@ArbelFS37 жыл бұрын
AWESOME!!! Thanks for sharing, I hope you will be granted with the write up reward from google :P
@MichaelMerritt5 жыл бұрын
Holy shit that was amazing, nice work and presentation!
@GunboyzElite7 жыл бұрын
Another Awesome video
@LemonChieff5 жыл бұрын
:cries in yaml:
@farrugiathomas37897 жыл бұрын
Hey, keep going like that, your video are AWESOME.
@kevinwydler44054 жыл бұрын
Beautiful solution!
@theachapter7 жыл бұрын
Hey man once again great video! One request tho. Can you pls make a video where you show and explain all the tools you use, such as your prefered OS, terminal, programming font and so on. And maybe even show your complete setup?! Cheers ;)
@azertyalex19967 жыл бұрын
He uses windows. Sublime text as editor. Chrome as browser. That's about all I could see in this video
@mentnahtulse25577 жыл бұрын
Nope. he uses MacOs. See the bniary hacking playlist, you'll see all the tools ( mostly python and brain )
@azertyalex19967 жыл бұрын
You can clearly see he used windows in this video, never said he only uses windows throughout this or his other videos.
@justsomedude46605 жыл бұрын
@@mentnahtulse2557 not macos, ubuntu
@mahdiarfaramarzpoor7 жыл бұрын
this challenge was really hard for me to understand . u explained it well . butt still damn harddd
@gerrygooable7 жыл бұрын
I’ve been doing ICPC for two years, the search (and search optimization) seemed super straight forward to me, it’s the part about being familiar with all the ‘web’ technologies that I don’t get haha
@LiveOverflow7 жыл бұрын
+gerrygooable do you have a good theoretical background on this stuff? I have a real problem understanding some stuff about the algorithm. I posted a question in cs.stackexchange.com but I guess I was not really eloquent there :/
@gerrygooable7 жыл бұрын
I checked out your question (sorry if it sounds stalky, you're the only liveoverflow over there), I understand that you want to know why the skew on the search is not what you calculated, and also why is the "Minimization of Maximum Regret" strategy more efficient for that problem. Even though I've (maybe) had Minimization of Maximum Regret problems before I'd have to think about it a lot, and unfortunately I'm quite devoid of time for that. I will share this video (and the stackexchange question) with my icpc team. We usually enjoy these algorithm appropriateness mysteries very much
@gerrygooable7 жыл бұрын
I just gave the egg problem mentioned in your stackexchange question. I haven't thought it through at all but the egg problem feels as if it was more adequate with the problem you were given. (Again, I haven't thought this through at all. I might be completely wrong) I feel as if the skew in the search diminished the number of times you guess wrong for being on some particular side of the search domain, whereas the MMR approach minimizes guesses in general.
@gerrygooable7 жыл бұрын
I'm sorry if I'm not being clear What I mean is: I feel like: skewed search -> reduces guessing on the "punished" side of the search range mmr -> reduces guesses in general i.e. more efficient(?) Again, this is just my gut feeling. I'm sorry if I'm wrong. If any of the guys in my team actually explains this I'll surely let you know
@cyancoyote73667 жыл бұрын
Amazing!
@Deaple7 жыл бұрын
Really awesome, thanks for sharing!
@ryuuji1595 жыл бұрын
Correct me if im wrong but you could narrow your search using that regex that you mention at the start so you had to search less characters
@rickoo43685 жыл бұрын
My brain was smoking after this video.
@apg71183467 жыл бұрын
Great job !
@TETYYS7 жыл бұрын
+ 1 gets you every time
@androkon69204 жыл бұрын
Gee gee.
@kalaxlimas7 жыл бұрын
Ty...i thought you haven't read my twitt :) I spent hours trying to optimize that thing...i didn't noticed that exceptions trick :S
@MKkniGEAR6 жыл бұрын
How did you know you could run multiple instances ? It seems like the app generates a new password for each instance you run, but that means you could have validated the challenge with multiple flags ? How did you know running multiple instances would not ruin and let you validate only one flag (like the last instance you ran or something) ? Thanks for the videos.
@LiveOverflow6 жыл бұрын
yeah, the flag validation was unique for each instance. The flag validation was like a "license key" check. There was some logic to validate them. So each instance had the chance to find a valid flag.
@JordanWiens7 жыл бұрын
Very nice! You pause the video at one point on "hi = hi". Shouldn't that be "hi = max_val"?
@LiveOverflow7 жыл бұрын
+Jordan Wiens yap. I just noticed myself that I had some fails in the script after I made it pretty with comments and variable renaming. -.-
@JordanWiens7 жыл бұрын
LiveOverflow heh, that makes sense. My CTF solutions are never that pretty! Though you did do the progress bar in the live version which was a nice touch.
@sweet-sinner6 жыл бұрын
omg so goooood
@sagarkapasi0995 жыл бұрын
My Gosh, Where Do You Learn This Stuff! Its Ridiculous Practice I Guess!
@dream0p21314 жыл бұрын
Correct me if I'm wrong but couldn't you have just proxied everytime you were banned. Or did I miss something?
@BananaMan777777777777 жыл бұрын
Can you please provide me a link to that sweet intro/outro music? BTW I love your videos :D
@mohammaddh86554 жыл бұрын
hi i have the knowledge of ceh and sans 542 and i know owasp top ten but, real world have a big difference with courses examples so please tell me where i can gain some good experience that help me in real hacking i need every resource (book,video,...) please this is more than a dream for me its a goal
@MrHackingcrazy7 жыл бұрын
I was a little confused in 05:24. In what cases the query returned the password and in what cases it didn't? (Also, I assumed you would be bruteforcing password field, but the sql query matches 'user' field)
@LiveOverflow7 жыл бұрын
Just read the query? It says: SELECT password WHERE user = '%s' So the query will return the password of a given user. and don't return a password if the user doens't exist. But with the Injection we create this query: SELECT password WHERE user = 'admin' AND password > 'A' So we return the password for the user admin if his password is bigger than A. If it would be smaller than A, then the query doesn't find a matching password and return nothin. And with those two possible cases, we can slowly bruteforce the passwod.
@GurunathEswar6 жыл бұрын
hey, how can see my server PHP file in the browser without rendering raw PHP like the index.php, I want to see the PHP code
@shivamprasad22665 жыл бұрын
Make whole code a string, pass it javascript and then push it in textarea
@StreetRacersCy7 жыл бұрын
nice :)
@michiel86256 жыл бұрын
Damn!
@tobiaswegner27255 жыл бұрын
Wait... didnt you not just simply get lucky there? 150 from 260 tries sounds already pretty probable with multiple runs. You shift the probability in a binary search, so there is 85% left and 15% right. But doesn't that increase the overall search complexity? I am not completely sure but it might even out in the end (=>you have a 35% bigger chance of avoiding the exception but you need 35% longer to check all of the results...)
@DMWatchesYoutube6 жыл бұрын
Here a year later Gg
@StevenSanders-y3q6 күн бұрын
Lewis Brenda Brown Patricia Brown Scott
@DarkOverFlowOverflow5 жыл бұрын
Sqp*
@ishikani5 жыл бұрын
I don't understand 99% of this video, why am I watching it? Oh well.