I Reverse Engineered this Program Automatically.

  Рет қаралды 80,098

Low Level

Low Level

Күн бұрын

Пікірлер
@afra1d828
@afra1d828 10 ай бұрын
nice
@catatrophicalist
@catatrophicalist 10 ай бұрын
nice
@cslearn3044
@cslearn3044 10 ай бұрын
nice
@jommeez
@jommeez 10 ай бұрын
nice
@zirgaoec3784
@zirgaoec3784 10 ай бұрын
nice
@grandmakisses9973
@grandmakisses9973 10 ай бұрын
nice
@mouradlaraba
@mouradlaraba 10 ай бұрын
even if i didn't understand anything, all i could to say is that the humanity is still good that person like you still exist, thanks a lot
@rawallon
@rawallon 8 ай бұрын
idk man, he's writing P*thon
@CX330Blake
@CX330Blake 8 күн бұрын
@@rawallon lol python is good for such this work tho
@cyberpunk1618
@cyberpunk1618 10 ай бұрын
2:55 in and already 100% worth watching. Knowing I can use Ghidra without migraines is such a performance booster.
@n0o0b090lv
@n0o0b090lv 10 ай бұрын
This ain't low level chanel this is high level chanel I learn a lot Also thx LLL
@basedfacistman
@basedfacistman 10 ай бұрын
chanal
@n0o0b090lv
@n0o0b090lv 10 ай бұрын
@@basedfacistman you see... FAST LOOK AN ALIEN Nah just a bird, oh look chanel. I wonder what happened
@vnc.t
@vnc.t 10 ай бұрын
*channel
@n0o0b090lv
@n0o0b090lv 10 ай бұрын
@@vnc.t the n went on vacation
@ProfessorThock
@ProfessorThock 10 ай бұрын
LLL feels more Supreme than Chanel
@coffeegonewrong
@coffeegonewrong 10 ай бұрын
Thanks for increasing the font size LLL 📱
@sarimbinwaseem
@sarimbinwaseem 10 ай бұрын
Whole thing went above my head but I still watched... Soon it will go in my head... IDK when
@iwakeupsad
@iwakeupsad 10 ай бұрын
Totally. So often for me, understanding comes through the side door unannounced.
@sarimbinwaseem
@sarimbinwaseem 10 ай бұрын
@@iwakeupsad haha.. yeah.. unexpectedly..
@EmberDRG
@EmberDRG 10 ай бұрын
thank you for all these vids, they helped me with the basics of reverse engineering. I'm currently working on reverse engineering a ps3 game and it's been incredibly fun so far
@Pr0xima_audio
@Pr0xima_audio 6 ай бұрын
MGS4?
@EmberDRG
@EmberDRG 6 ай бұрын
@@Pr0xima_audio NieR : Gestalt
@titaniumtomato7247
@titaniumtomato7247 10 ай бұрын
8:40 I am not a fan when people make negative comments about someone's use of a tool to complete a task. Programming doesn't need more elitism or stupid battles.
@arjix8738
@arjix8738 10 ай бұрын
I read your comment before watching that part and I totally got the wrong idea lol Thought you meant that no-code "hackers" should not be looked down upon. To which I disagree. But by "tool" you were referring to the choice of language, to which I agree, hacking is a mess either way, the choice of language should not matter as long as it does the job.
@Damqq
@Damqq 10 ай бұрын
Honestly this is pretty interesting, I NEED MORE OF such content PLEASE.
@patriciopage6579
@patriciopage6579 10 ай бұрын
How is it only now I find this gem of a channel? Dang youtube
@driden1987
@driden1987 10 ай бұрын
Looks like a lot of fun once you understand what's going on and know ways you could tackle the proble
@MyCodingDiary
@MyCodingDiary 10 ай бұрын
I've never commented on a video before, but I had to for this one. It's that good!
@AgentXegy
@AgentXegy 10 ай бұрын
bro I could watch this every day that was awesome
@luketurner314
@luketurner314 10 ай бұрын
For anyone here new to Python, if __ name __ == "__main__": main() prevents the main function from running when you import the file/script somewhere else. If you call a function after defining it without this check, it will run even if the file is imported, which you usually don't want Edit: had to insert spaces between the underscores and name because YT thought I wanted it italic. In actual code, it would be 2 underscores, name, 2 underscores (no spaces between); sometimes read as "dunder name" (concatenating/abbreviating "double underscore" to "dunder")
@IsaacNewTom22
@IsaacNewTom22 10 ай бұрын
Thank you, LLL, the font size saved me :)
@williamshenk7940
@williamshenk7940 Ай бұрын
excellent content!! enjoy your thorough analysis.
@EnderMega
@EnderMega 10 ай бұрын
Thats how you know he is a _real manly_ C/C++ programmer, he apologies for using Python, and as a fellow C/C++ programmer I forgive you. Jokes aside, good video!!!
@Kshsjhsjwgshdns
@Kshsjhsjwgshdns 10 ай бұрын
I love this channel.
@m1geo
@m1geo 10 ай бұрын
Nicely done, Mr LLL.
@lazzalicious6220
@lazzalicious6220 10 ай бұрын
The man, The myth, The legend. Found you again
@driden1987
@driden1987 10 ай бұрын
Thanks for zooming in!
@MyCodingDiary
@MyCodingDiary 10 ай бұрын
Great video! Very informative and well explained.
@boenrobot
@boenrobot 10 ай бұрын
14:37 - Hold up. Where did these magic hex numbers come from? Why those offsets? Can they be determined in a cleaner way, rather than hard coded like that?
@PauloMEDCOMADVANCE
@PauloMEDCOMADVANCE 6 ай бұрын
Did you find out this part? also need help here!
@jakub2631
@jakub2631 4 күн бұрын
3:50 thanks LLL!
@P-G-77
@P-G-77 7 ай бұрын
Awesome work !
@zxcvb_bvcxz
@zxcvb_bvcxz 10 ай бұрын
So *why* does angr have issues with stdin and how were you able to work out the fix?
@Eugensson
@Eugensson 10 ай бұрын
Why - just speculating here, because cpp streams are weird. How - he has emulated the result of the text input himself, he put the string pointer on the stack (this is exactly what that cpp function does after fetching the text), and he has skipped the stdin function.
@mardiyonghasben1619
@mardiyonghasben1619 3 ай бұрын
Goodluck...sir... perfect
@Phreak5h0w
@Phreak5h0w 3 ай бұрын
What keyboard are you using? I like that it's not a crappy loud mechanical keyboard, that even your neighbours could hear through three walls. Is it the same in your current videos?
@sassywoocooo
@sassywoocooo 10 ай бұрын
we finally got ghidra in dark mode
@yahsprut
@yahsprut 9 ай бұрын
what if the binary was built in something else like Rust for example? whould then Ghidra reverse engineer it to C or to Rust?
@BinToss._.
@BinToss._. 5 ай бұрын
The decompilation target language doesn't matter. If you can compile source code to *native* bytecode, you can reverse it if you know the bytecode's target ISA (e.g. x86, x86_64, AMD64, various versions of ARM, et cetera). Some bytecode is *not* natively compiled such as WASM, CIL, and Java bytecode. C is preferable for decompilation because it normally has very little abstraction and is *almost* 1:1 with assembly language. C runtimes or compilers usually inject boilerplate for setup of heap memory management.
@HypeLobbiesHD
@HypeLobbiesHD 8 ай бұрын
I love your merch, I have the mousepad and the t-shirt, do you have any other plans for more reverse engineering or low level related merch? I would totally buy more
@adershvarshnei5198
@adershvarshnei5198 10 ай бұрын
thanks for increasing the size mr lll :)
@iagosrodrigues
@iagosrodrigues 8 ай бұрын
I loved the video; I didn't understand anything, but it was an excellent video.
@baranjan6969
@baranjan6969 10 ай бұрын
Ngl I am pretty new to low level stuff but I recommend running it a bit first before even running strings
@ПавелСереда-н9д
@ПавелСереда-н9д 3 ай бұрын
would be great to see more complicated examples of using angr
@AgentKent
@AgentKent 10 ай бұрын
Thanks LLL
@dritterregenschirm2324
@dritterregenschirm2324 17 күн бұрын
1:46 How do you know that it's little-endian? Doesn't ARM support both?
@veritas7010
@veritas7010 10 ай бұрын
Now crackmes are cool but whos gonna actually have good info on compiling osx/xnu kernel, modifying kernel/writing a kernel driver to disable debugging detection, bypass address randomization. What for? Oh yeah, just to bypass debug detection and also have a way to dump consistent traces. And just to begin on actually getting progress with 20mb+ binaries
@DropShotPat
@DropShotPat 6 ай бұрын
I wasn't worried about the empty boxes, until you said something LOL.
@nedac279
@nedac279 3 ай бұрын
Ik that’s it’s been a while, but thx LLL!
@braveitor
@braveitor 10 ай бұрын
When machines take over us, I hope you speak for us all as you know their native language. Interesting to watch, don't hava a clue about how anyone can learn those skills... :D
@Armstrong1781
@Armstrong1781 10 ай бұрын
you are the best
@dtikvxcdgjbv7975
@dtikvxcdgjbv7975 10 ай бұрын
The magic starts at 15:44 😃
@IZ4HDM_Chris
@IZ4HDM_Chris 9 ай бұрын
Thanks for the Font LLL!!!!
@llmnr3xp0sed
@llmnr3xp0sed 10 ай бұрын
I'm curious how angr works with ASLR enabled.
@nomio_o
@nomio_o 10 ай бұрын
When running with correct permissions you can choose to disable ASLR for a spawned process which is likely what angr does. GDB uses the "personality" syscall to do this with the flag ADDR_NO_RANDOMIZE.
@llmnr3xp0sed
@llmnr3xp0sed 10 ай бұрын
@@nomio_o ah, good to know.
@logiciananimal
@logiciananimal 10 ай бұрын
Angr looks really neat. I suppose in some cases one runs into formal undecidability. How does it "cheat'"?
@z8den
@z8den 10 ай бұрын
why on earth do you not have the link to the cracksme in the description man
@gringle8578
@gringle8578 10 ай бұрын
Cool, next do Denuvo. Let's see how good you are!
@RandoYoutubeViewer
@RandoYoutubeViewer 10 ай бұрын
Hey , very nice intro to angr, i have a bit that i didn’t get is why the first try with the 32.8 bit key space reached in the simulator the last address ? That for me doesn’t yet click
@secret_7025
@secret_7025 10 ай бұрын
Low level programming is the hardest my bro ReSearch about it.
@saulgoodman6710
@saulgoodman6710 9 ай бұрын
Great video, I'm new to this stuff. couple of doubts, when giving the address of the good and avoid case, why is only 4byte address is provided instead of entire address from memory map? secondly, how the hell do you learn all there stuff? since there are multiple libraries/tools.concepts used just for one problem. Impressive btw!
@makebreakrepeat
@makebreakrepeat 10 ай бұрын
Dark mode, let's go!
@cherubin7th
@cherubin7th 10 ай бұрын
I am looking forward, when we can take a binary and automatically turn it with AI in beautiful source code with comments etc.
@monterraythehomeless
@monterraythehomeless 5 ай бұрын
I needed the font size increase and I'm on desktop lol. Thanks LLL
@smocloud
@smocloud 10 ай бұрын
Thanks LLL.
@Vazzible_gaming
@Vazzible_gaming 6 ай бұрын
How do i find the CTF program, can you link it to me so I can do all the steps myself?
@mattshu
@mattshu Ай бұрын
THANKS LLL
@hakushakudoa283
@hakushakudoa283 8 ай бұрын
Thanks triple o
@outtakontroll3334
@outtakontroll3334 10 ай бұрын
this is some dark art shit- only able to follow a little of it, but interesting
@oliverpasquesi8068
@oliverpasquesi8068 6 ай бұрын
Can you do a Ghidra tutorial pls?
@Ni7ram
@Ni7ram 10 ай бұрын
yes, yes.. of course i understand all this
@asseenontv247
@asseenontv247 10 ай бұрын
Do you have any recommendations on books that are useful desk references for this stuff?
@catatrophicalist
@catatrophicalist 10 ай бұрын
do you prefer intel or at&t syntax?
@grandmakisses9973
@grandmakisses9973 10 ай бұрын
intel of course
@godnyx117
@godnyx117 10 ай бұрын
@@grandmakisses9973 Based opinion
@atijohn8135
@atijohn8135 10 ай бұрын
intel addressing syntax and at&t argument order ("mov rax (to) rcx" makes more sense than "mov (to) rcx: rax")
@godnyx117
@godnyx117 10 ай бұрын
@@atijohn8135 The thing is, binary instructions follow the intel syntax. So, especially for those who create compilers, the AT&T syntax is confusing, even tho it makes more sense...
@flyinginthedark6188
@flyinginthedark6188 10 ай бұрын
AArch64
@terry-
@terry- 8 ай бұрын
Great!
@dtikvxcdgjbv7975
@dtikvxcdgjbv7975 10 ай бұрын
You unbaked the bread!
@Subcode
@Subcode 10 ай бұрын
Can you make a video on how this would work when an application also has a DLL etc? ive tried this once on an application with a DLL and it got very confusing, really couldnt figure any of it out.
@PauloMEDCOMADVANCE
@PauloMEDCOMADVANCE 6 ай бұрын
why the -0x58? where does it come from?
@GameBacardi
@GameBacardi 10 ай бұрын
...I need practise "hello world!" again, 60th time
@abauchu
@abauchu 9 ай бұрын
Thanks LLL
@Codingwannabe-cw1yd
@Codingwannabe-cw1yd 10 ай бұрын
Thx lll for zooming in
@shteatinggrin
@shteatinggrin 10 ай бұрын
It’s so weird knowing that the NSA has a program named after the Godzilla monster
@comradepeter87
@comradepeter87 10 ай бұрын
Remember that it's still nerds inside NSA that are responsible for creating and maintaining this. If they can get away with it, they will.
@shteatinggrin
@shteatinggrin 10 ай бұрын
@@comradepeter87 Ofc, every major tech system has been built up and maintained by nerds. It’s still pretty wild regardless
@RigoVids
@RigoVids 9 ай бұрын
Thanks tripple el
@RandomGeometryDashStuff
@RandomGeometryDashStuff 10 ай бұрын
do you use computer with arm cpu?
@hyperplano
@hyperplano 10 ай бұрын
Waiting for LLL x LaurieWired video :)
@JM-is1vf
@JM-is1vf 10 ай бұрын
Thanks for your channel. I would love it even more without the background music.
@monad_tcp
@monad_tcp 10 ай бұрын
Is scanf still using self modifying code or something ?
@maz5232
@maz5232 8 ай бұрын
Hi please make more
@RJ-or8bw
@RJ-or8bw 6 ай бұрын
Thanks LLL
@nsg650
@nsg650 10 ай бұрын
Wait are you a cuber as well?
@VINICIUSMOURACARDOSO
@VINICIUSMOURACARDOSO 8 ай бұрын
how can I change ghidra to dark mode?
@quietusplus1221
@quietusplus1221 6 ай бұрын
I have some experience with coding. The further this went on my head started spinning though. This is on another level, quite interesting ^^
@vsevolodalipov4375
@vsevolodalipov4375 10 ай бұрын
May be a dumb question, but why not brute force it instead?
@kamu38
@kamu38 5 ай бұрын
If you can do this technique then it's far superior to brute forcing. Brute force would take far longer.
@ErikBongers
@ErikBongers 10 ай бұрын
Can you crack how to exit vim?
@DrDAC-go7hs
@DrDAC-go7hs 2 ай бұрын
Thx 3xL
@hoteny
@hoteny 10 ай бұрын
cool. now how do i guess what a weird 8 byte value does?
@semitangent
@semitangent 10 ай бұрын
Thanks triple L - in the chat!
@rudymoralesjr
@rudymoralesjr 7 ай бұрын
I need to learn how to do this proficiently so I can hack car ECUs for tuning. They made it so hard to tune cars these days...
@ffeliziani
@ffeliziani 10 ай бұрын
Wait, how are you running arm code on your machine?
@tronosgamingwizard
@tronosgamingwizard 10 ай бұрын
perhaps a VM
@ffeliziani
@ffeliziani 10 ай бұрын
@@tronosgamingwizard does ghidra run on ARM? I guess with the magic of editing (or ssh) he could be on different machines
@tronosgamingwizard
@tronosgamingwizard 10 ай бұрын
@@ffeliziani I'm unable to answer this one, mate.
@ffeliziani
@ffeliziani 10 ай бұрын
Sorry yeah the Q should have been for @lowlevellearning
@kamu38
@kamu38 5 ай бұрын
@@ffeliziani It's Java. So if the JVM runs on ARM then it will (more/less) run.
@UnrealEngine_Master
@UnrealEngine_Master 10 ай бұрын
nothing is clear, but very interesting 🤠
@rallokkcaz
@rallokkcaz 10 ай бұрын
LFG!!!! LLG GANG GANG!
@SadKris
@SadKris 10 ай бұрын
the a/v desync lmao
@blehbleh9283
@blehbleh9283 10 ай бұрын
Symbolic Execution 🔥🔥
@MenkoDany
@MenkoDany 10 ай бұрын
There's a piece of abandoned niche commercial software which I'd love to crack for archival purposes. Will this work on it? It's written in Delphi and it can be activated offline even though there was an internet activation option (which obviously doesn't work anymore). There is version 3.x which is still being sold even though there were no updates for 8 years or any activity from the dev whatsoever. Thing is, version 3.x is a joke. Well, 2.x was an actual joke, not worth a penny, and 1.x is the legendary version which I'd like to crack. I believe it would still be used today if the dev released a 64bit version like he promised :( The released version crashes way too often because of the ram limitation.
@a_f_a_b
@a_f_a_b 10 ай бұрын
Man you don't have to apologize for python. You don't have to apologize for anything!^_^
@katchen2626
@katchen2626 10 ай бұрын
what does SAT mean?
@LowLevelTV
@LowLevelTV 10 ай бұрын
satisfiability solver
@almightyhydra
@almightyhydra 10 ай бұрын
Meh, automating the reverse engineering takes the fun out of the problem :p if each of those functions was only checking one of the bytes, you could solve each fairly simply, I'd imagine.
@danielrubin3649
@danielrubin3649 10 ай бұрын
Tack 3xL
@wrathofainz
@wrathofainz 10 ай бұрын
Someone should write an ANGR-y UI for gui people
@yurilsaps
@yurilsaps 7 ай бұрын
I didn’t like that was necessary to use angr to solve the challenge
@billy-cg1qq
@billy-cg1qq 10 ай бұрын
That angr math solver didn't make any sense lol
I Reverse Engineered this Program and Generated Infinite CD Keys
11:39
Counter-Strike 2 - Новый кс. Cтарый я
13:10
Marmok
Рет қаралды 2,8 МЛН
How a Microcontroller starts
28:49
Artful Bytes
Рет қаралды 64 М.
using numbers in your code is bad
14:33
Low Level
Рет қаралды 147 М.
WHY IS THE HEAP SO SLOW?
17:53
Core Dumped
Рет қаралды 284 М.
How to Crack Software (Reverse Engineering)
16:16
Eric Parker
Рет қаралды 789 М.
Why Doom is Awesome: Binary Space Partitioning
26:25
ShreddedNerd
Рет қаралды 1,1 МЛН
Reverse Engineering LAB Setup Tutorial (updated)
14:34
OALabs
Рет қаралды 9 М.