Reverse Engineering and identifying Bugs - BKPCTF cookbook (pwn 6) part 1

Рет қаралды 42,388

Күн бұрын

Part 1: reverse engineering the functionality of the cookbook binary with IDA
Part 2: Leaking heap address and libc base address
Part 3: Arbitrary write - House of Force
exploit: gist.github.co...
=[ 🔴 Stuff I use ]=
→ Microphone:* geni.us/ntg3b
→ Graphics tablet:* geni.us/wacom-...
→ Camera#1 for streaming:* geni.us/sony-c...
→ Lens for streaming:* geni.us/sony-l...
→ Connect Camera#1 to PC:* geni.us/cam-link
→ Keyboard:* geni.us/mech-k...
→ Old Microphone:* geni.us/mic-at...
US Store Front:* www.amazon.com...
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Website: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
=[ 📄 P.S. ]=
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#ReverseEngineering #CTF

Пікірлер: 23

@MrFrekio 8 жыл бұрын

Thank you so much about this videos !! most of the tutorials i found they lack of details.... but your videos explain everything you rock !!

@LiveOverflow 8 жыл бұрын

+MrFrekio Glad you like it :)

@Hezv1 8 жыл бұрын

I "participated" in the BKPCTF and it would be awesome to have more write-ups from you on what you did for it. It was actually the first CTF I had ever done and seeing how a more experienced person works would be great!

@LiveOverflow 8 жыл бұрын

+Conrad Hoffman Oh.. that was a hard first CTF. I would like to make more videos, but I first have to finish the 3 parts for the `cookbook` writeup. The other challenge I solved was `ltseorg`, which I could do a video for. There was no other challenge I worked on because I was so busy with `cookbook` :D

@Hezv1 8 жыл бұрын

+LiveOverflow Yeah I could tell haha. It was nice though to see what my end goal was. I plan on also doing the Sunshine CTF this weekend as that's supposed to be more beginner friendly. Regardless of how much BKPCTF content you have, any content is great anyways, so no worries. Thanks again for the awesome videos

@allthingsreversed 7 жыл бұрын

Great analysis. Good work!

@sleaf6 6 жыл бұрын

Dang that was pretty 👌

@crazytrain86 8 жыл бұрын

You don't need to break into the process to allow aslr. Simply tell gdb to enable it: set disable-randomization off

@christophhansen782 4 жыл бұрын

Could someone possibly explain on why the file "libc.so.6 is indicative of ASLR. 1: 11. Also great video!

@eugenekorobov6473 8 жыл бұрын

hi : ) yesterday i've found you channel and found it very interesting (because last time i've dove into reverse engineering) and i see that you are using IDA, but unfortunately i live in poor country, and buying soft like IDA Pro is a little bit onerously here : ) so my question is, what do you think about Radare2? is it good or not? and why?

@LiveOverflow 8 жыл бұрын

+Eugene Korobov I also use radars. I don't stick to only one tool. Checkout binary ninja and hopper app. Radare is awesome and has an amazing community.

@eugenekorobov6473 8 жыл бұрын

ok, thank you : )

@John-shreds 6 жыл бұрын

Does anyone know of a simpler video series. Mabye something like coding an application like this cookbook. Then attacking it when your finished?

@themadichib0d 5 жыл бұрын

I know this is old, but theres the Art of Exploitation 2nd Edition book. Its an old book and a lot of details are a bit outdated, but its still an amazing starting resource that will literally do exactly what you describe. Starts off with lessons in C and has you build a casino game in the style above, and then starts you off with abusing it for cheats and then going into full on exploits.