Reverse Engineering w/GDB and Ghidra! | picoCTF 2022 #08 "Keygenme"

Рет қаралды 17,767

Жыл бұрын

Help support the channel with a like, comment & subscribe!
====Links====
🤖Discord: / discord
💻Blog: jasonturley.xyz/blog
🐔Twitter: / _jasonturley
🐙GitHub: github.com/JasonTurley
🔗LinkedIn: / jasonturley
====Support====
☕BuyMeACoffee: www.buymeacoffee.com/jasonturley
💖Donate Crypto: jasonturley.xyz/donate
🐳DigitalOcean: m.do.co/c/f2f4ad68767c ← receive $100 in credits
====Study Notes====
eJPT certification cheat sheet: github.com/JasonTurley/eJPT
GXPN/SANS SEC660 course review: jasonturley.xyz/sans-sec660-g...
====Music====
“Easy Hike” by Yari

Пікірлер: 31

@jasonturley Жыл бұрын

Join us on Discord! discord.gg/v2BVAUyj3P

@aurinator 2 ай бұрын

Renaming things to make sense of the code flow was common, even back in the days with SoftICE before you had a GUI. Also though, rather than going into that function and Reversing it, you could just set its return value to the one you want without even messing with the logic in the function it enters.

@theadorelogon112 Жыл бұрын

Nice demo! GDB is so sweet. Radare has always been my goto for reversing but I'm trying to experiment with Ghidra so a straight example like this was awesome. Also, thanks for not being obnoxious. I'll gently place a like and subscribe on this channel.

@jasonturley Жыл бұрын

Thank you! I’ve played with Radare a few times, but I always revert back to GDB lol. Best of luck with Ghidra!

@womacko Жыл бұрын

Your videos are totally underrated. This is pure gold for getting started. Thanks for the walkthrough. Stumbled across your channel when looking for "reverse engineering assembly" videos :) Please keep it up and keep uploading. Following!

@jasonturley Жыл бұрын

That means the world to me! Thank you so much!

@kromaki131 7 ай бұрын

Awesome video. I was looking for Ghidra introduction video because I'm new to it and then found yours. I didn't expect to have a great introduction to gdb too! It's not only helpful but also motivative. Thank you.

@jasonturley 7 ай бұрын

Thank you! Glad I could help and best of luck with reverse engineering!

@Meodoc 11 ай бұрын

Thanks! I have never used gdb (or ghidra) before, and with your help I managed to do my first reverse-engineering assignment for my university! :)

@jasonturley 11 ай бұрын

That’s awesome! Great job!

@skrillyvito4232 9 ай бұрын

This was super helpful man thanks a lot

@user-kg7bj3bo4m 3 ай бұрын

I'm a complete noob when it comes to RE, but I understood most of this. Good job!

@jasonturley 3 ай бұрын

Thank you, I’m glad it helped! I’m no expert on reverse engineering but it’s fun learning it

@PoliticalPanic Жыл бұрын

nice - thx for sharing.

@jasonturley Жыл бұрын

Thanks for watching!

@anthonyramnarain9129 4 ай бұрын

Great Vid

@jasonturley 4 ай бұрын

Thank you!

@axionet_dev Ай бұрын

I was select all variable and retype to char[x] char it worked.

@jasonturley Ай бұрын

Nice!

@etopowertwon Жыл бұрын

I really wish debug in ghidra was not so complicated. It could probably rival x96dbg, which I really really miss in linux, as no amount of gefs make gdb comfy for common operations

@nyxon_x 10 ай бұрын

Hello, can i ask you why you can't find these values that the executable pushes onto the stack via Ghidra and you have to execute it via GBD and print them before returning? Where are these values coming from if they are not hardcoded somewhere? Are they obfuscated? --edit watching it again i see the MD5 uses the flag_pieces, which are hardcoded values, so theoretically you can reproduce this section of code and find the rest of the flag without GDB? I guess GDB is faster in this case, but i was wondering if there is something more i am missing.

@jasonturley 5 ай бұрын

Hello! I’m sure you can find the flag entirely in Ghidra (or any other disassembler or decompiler) without having to use a debugger like GDB. Admittedly, I’m not great with Ghidra and feel more comfortable in GDB.

@user-is1qw9bn1f 3 ай бұрын

I was also wondering how it set up unique keys for each person (to prevent copying) Unless it creates a unique one per entrant

@rrkatamakata7874 8 ай бұрын

Do you have any guides for learning reverse engineering. The tools that you use and or the paths tat you recommend

@jasonturley 8 ай бұрын

I made a video on this a while back. Admittedly, I think it needs to be remade with more info, but it should be a good starting point: kzbin.info/www/bejne/qnyqiohrrLZ2iaMsi=OM167_KG4Nx4ZfS0 I also recommend the KZbin channel LiveOverflow.