Hahaha, "press shift+r and be happy." Great tutorials, you make it look so easy! Thank you!
@0x90meansnop87 жыл бұрын
Dude, I'm really thankfull for your videos! As a selftaught coder it's sometimes hard to move on when there is nobody around you to help you out. But the biggest struggle I faced was not the code by itself. It were mostly the tools i had to use and I had no idea most of them even exist. Thank you very much for this video. This will help me to learn a lot faster than I did before. You're awesome.
@0x3b16 күн бұрын
for real
@mosesnah28938 жыл бұрын
how can these wonderful tutorials only have 4000 views? Cannot believe Thank you so much for these super awesome & helpful videos :)
@LiveOverflow8 жыл бұрын
thank you! If you think it deserves more views, please share it. I'd appreciate it :)
@AhmedJadelrab7 жыл бұрын
I think because there are a few people who understands what he is talking about.
@twistedsim6 жыл бұрын
x10 views in 1 year, not bad
@DigitalMonsters6 жыл бұрын
To be fair this stuff is super esoteric. I get that these tutorials are aimed at beginners but it still assumes an absurd level of computer competency from the outset. I'm a recent Software Engineering grad and I feel completely out of my depth. I need to find an even more "for dummies" series than this and maybe then I can come back to this.
@LiveOverflow6 жыл бұрын
I would like to make videos that help people on your level. I’m wondering how I should approach it. Any ideas or examples? Wanna write me a mail LiveOverflow at gmail?
@muffawuffaman7 жыл бұрын
" for a full list of commands see 'strings /dev/urandom' " oh boy this is one long help file
@cocbuilds5 жыл бұрын
I haven't read a single help file yet. They're all like 50 pages worth.
@jacobtungate38284 жыл бұрын
@@cocbuilds issa joke because urandom is just random characters
@blueairwolf13 жыл бұрын
RTFM -read the fine/f*ck!ng manual :D
@dox4324 жыл бұрын
strings objdump strace, ltrace Hopper Disassembler (other disassemblers include Ghidra, IDA Pro, and Ollydbg) radare2 (cutter)
@Hackers-df5fm Жыл бұрын
i've been trying to master radare, its been 2 YEARS!! also, great explanation of disassembling and decompilation of binary!
@TheGimpyGus8 жыл бұрын
I was really keen to get into this kind of thing for a long time, your tutorials are amazing, honestly thankyou!
@Ebotchl234 жыл бұрын
If you are doing this in 2020 and want to move the nodes around you need to first toggle into graph cursor mode with "c" and then you can move nodes around. Shift + hjkl while not in cursor mode will just allow you to jump around visual mode faster.
@madisonhanberry60196 жыл бұрын
I've been looking for a reverse-engineering resource like these videos for years! Please make more!!!
@lars-magnusskog39834 жыл бұрын
Just a quick note that the r2 commands has changed quite a bit from 2016 to 2020. E.g. the help in visual mode is quite a bit more extensive.
@gtg75295 жыл бұрын
Dear, although i only can understand less than 50% of your video, your are a very amazing guy! Thanks for your videos and i watch your each video more than 3times to try to understand what you say...
@ricardobrito68683 жыл бұрын
WOW! this radare is better than jdb when stepping instructions... You can see it stepping in the graph! Really good!
@zeynarz76144 жыл бұрын
God Bless you for making this series. Thank you so much.
@b0nes956 жыл бұрын
I don't know how I'd live without my trusty companion, CTRL +R.
@connormcneill90246 жыл бұрын
"for a full list of commands see `strings /dev/random`' i c wat u did ther
@elatedmaniac5 жыл бұрын
Literally learned more in this 12 min video than two months of class.
@Salmiery8 жыл бұрын
This was a great overview of these tools and techniques. Keep them coming!
@omri93257 жыл бұрын
Can you use Hopper to crack Hopper?
@douwehuysmans59597 жыл бұрын
Yes
@asjidkalam6 жыл бұрын
Yes indeed.
@4pxris36 жыл бұрын
never thought about that
@lmaoroflcopter6 жыл бұрын
Yes. But it's
@sarahtonin589136 жыл бұрын
_HMMM_
@b00i00d4 жыл бұрын
Great vid! Makes you work to get to every last detail and that's the real fun of it!
@darshannn102 жыл бұрын
the way he says "Press Shift +R and be happy" 😂😂
@typedeaf5 жыл бұрын
I am really impressed and inspired by the advanced content of the newer videos. The completionist in me has to start with your first videos :D I wonder if you use radare now.
@dastrn8 жыл бұрын
I'm really enjoying these videos! Thank you for putting them together. Please keep them coming!
@HoldFastFilms8 жыл бұрын
Great video. That was very helpful! Keep it up.
@Tzeny158 жыл бұрын
Keep these kinds of video coming!
@RoughSubset4 жыл бұрын
KZbin removed episode 0x07 in your playlist :/ Any chance of making it available via other platforms?
@TNothingFree Жыл бұрын
radar seems like windbg, it is great for developers especially C/C++ devs to learn such reversing tools.
@rastakiwi38996 жыл бұрын
Hello. I understand why there are blue numbers that can't be traduced to ASCII, but do you know why there are untraductable Hex marked by ^ while some are marked by ? Why isn't written for example? It is confusing :0. Thanks!
@fluzzlesnuff Жыл бұрын
This probably isn’t useful to you now, but for anyone wondering this in the future: ASCII values 0-31 are ‘control codes’ and can usually be typed with the control key plus a letter or special character. The control key is often represented by a caret (^). So ‘^C’ means control-C, which is ASCII value 3. Vim tries to print unprintable bytes as control codes, so any byte less than 32 will print as a ‘^@‘ or similar. Bytes larger than 127, though, are not in ASCII at all, so they are printed as or whatever hex value. TL;DR: Bytes < 32 are printed as ‘^C’ (control code), bytes > 127 are printed as ‘’ (hex code).
@MrRavenVZ8 жыл бұрын
Very good quality content, thank you!
@alojzybabel41534 жыл бұрын
03:15 Is there some way to distinguish user code from those unknown library functions if they were statically linked into the executable and all we know is some random addresses? :q That would save a lot of time when analyzing programs because I would not have to try cracking the code that later tunrs out to be some library code irrelevant to the logic of the program :q
@dewankpant6 жыл бұрын
I have a question when I try the same thing with hopper. I am not able to get those neatly formatted strings with characters, rather what i get in the pseudocode is the locations for those strings. is there any such option that you have enabled?
@TempestFrenzy5 жыл бұрын
I'm confused as to how you determined 0x4006da contained the key at 4:45 in the video. Can anyone explain this part to me please. Thank you in advance and love your videos so far LiveOverflow :)
@elianagriffith95105 жыл бұрын
Because that memory address was very big. 400 bytes. That's a lot of characters to be simply code.
@compilationsmania4514 жыл бұрын
Look at 4:27. The rodata section starts from 4006c0 and it's size is 4e, so it's range is from 4006c0 to 4006c0+4e. When we run till the string comparison and print addresses in the registers, 4006da is the only address which belongs in that range. So, we deduce that it must be the address of the string because we know the string is in rodata section.
@kvsec13372 жыл бұрын
This is superb😁❤️ thank you very much uncle !
@nukexplosion66794 жыл бұрын
Awesome stuff! Thank you for making these tutorials for us
@olfmombach2606 жыл бұрын
I just can't get the string from the address like you did at 4:35. When I stop at the breakpoint and look at the registers, they all point at a completely different location (except eip of course) and also don't hold strings. I'm on x86 btw.
@abhishekpandey712 жыл бұрын
watching this in 2022, awesome... thanks man.
@bartlx2 жыл бұрын
Thanks for making this great tool referencing video
@anteconfig53915 жыл бұрын
how well does objdump show the assembly for the given hexcode. Also does objdump reliably output the proper assembly instructions for non-ELF file formats?
@awesomedee54212 жыл бұрын
Thank you. I am one of those people who thinks Mac sux, so I subscribed because you showed linux.
@day1player7 жыл бұрын
This video is utterly hilarious. Thank you very much!
@lovelygirish2242 Жыл бұрын
Beautiful stuff
@dodochi793 жыл бұрын
Very impressed!
@saeedradmehr19766 жыл бұрын
I found this one specifically helpful, Thank you!
@linuxguy11996 жыл бұрын
BTW there is cutter for radare which is a free graphical frontend for it
@drwblkfact72863 жыл бұрын
Can someone explain why register rsi is important and why it had the string AAAA-Z10N-42-OK in it? Is it common for the rsi register to hold the the comparing string when the function strcmp is called ?
@kosmasraptis83742 жыл бұрын
Usually this happens for no specific reason. The rsi register just seems to be available at that moment so the compiler puts the line there.
@first-thoughtgiver-of-will24563 жыл бұрын
Thank you this is very helpful for my research.
@caydauden3 жыл бұрын
Question at 4:19, you mentioned main should start at 0x4004d0 and we should be able to find this in the screenshot on the right, but in screenshot on the right, main starts at 0x4005bd? Also, .rodata starts at address 0x4006c0, so we would expect the license string to be at that address, but at 4:45, looks like license string is located at address 0x4006da instead?
@caydauden3 жыл бұрын
I see, the binary code starts at 0x4004d0, which starts with other functions before "main": _start, deregister_tm_clones, register_tm_clones, __do_global_dtors_aux, frame_dummy, and finally "main" starts at 0x4005bd which is within the range (0x4004d0, 0x4004d0 + 0x1e2)
@caydauden3 жыл бұрын
Also see that .rodata has this data, which also includes the license key at address 0x4006da: (gdb) x/10sb 0x4006c0 0x4006c0 : "\001" 0x4006c2 : "\002" 0x4006c4: "Checking License: %s " 0x4006da: "AAAA-Z10N-42-OK" 0x4006ea: "Access Granted!" 0x4006fa: "WRONG!" 0x400701: "Usage: " 0x40070e: "" 0x40070f: ""
@Siik94Skillz4 жыл бұрын
at 1:47, how do you tell gdb to output exactly that with a variable @ rbp-0x28??? been looking for it everywhere and cant find it...
@sabyabhoi88415 жыл бұрын
hey bro, like you changed the disassembly flavor in gdb using "set disassembly-flavor intel", can we do something similar in radare2 as well? As I firmly believe that the disassembly shown in gdb is much more easier to understand than the one in radare2
@paired78155 жыл бұрын
Hi ...thanks a lot ...very interesting videos ...i am new to this ...do you recommend ghidra instead of learning radare ?
@BraveSirSausage8 жыл бұрын
using Kali which has Radare2 pre-installed, when i run 'VV' it launches a web server and I get a GUI :( Not as cool as the terminal graph, how do i get rid of it !
@LiveOverflow8 жыл бұрын
set the environment variable for the web graph to false. I think that helps. [0x100001174]> e graph.web=false
@BraveSirSausage8 жыл бұрын
cool thanks ! for anyone else 'e' lists all environment variables.
@ahmedsoliman80078 жыл бұрын
please kali is shipped with really old old version of radare2 " always use radare2 from git
@scottbehrens16607 жыл бұрын
Awesome tutorials, I have a question. When I look at the pseudo-code, it's doesn't include the nicely formatted strings like your video shows: nt main(int arg0, int arg1) { var_10 = arg1; if (arg0 == 0x2) { printf(0x4006c4); if (strcmp(*(var_10 + 0x8), 0x4006da) == 0x0) { puts(0x4006ea); } else { puts(0x4006fa); } } else { puts(0x400701); } return 0x0; } Any ideas?
@kushansingh62444 жыл бұрын
Nowadays, in my opinion, best tool out there is Ghidra for Disassembly and Decompilation and its free. What do you think LiveOverflow ?
@janardhannarayana7 жыл бұрын
amazing tutorial
@balb984 жыл бұрын
Sorry, i don't understand why you use `r TEST-KEY` when breaking the strcmp. Can someone explain me that?
@damiancampbell17433 жыл бұрын
The 'r' in 'r TEST-KEY' is just a shorten version of 'run TEST-KEY'. It does the same thing.
@williamsquires30704 жыл бұрын
You can also use Ghidra (free) from ghidra-sre.org; You’ll need Java 11 SDK. Ghidra is a disassembler that works on MacOS X and Windows, and should work on any platform that has Java 11 SDK/runtime, though you may have to figure out how to make (or modify) a launcher script for a Linux distro. It can use many of the IDA-Pro scripts from what I’ve been told, though I don’t have IDA-Pro, so I can’t really say (because it’s too expensive.)
@AntonioSouza7 жыл бұрын
Very, Very 0x1337 times Very cool. Thank's you. You é very good. Sorry my english, I'm brazilian.
6 жыл бұрын
At 9:09 I can't use 'aaa' anymore, so what alternative command should I use? Thank you
@chuchuthegameryt11716 жыл бұрын
Thanks man. Really useful. Debugging got easier for me. Can you please make a video on CHAINED ret2libc attack. I am actually stuck. There are two methods in it : ESP Lifting and FRAME FAKING and I am not able to make either one of them work.
@kishoresuri0077 жыл бұрын
Hey.. I have an issue with radare2 while trying to rerun the program using ood. tried to edit the ptrace scope but with no use. When i use ood, it reopens the file in read-write mode and tries to attach . "ptrace attach : operation not permitted" this is the error. do u have any idea about this
@douwehuysmans59597 жыл бұрын
You need root privileges to attach to a running process. Try sudo
@trebelojaques4584 жыл бұрын
"and it makes sense to master them all, *Except Radare, nobody every really masters radare* " lmaoo
@dkdk-pd1vn7 жыл бұрын
Great stuff but please slow down!
@angeloalonzo55004 жыл бұрын
lol I thought this will be simple
@ryanmccauley2114 жыл бұрын
Anybody having an issue like me where the .rodata address doesn't match the registers when running, try compiling with -no-pie flag so the address doesn't get randomized
@tanmaybora3593 жыл бұрын
@Ryan Mccauley Thank You So Much!
@DebilNo4Mk15 жыл бұрын
6:34 "Affordable" *AFFORDABLE*
@wielkizderzaczhadronowkucy2935 жыл бұрын
some of those tools cost thousands of dollars (and radare is still better than them)
@arifbasri49504 жыл бұрын
Thank you Sir, really helpful
@RDesHu-hd2ln5 жыл бұрын
Great Video !
@jonbikaku61336 жыл бұрын
Been following this channel and have to say, you got some really dope content! One question regarding redare2 while installing on Ubuntu, after doing the setup and running r2, i get an error saying ` r2: error while loading shared libraries: libr_core.so: cannot open shared object file: No such file or directory `. Any idea how to solve ? I looked online and it seems like its not able to get the shared path of the library.
@franciscobahamondes58785 жыл бұрын
github.com/radare/radare2/issues/11897
@الْمَذْهَبُالْحَنْبَلِيُّ-ت9ذ5 жыл бұрын
Which song/music are you using in your intro and ending ?
@ПетяТабуреткин-в7т6 жыл бұрын
10:04 N I C E A R R O W S
@sarafdimi20724 жыл бұрын
I have a question: We saw with ltrace what the arguments of strcmp were. If we want to make our program more secure, what would we do? Attach some crypto to it ?
@nukexplosion66794 жыл бұрын
Make an algorithm for key validation, which he talks about in the next video.
@وزيرالفقراء2 жыл бұрын
hello bro , tell me please how i can clear memory and register for do fast action and speed cpu for instruction with assembly code ? thank you very much
@nikhilt37555 жыл бұрын
what if i strip the symbols and then run strace and ltrace will i get function calls?
@Matt-ir1ky8 жыл бұрын
Hey. Thank you very much for your tutorials. I have a small issue with R2... I ran through this tutorial a couple nights ago and I was able to recreate everything you did but tonight when I try in R2 to press VV to display the graph, it opens in its webUI and I can't seem to figure out how to change it back. So I hit VV after seeking to the main func but it opens up my chrome explorer and shows me a graph in there instead. I mean its probably a sophisticated feature but I don't want it at this point... Thanks again!
@Matt-ir1ky8 жыл бұрын
Not sure what the deal was. My r2 was acting weird. It wasn't giving me the silly message when you open it and different ouputs for this or that. I deleted my apt version and installed from git and now its working again. Thanks!
@shubhamjagtap19192 жыл бұрын
thanks buddy
@cipher39662 жыл бұрын
Most viewed points are where you wrote the commands quickly and in tiny font at the bottom of the screen. Kind of frustrating, often seeing what was typed is impossible
@osmelfernandezbelen28363 жыл бұрын
Hello friend, good video, I would like to know if you have any program with the one of the vidoe but that works for windows. I am interested in unzipping a firmware made for the msd7816 chip of the mstar company.
@damiancampbell17433 жыл бұрын
I personally don't know of any programs like this that work for Windows, but honestly, I think you'd be better off looking into WSL (Windows Subsystem for Linux) or using a VM (Virtual Machine) like Virtual Box or VMware Workstation with Linux VM on it.
@meksaldi7 жыл бұрын
Awesome content!
@nazibabrar18242 жыл бұрын
Can anyone help me with an issue I am having with ltrace :) ? The thing is, when I am trying to execute the binary from the github repo of the description with "ltrace ./license_1 KEY", It's working fine and showing all the function calls fine. But when I am compiling the source code with "gcc license_1.c -o license_1 -Wall", The ltrace command doesn't work anymore. It's just showing the standard output, no function calls. I think this is an issue with the gcc compiler. How do I compile the source code to be able to read the function calls with ltrace?
@kevinjohansson39237 жыл бұрын
Man, why have I just found out about this channel now?
@nickst27976 жыл бұрын
Man, why have I just found out about this channel now?
@ahora10266 жыл бұрын
And one year later, why did I ........
@jamespeterson79794 жыл бұрын
I tried the: ltrace ./license TEST It does not give me the strcmp command line. But with "objdump -d" i can find the strcmp.plt as i saw in your video, 3:18 objdump also tells me that it must be somehow related to glibc: # 3fd0 Still ltrace doesn't print the strcmp line. Does it have to do with the compiler version? [gcc version 9.3.0 (Ubuntu 9.3.0-10ubuntu2)]
@jamespeterson79794 жыл бұрын
With the file command i found that your ELF is a 'executable' with 'dynamic linked' libraries my ELF was a 'shared object' with 'dynamic linked libraries' i tried compiling it with '-static ' parameter so i got a 'executable' but it was 'statically linked' and got a increased filesize. I don't know how you compiled it, maybe there are special parameter you used? Your's is also half the size on mine. (16kb vs 8kb), i thought maybe it could have something to do with 32 and 64 bit, but your file stated that it is a "ELF 64-bit LSB".
@diaahanna88825 жыл бұрын
is it possible to find bugs in a compiler genrated code ??
@MrJaylassiter5 жыл бұрын
I learned so much 😎
@gustavogonzalez86444 жыл бұрын
Can RetDec Radare2 decompile a .bin file?
@victorreaver19846 жыл бұрын
When I type ./license_1 AAAA-Z1ON-42-OK, it says "Wrong!". Any idea why?
@Saimon4042 жыл бұрын
Sir have anyway to cython to python file??? I mean decompile cython compiled and get result python file purely...any method or paid method..kindly repaly pls.
@bmac39334 жыл бұрын
Great video :)
@ExtinityOfficial6 жыл бұрын
Well, time to master Radare then.
@johannbauer28635 жыл бұрын
ExtinityOfficial you can also use cutter, which is a gui for radare
@doron24027 жыл бұрын
What's your opinion about dtrace?
@pauribelles79206 жыл бұрын
Why did he choose to look up specifically for the rsi register to find out the string? How can you found out that? (4:45)
@stathisstathopoulos90076 жыл бұрын
I was wondering too, couldn't find any similarities
@pod95945 жыл бұрын
.rodata section had 0x4e long contens from 0x4006c0 (4:26). Only rsi register was in that range : 0x4006da (4:45).
@webpunisher29545 жыл бұрын
I do not understand if the file is a binary where 0 and 1 are??
@YURIA98024 ай бұрын
GIANT CHARACTERS
@drwblkfact72863 жыл бұрын
Thank u !!!
@9thCrusade5 жыл бұрын
when i typed in aaa in radare it showed me some shortcuts and aaa wasnt one of them. what to do? :/
@cyberguide_in5 жыл бұрын
At 8:44, when I did ./sys/install.sh, it says "You need GNU Make to build me". Can you please help me?
@babaroro59425 жыл бұрын
Hey ! found the solution, you have to install GNU make with "apt-get install build-essential", it worked for me. Good luck ! :)
@NphiniT4 жыл бұрын
Do all of these tools come with ubuntu by default?
@damiancampbell17433 жыл бұрын
Quite a few of these wont, if you're using a security oriented distro like Kali or Parrot, a fair amount of them probably will. As you can see though, it's not terribly hard to acquire them. A simple "sudo apt-get " will do the trick. if you do "sudo apt-get ..." will allow you to install multiple programs simultaneously.
@user-kp5kg5dl8h5 жыл бұрын
Anyone else have issues opening certain manual pages? Digging around Google, I've seen others with this issue, but so far none of the solutions have worked. I've read in one place that it could be a bug?
@damiancampbell17433 жыл бұрын
Not sure which programs you're referring to in particular, but I'm willing to bet it's the one's related to C functions, like "man strcmp" and etc. You can install these with "sudo apt-get install manpages-dev" and "sudo apt-get install manpages-posix-dev". They should work now.
@deamer446 жыл бұрын
Can anyone explain to me how he got to the conclusion that jne 0x4000623 goes to location 4005ea for a call??
@b00i00d4 жыл бұрын
I think if you watched his previous video it would be clearer. Basically the jne jumps to its address if not equal to 2. If it _is_ equal then the code will continue sequentially from that point (i.e. no jump) and 4005ea is the next major instruction (if you skip all the movs and adds)
@manishasinha66944 жыл бұрын
Great tutorials !
@noahosterholz93854 жыл бұрын
Hey can someone pls help me? I cant set adress specific breakpoints in gdb (break *main works) because the adresses seem to change when i run the program and are not the same as displayed in "disassemble main" (there are a bunch of 5s in the adress when i run it where before were 0s) Sry for bad english im german