Solving AVR reverse engineering challenge with radare2 - rhme2 Jumpy (reversing 100)

  Рет қаралды 62,730

LiveOverflow

LiveOverflow

Күн бұрын

Пікірлер: 67
@mychemicaljojo
@mychemicaljojo 6 жыл бұрын
The encouragement that I get out of understanding how frustrating this was to you is truly motivating. Amazing work!
@checkerist
@checkerist 2 жыл бұрын
The need for using the SMT thing is mind-blowing. Great job!
@hrnekbezucha
@hrnekbezucha 6 жыл бұрын
Hope you'll get back to embedded. It's way more exciting, knowing that the code is sitting inside that tiny little thing on my bench as opposed to a massive server.
@dancorvalan3205
@dancorvalan3205 5 ай бұрын
Great job man! These challenges r no joke.
@TheMrDeathboy
@TheMrDeathboy 6 жыл бұрын
Just in 25 minutes I lerned more than whole year on low-level programming lecture at univ
@AlanMedina314
@AlanMedina314 3 жыл бұрын
My brain keeps overheating with these videos.
@jayachandra677
@jayachandra677 3 жыл бұрын
These videos are really awesome!
@cyancoyote7366
@cyancoyote7366 7 жыл бұрын
Mind == blown
@EpicHardware
@EpicHardware 6 жыл бұрын
ERROR 0x1495 Compering standard body part with action not supported
@BlackHermit
@BlackHermit 5 жыл бұрын
Thanks, great video, gives us hope for the future of.
@jeff14994
@jeff14994 4 жыл бұрын
Nice job!Works like a charm!
@saitarun6889
@saitarun6889 Жыл бұрын
just wow !
@roguesecurity
@roguesecurity 7 жыл бұрын
scratching my head. no clue what's​ going on : ( need to watch the video again n again to understand. still like to the video for your research and hard work
@fahadalharbi1465
@fahadalharbi1465 7 жыл бұрын
Like , before watch it. Great ill watch later
@nullnull6032
@nullnull6032 5 жыл бұрын
FUCKING HELL this is awesome !!!
@jojo-fp1zv
@jojo-fp1zv 5 жыл бұрын
Crazy
@likithkumar957
@likithkumar957 6 жыл бұрын
How did you get to known that we must disassemble from 0xdff
@CoolKoon
@CoolKoon 6 жыл бұрын
I'm guessing the other result ("3m_0t_t1_3v1g") would've worked as well. Have you tried that one too?
@dekrain
@dekrain 6 жыл бұрын
It's just reverse of the other password.
@hopkinskong
@hopkinskong 7 жыл бұрын
0:41 The hex binaries is NOT encrypted. It is just encoded with Intel HEX. You can disassemble the HEX file with avr-objdump.
@LiveOverflow
@LiveOverflow 7 жыл бұрын
The binary is encrypted. It's Intel HEX format, but it's still not valid assembler. The arduino board we got for the competition is preloaded with a custom bootloader and customised with unique keys for each player. The binaries for the challenge are encrypted, so that nobody can solve all challenges by simply reversing the code. And the bootloader decrypts the binary you flash. Just in this case, they additionally provided a non-encrypted binary, because it was a reversing challenge.
@hopkinskong
@hopkinskong 7 жыл бұрын
I see. So the Challenge HEX file is not same with this? github.com/Riscure/Rhme-2016/blob/master/challenges/binaries/jumpy/jumpy.hex
@LiveOverflow
@LiveOverflow 7 жыл бұрын
Same program, but those HEX files are not encrypted, so you can load them with the regular Arduino bootloader. But they were released after the competition.
@hopkinskong
@hopkinskong 7 жыл бұрын
I see, thanks for the clarifications :)
@rakaasadullah7477
@rakaasadullah7477 4 жыл бұрын
this semester im study the microprocessor 8086, especially the assembly language part, i was confused why do we have to learn assembly when there is already a high level language? i thought for myself that it was for us to understand how computer works (i study in polytechnic), but after i know reverse engineering, im grinning and i think that's very interesting... im interested to security, and thanks to you i feel more motivated to learn more
@sebastiangudino9377
@sebastiangudino9377 3 жыл бұрын
The reason you learn Assembly in the real world is mostly debugging. Hi-level languages tend to be interpreted, which is cool! But tends to be slow in comparison to compiled languages. Therefore for big fast performance projects you will be writing in a compiled language (Mostly C/C++, but nowdays Go and Rust have been growing in popularity, which is awesome). Now, if you truly want to write fast code you are going to be working very very very close to memory. And if you have no clue what's going down there, you ARE going to find bugs in your code. I learned python first, and working with list in python is a MARVEL. JavaScript is not that different, neither is Haskell, and even in Java, as long as you are using ArrayList everything can be pretty intuitive And then you learn C, and hey! I can make an array with int array[3] = {1,2,3}; that's fun. Then you try to pass that array to a function and oh god you just stubbled upon your newest nightmare. Learning assembly let's you understand that you really aren't working with lists, or strings, or objects, or even functions! It's all just data and instructions. That's not a mindset you can truly get from a hi-level languages. And when those problems start to crawl into you next severside application, and you start running out of memory or accessing thins that you are not supposed to, you better know how to handle that
@amrojjeh
@amrojjeh 5 жыл бұрын
First time ever, more like first time AVR
@janvoslos
@janvoslos 7 жыл бұрын
How did you get your .gdbinit file to work in avr-gdb? It works in normal gdb but when i open the avr version, I get an error saying that scripting in python is not allowed in this version of gdb. I am running Ubuntu and can not find any other avr-gdb version which supports python.
@jagger1616
@jagger1616 7 жыл бұрын
Did you ever figure out how to get this to work? Having the same issue
@janvoslos
@janvoslos 7 жыл бұрын
Ryan Wincey No never got it to work. You need to compile your own avr-gdb with python scripting enabled.
@geekgeek8453
@geekgeek8453 7 жыл бұрын
I am still a little confused on whether you need a aurdino board(hardware) to reverse engineere this...Or can you try reversing this without any speical hardware....
@LiveOverflow
@LiveOverflow 7 жыл бұрын
+geek geek I reversed it without an arduino. Just had to use the board when I wanted to get my personalized flag ;)
@nullnull6032
@nullnull6032 5 жыл бұрын
holy fucking shit, damn man
@Ctreative7772
@Ctreative7772 7 жыл бұрын
How do you get your radare2 visual mode look like that? Mine opens a http server.
@LiveOverflow
@LiveOverflow 7 жыл бұрын
+Ctreative7772 you are running an old version. Install from git
@Ctreative7772
@Ctreative7772 7 жыл бұрын
I thought I had the newest version. I was wrong. Thank you!
@MD3XTER
@MD3XTER 7 жыл бұрын
How do you run IDA Pro on mac?
@LiveOverflow
@LiveOverflow 7 жыл бұрын
It's IDA Standard and it's the mac version. So I can run it on mac.
@billigerfusel
@billigerfusel 7 жыл бұрын
Nice, too bad I didn't learn anything about assembler and now I'm too busy working with C.
@LiveOverflow
@LiveOverflow 7 жыл бұрын
+billigerfusel just debug your C programs with gdb and look at the assembler code when you run into crashes.
@billigerfusel
@billigerfusel 7 жыл бұрын
I did that once and it helped. Before my program jumped into the HardFaultHandler I saw in the Assembler code that it was just in an area full of empty flash. Turned out my code grew into the part of the flash where I was doing my EEPROM emulation :D
@billybabcokcs8224
@billybabcokcs8224 6 жыл бұрын
I LOVE YOU
@wbuchmueller
@wbuchmueller 7 жыл бұрын
how'd you make your gdb look like that ?
@LiveOverflow
@LiveOverflow 7 жыл бұрын
it's a .gdbinit config. I linked to it in the description
@likithkumar957
@likithkumar957 6 жыл бұрын
any alternative apart from simavr
@happygimp0
@happygimp0 4 жыл бұрын
A real AVR with a debugger connected to it?
@sophanu
@sophanu 6 жыл бұрын
DRram. ,
Cool Parenting Gadget Against Mosquitos! 🦟👶 #gen
00:21
TheSoul Music Family
Рет қаралды 33 МЛН
Patching Binaries (with vim, Binary Ninja, Ghidra and radare2)
21:00
How to Crack Software (Reverse Engineering)
16:16
Eric Parker
Рет қаралды 668 М.
Buffer Overflow & Binary Exploitation with Radare2 | P21 | CTF Walkthrough
13:42
Motasem Hamdan | Cyber Security & Tech
Рет қаралды 1,1 М.
Why build an entire computer on breadboards?
28:43
Ben Eater
Рет қаралды 3,1 МЛН
Reverse Engineering Loops - "Syncopation" HackTheBox Business CTF
11:18
Cool Parenting Gadget Against Mosquitos! 🦟👶 #gen
00:21
TheSoul Music Family
Рет қаралды 33 МЛН