You can attach simply attach gdb with: *gdb.attach(**p.pid**, "c")* (The c is to continue gdb after attached.) This will open a new terminal window with gdb.

Really nice to see you've taken on a series about Docker. I am really looking forward to the next episodes. Keep it up man :D

*Idol on youtube:-* _1. LiveOverflow_ _2. Ippsec_ _3. Ghidra Ninja_ *Thanks for my job* ❤

Love your vids bro, you have taught me so much, also inspired me to head into this industry when I grow up 😃

My man, ZSH with my fav theme lol i love when i see others use Zsh i really love autocomplete on it as well.

Pwntools comes up with CLI tools too. One of such is "template" which generates a solver script. E.g. `pwn template --host --port > solv.py` will give us script that we can launch as: python solv.py LOCAL - run local binary python solv.py GDB LOCAL - run local binary under GDB (with gdbserver; we can also provide gdbscript for that) python solv.py REMOTE - connect to remote There's also DEBUG arg which enables pwntools debugging mode that prints out all read/writes etc.

Just wow Keep it up men I will support until the end..

15:00 sounds like a lot of time went into finding this problem...

Awessoommme video! Thx! This really helped me getting an idea about where to start!

Nice, another binex videos Hope u make some of them again but this time lets make the binex chall from intermediate level to hardcore level!

Never would I thought that I would ever see "uwu" from LiveOverflow 15:24

It's hard to digest, When you spoke about all Advanced stuff in your Previous videos and came back into very Basics in latest Videos

Great video, as always! However, I didn't understand something: why is the RSP misaligned? We are overwriting exactly the buffer bytes + the already existing ret ptr and nothing more, so why after the ret the RSP isn't aligned? Wouldn't it be misaligned even if we didn't overwrite the ptr?

Very well explained! Thank you!

Not sure if I missed something out or if docker is configured slightly different on mac but I had to add both containers to a network before I could connect to the other. I think you could also connect both to the host network though. There's also the ROP api within pwntools, which would have let you do: padding = 'A' * cyclic_find('acla') rop = ROP(binary) rop.call(rop.search(move=8)) rop.call('backdoor') p.sendline("sUp3r_S3cr3T_P4s5w0rD\x00" + padding + str(rop))

hell yea time to watch a video where i understand pretty much nothing but enjoy it regardless

e = ELF('./foo') and then use p64(e.symbols['backdoor'])

A note about the word “canary”. You are pronouncing the word “cannery” not “canary”. I don’t mean to be critical rather I am assuming you’re the type of person who would like to know the difference. Thanks for all the content!

Thanks so much.

One does not simply `gets()` into `char *`.

I really want to be like that but it's difficult for me because I'm still a beginner :( Semanta is always a teacher:)

Just make a Docker-Compose file.

Wouldnt it read BBBBCCCC , but due to endianess reversed?

15:24 owo what's this

Hey nice video. I working on a similar challenge where I redirected the code flow to backdoor function. system("/bin/bash") is getting executed within the backdoor (verfied via GDB) however I am still not able to spawn a shell, instead of an interactive shell the backdoor function returns and go back to main function and program crashes ( Because stack is messed up as we overwritten over other stored registers) any ideas what is going wrong? Any help or resource would be appreciated. Thanks.

I'd love to see you code a mmorpg bot with like C#, that would be so cool!

15:26 killed me uwu

This is great!

Sadly I don't know how to do this but I like to watch you explain it if someone has some tips HoW tO gEt Started you can comment it ^^

elf = context.binary = ELF("./binary") io = process(elf.path) context.log_level="DEBUG" gdb.attach(io, ''' break *main break *0x08049019 ''')

8 bit computer update?

love you

Nice :)

Python2 in 2020.

What is redstarOSX, is it some kind of hackintosh?

No pie :(

Love u :)

"raw_input" is python 2, makes me sad which has been EOL for 2 months now

*pretends to understand*

did you just invent cheatengine?

YO

3 hours ago

uwu