Pwntools & GDB for Buffer Overflow w/ Arguments (PicoCTF 2022 #43 'buffer-overflow2')

preview_player
Показать описание
Help the channel grow with a Like, Comment, & Subscribe!
Check out the affiliates below for more free or discounted learning!

📧Contact me! (I may be very slow to respond or completely unable to)
  1. John Hammond
  2. cybersecurity
  3. learn
  4. programming
  5. coding
  6. capture the flag
Рекомендации по теме
Pwntools & GDB 0:50:19

Pwntools & GDB for Buffer Overflow w/ Arguments (PicoCTF 2022 #43 'buffer-overflow2')

Beginner Issues when 0:05:50

Beginner Issues when Debugging with gdb + gef or pwndbg, ...

Buffer Overflow in 0:10:37

Buffer Overflow in networking applications P10 | TryHackMe Intro To Pwntools

Pwntools ROP Binary 0:55:21

Pwntools ROP Binary Exploitation - DownUnderCTF

Buffer Overflows with 0:00:07

Buffer Overflows with GDB and GEF

Pwntools - Pwn 0:18:49

Pwntools - Pwn Zero To Hero 0x04

How They Hack: 0:16:06

How They Hack: Buffer Overflow & GDB Analysis - James Lyne

Buffer Overflow using 0:17:24

Buffer Overflow using ShellCraft P11 | TryHackMe Intro to Pwntools

GDB is REALLY 0:07:29

GDB is REALLY easy! Find Bugs in Your Code with Only A Few Commands

Buffer Overflow using 0:21:49

Buffer Overflow using Visual Studio Code & GDB

BASIC Buffer Overflow 0:09:50

BASIC Buffer Overflow | Ryan's CTF [13] Everyday I'm Bufferin

Buffer Overflow with 0:24:54

Buffer Overflow with Checksec and Cyclic | TryHackMe Intro to PWNTOOLS

Buffer 1 pwn 0:10:01

Buffer 1 pwn challenge - USIU CTF

[Fuzzing with honggfuzz] 0:16:40

[Fuzzing with honggfuzz] How to Fuzz with HonggFuzz and use Pwntools

How to find 0:06:17

How to find offset by using cyclic in stack based buffer overflow exploit

Buffer overflow attack 0:07:30

Buffer overflow attack using gdb-peda on 64-bit maching

0: Intro/Basics/Setup - 0:20:40

0: Intro/Basics/Setup - Buffer Overflows - Intro to Binary Exploitation (Pwn)

How to analyze 0:14:55

How to analyze Binary with GDB and Pwndbg | Malware Analysis and Reverse Engineering

Buffer Overflow attack 0:11:07

Buffer Overflow attack on a 64-bit ubuntu using gdb-peda

10: Bypassing Stack 0:14:49

10: Bypassing Stack Canaries (leak + write) - Buffer Overflows - Intro to Binary Exploitation (Pwn)

Part03_ROP_Gadget_Tutorial_Find_Offset_of_Overflow 0:09:11

Part03_ROP_Gadget_Tutorial_Find_Offset_of_Overflow

CTF Socket IO, 0:12:17

CTF Socket IO, Pwntools Tips/Tricks!

Exploiting Return Oriented 0:26:41

Exploiting Return Oriented Programming (ROP) tutorial - Binary Exploitation PWN101

Python Pwntools Hacking: 0:44:49

Python Pwntools Hacking: ret2libc GOT & PLT

Комментарии
Автор

Don't be sorry. It is important for people that are new to programing to see that despite how talented and or expierenced one is that we stil can get stumbled up on things even if it is a miss spelling that can eat away hours of your time.

Great job as always and thank you.

FurikuriYugi
Автор

I'm trying to get started in the infosec field after completing an unrelated undergraduate degree. It's fascinating stuff, but it's very easy to get discouraged. Seeing John encounter difficulties and work around them is inspirational. If a seasoned pro has a hard time with PicoCTF, that makes me feel a lot better about having a tough time applying the theory I'm learning.

JohnSmith-eqbw
Автор

Nothing to be sorry about, John. The topic of these videos require a longer video. I love working along on these with you and I feel good when I figure things out around the same time you do, or at least I understand what you're talking about. It means I learned well form your videos so far. Thank you!

drewzilla
Автор

I'm currently learning exploit development, ur vids r rly helpful man, they give me a general idea for such things

artemis-arrow
Автор

I take a stab at Advent of Code every year, usually hitting the wall a bit over halfway through, and all I wanted last year was to make it on a leaderboard for the first time. I knew I'd have to do it with the easiest challenges in the first week, and it eventually happened to where I had "completed" a challenge fast enough that I would've finally made it. I was done and working in under two minutes... or I would have been except I had that same + instead of += typo on a line. It took me another 30 minutes of trying to find nonexistent bugs like index errors or off-by-ones before I realized the problem.... so maybe this year will be the year instead.

As others have said don't beat yourself up over it because it happens to the best of us. At the same time showing these occasional struggles over simple oversights greatly humanizes the process. It reminds us that even professionals can tunnel vision themselves away from a solution that was firmly in their grasp.

Keep up the awesome work, John!

__hetz
Автор

thanks for the video! it'll help a lot for the upcoming cyber apocalypse

_hackwell
Автор

Super cool, hadnt seen pwntools or gef before this, but I love how clean that exploit script looks once it was done.

themadichibd
Автор

Thanks for all the work you do it's very educative can't wait to see the next one

Whyineedachannelname
Автор

Seeing you struggle was so inspiring and encouraging. If you also have trouble sometimes then it's okay for me to struggle with almost all of the challenges 🤣

FunkadelicFeed
Автор

Pwn tools seems to be targeting walk throughs which is hell helpful !!

_AN
Автор

I'm sure John knows this and is just using argparse manually to learn and teach. But, for anyone interested, `pwn template` actually gives you a template for your exploit including local/remote support.

HAGSLAB
Автор

Hello, John! Read about subparser for argparse ;)

kostyatitovsky
Автор

John please do more videos related to Buffer overflow ...

xSebin
Автор

John, these are great vids- thanks! just starting out and really like rev eng but aside from CTF's, how is this an in demand skill for the real world?

KaliMax
Автор

Hi John, thanks for another great video!
I have a question about reading the value of ebp, when you have set it to cafef00d. I know the ebp+0x8 is cafec00d but when I do the
"x $ebp+0x8" it prints "\r\360\376\312\r\360\003". Why is that? 🙂

oliverthomas
Автор

Very cool! How many hours you spend per day doing this stuff before you know what you're doing from daily work to late night I suppose? :)

redspotaquashrimps
Автор

dude i did pretty much the exact same thing, i dont understand that when i put the address of win it would jump there and anything following that would just get moved into the eip register preventing me from stepping through win.

ani-zxk
Автор

I don’t know Seth Rogan was in infosec

frxnk
Автор

Integer value given?
Integer over /underflow what tlime.

bhagyalakshmi
Автор

44:58 armchair programming here, but (not x OR no y) is just (x AND y)

gothops