Scripting radare2 with python for dynamic analysis - TUMCTF 2016 Zwiebel part 2

preview_player
Показать описание
In part 1 we reverse engineered the algorithm, now we implement a radare2 script in python to recover the flag and defeat the encrypted code.

-=[ 🔴 Stuff I use ]=-

-=[ ❤️ Support ]=-

-=[ 🐕 Social ]=-

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#ReverseEngineering #Radare2 #CTF
  1. LiveOverflow
  2. live hacking
  3. live ctf
  4. let's hack
  5. hacking tutorial
  6. how to hack
Рекомендации по теме
Scripting radare2 with 0:10:28

Scripting radare2 with python for dynamic analysis - TUMCTF 2016 Zwiebel part 2

How to Use 0:05:11

How to Use r2pipe with Python - Radare2 Tutorial

Using r2pipe to 0:00:43

Using r2pipe to crack a binary in two different ways

OWASP Ottawa March 1:43:53

OWASP Ottawa March 2022: Using Radare2 Reverse Engineering Framework in Jupyter Notebooks

Schadcode analyse #5 0:08:06

Schadcode analyse #5 ( Python ESIL radare 2 ) - decode r2 py malware analysis

r2con2017 - Diaphora 0:38:27

r2con2017 - Diaphora with radare2 by matalaz and pancake

Radare2 Tutorial 3 0:11:03

Radare2 Tutorial 3 - Static Analysis - Viewing Imports, Exports, and Strings

Handling self modifying 0:11:05

Handling self modifying code (SMC) with radare2

Mastering Disassemblers Reverse 0:07:01

Mastering Disassemblers Reverse Engineering Tools, Code Examples & Analysis

radare2 explained - 0:02:38

radare2 explained - Text transformations

#HITB2019AMS D1T3 - 2:04:39

#HITB2019AMS D1T3 - Overcoming Fear: Reversing With Radare2 - Arnau Gamez Montolio

Kanaltrailer ReverseiT - 0:00:21

Kanaltrailer ReverseiT - Schadcode analyse malware analysis wargames hacker code python c radare2

SAINTCON 2019 - 0:23:50

SAINTCON 2019 - Karl Sickendick - Reverse Engineering and Code Emulation with Ghidra

Radare2 Tutorial 1 0:12:17

Radare2 Tutorial 1 - Static Disassembly Navigation

#3 - Solving 0:05:54

#3 - Solving a Self-modifying Crackme with r2pipe EMU vs DBG vs XOR

Reverse Engineer a 0:36:23

Reverse Engineer a DND game and become a Wizard who passes walls and flys in the sky

Use Radare2 to 0:01:20

Use Radare2 to inspect a suspicious executable file (malware).

Scripting com r2pipe 0:16:51

Scripting com r2pipe (Parte 1) - Aula 5

Radare2 - An 0:06:11

Radare2 - An Introduction with a simple CrackMe - Part 1

CTF Tooling Stream 0:52:43

CTF Tooling Stream 2 (ish) - narnia2 in jupyter, pwntools, radare2

0x08 Navigation [Reversing 0:14:04

0x08 Navigation [Reversing with Radare2]

Radare2 Tutorial 5 0:05:47

Radare2 Tutorial 5 - Patching Binaries

r2con2018 - r2dec 0:37:24

r2con2018 - r2dec - How not to write a decompiler - by @der0ad

r2con2018 - Introducing 0:46:53

r2con2018 - Introducing r2 for humans - Arnau Gàmez

Комментарии
Автор

the way the decryption key appear is superb!

halemm
Автор

Lol, that ending was so h4x0r, haha, very cool

whiskas-
Автор

Haha if you would see the reveal of the flag in a movie you'd say "that doesn't happen in real life!", nice work man!

BGroothedde
Автор

This was one of the most entertaining/informative video's I have ever watched on reverse engineering topics!
like + sub <3

splendicious
Автор

Didn't realise how powerful radare2 python script could be. I love it. Amazing video :)

SecondLight
Автор

Hey I'm not much of a comment person but I have to commend you for your videos! As someone who knows a bit about this stuff, but am waaaay behind, this was very interesting, informative and easy to understand. :) Hope I get to a point where I can think of this stuff by myself, it's really inspiring. Keep it up you're a huge help, and I'll be sure to watch every video. Cheers!

TonelessR
Автор

This is the best channel on Youtube. Please continue making new videos!

Friedtunafish
Автор

That was I will have to watch this about 0xc more times before it sinks in. Got stuck on a couple RE challenges that had multiple sections of decrypt loops and I just gave up after a while, doing it manually. I had no idea that scripting it was even an options. Makes so much more sense!

typedeaf
Автор

Hey! Great stuff you're doing. I like the way how you present things, I have a lot to learn from you for my channel.
What I like the most in this video is that you explain assembler in a very digestible way, almost like the guys in "hardware/software interface course" on coursera half a dozen years ago.

Keep going!

Evergreenscoderzone
Автор

can you please make more radare2 videos? there are not a lot of good tutorials

biehdc
Автор

since only one instruction was stepped at 2:57, you could have also used s+4 / s+8 (depending on the binary format)

FetchDEX
Автор

This is such a sweet technique, had a lot of fun watching this !

Occcc
Автор

This is by far one of the best Channels i have ever watched,
Thank you for the great effort you put.
I'm trying to get better in reverse engineering, i'm using radare2 and IDA Pro
The thing is for other fields like Binary Exploitation, Networking, Linux, Crypto ...
There are very good resources out there, but I haven't found good ones for Reverse engineering, like a Platform or series of Crackme's that goes from Easy to Hard.
( i found Avatao, i liked it but only about 20% of crackme's are free :( )
Can you suggest me some good resources if you have ?
Also i don't want to start Binary Exp until i'm good enough in Reverse Engineering, is it good thinking or i'm wrong and i should start ?
And Thanks

freestylesoccer
Автор

Damn, that one wasn't easy, but the way it works is so cool !

arthur
Автор

Awesome videos, I've always been interested in RE stuff, I understood everything you said in these 2 video but i never studied RE seriously because I think that I will never be able to do stuff like this.

P.S. Sorry for my not perfect englando.

xTatticadanito
Автор

Why does performing a bitwise OR on the AND value and the int of 0x20 yield the right byte at any particular offset?

ponysopher
Автор

Mind=blown
Loved the way you made it look so easy...

shans
Автор

I gotta say that's pretty damn cool +subbed

JaKeL
Автор

I am trying to solve "easy as gdb" problem from picoCTF using r2pipe...it appears that i have to bruteforce my input...so then, how can i handle bruteforcing input..

sanzidulislam
Автор

I have one question, regarding and al, 0x20. Why python code is flag[offset] | and_value? it is "and" operator but in python it is "or" operator. Could any of you explain my question?

문석철-xw