Комментарии:
Great video, really learned a lot👍
ОтветитьDisgusting
ОтветитьAh, now we're getting into the interesting stuff!
ОтветитьYt algo bump
ОтветитьYou are the best dude Keep up 🔥🔥🔥
ОтветитьShould we attempt buffer overflow challenges without checking the source code?
ОтветитьCan you please have a go on device called deeper connection Pico DPN (like VPN) and they are claiming that nobody can hack it . Since you are very creative i was wondering if u wanna have a go ? Thanks you’re great 👍
ОтветитьGreat!!! Please never stop!!!!
ОтветитьAnd of course it’s another “banger” video.
ОтветитьJohn is a Genius!!!!
Ответить@_JohnHammond you are amazing.
I love your way and I have learned a lot from you.
Thank you very much.
You can access the man pages of read with `man 2 read`.
This is because read is a syscall, not a library function, so it's docs are in section 2 of the manual. Section 3 is for libraries.
Hope ppl will find it helpful.
Keep up the great work!
Great stuff! I'm finally getting to piece together what pwntools does. (I understand buffer overruns etc. fairly well, but these automated tools are new to me). What would be even better would be some sort of O'Reilly book or the like on it. (Yes, I'd even buy a dead tree edition.)
ОтветитьDude! Please do more of these. It is way more helpful to see you "bump around" (and thereby realize that you are human) than to just see you figure out complex problems in a millisecond and feel like a complete dummy when it takes me hours to figure out the same thing (if I ever do!). PLUS, we get to see your "debugging" process, which is super, super helpful. Thanks for the content as always.
ОтветитьDamn my script works locally but somehow it doesn't work remotely. Could you please provide your source code to test? Thanks! :)))))
ОтветитьHeyo
ОтветитьMy solution appears to work locally, but once I connect to the remote server the 'leaking canary values' are returned in hex ('\x03\x01\x01\x01') and I get a UnicodeDecodeError: "utf-8 codec can't decode byte 0x93 in position 25: invalid start byte"
Any ideas why this is happening and how to resolve. I've googled my brains out but can't figure it out.
Can we somehow exploit the fact that the local stack canary is copied from a global variable instead of brute forcing (e.g. if the canary was less "brute-forceable")?
ОтветитьI appreciate watching the full process of figuring it out. A lot of videos just speed through things and I’m left thinking “how did you see that so quickly?” Watching you do your thing as is also teaches the problem solving process which is just as important.
ОтветитьRflag?
ОтветитьValue hai
ОтветитьConr vlu?
ОтветитьDive to ip address number dive files open remo light attending after again to everyone that red colour process signal to dry flowers
ОтветитьConcrete wall for you breaking information
ОтветитьVolume button purposes hi volume
Exl,rop reply
Volume button purposes hi volume
Exl,rop reply
DemJ vlyuu
ОтветитьDemJ vlyuu
ОтветитьDemJ vlyuu
ОтветитьDemJ vlyuu
ОтветитьToday is my eyes chemical to facing problem nover problem chemical to face 👀 not problem
ОтветитьHello my friend,
at startup of video you are struggling with sscanf, it seems to me that you do didn t spotted the 2 's' : sscanf is different than scanf.
first parameter of sscanf is a pointer to a buffer which is called length in this instance, thats why your printf %d returns random number , and should be replaced by %p in order to be compliant with the type which is a pointer
thanks for all the rest
Search ? number name
ОтветитьRdi ,RSI,rdx buf function using number
ОтветитьDesc,asc date rood ing number attending time........
ОтветитьAto z
ОтветитьSal , change?
ОтветитьBanck employees sylres nover coming.
ОтветитьJump number cinr
ОтветитьCanr vilu number meine in
ОтветитьCanry 1,2vlun explain.
ОтветитьRelying
ОтветитьCanary vuln report new video creation 🤦🤖
ОтветитьRax,rex,rdx, 0x86?
ОтветитьLibrary here
ОтветитьJust a programming note: byte arrays are mutable, so you don't need to completely rebuild the payload every loop. You can just build it once with 4 random bytes for the canary, then when solving for the first byte just modify the payload[offset] byte and send off payload[:offset+1], then once that's found, loop through values for payload[offset+1] and send off payload[:offset+2], etc
It's more efficient, and you don't have to keep up with the values of the positions you've found so far because they're already saved correctly in the payload
Malloc ?
Ответить