목록LiveOverFlow (40)
Security_RNRF
45. Exploit Fails? Debug Your Shellcode - bin 0x2B : Test Coding -> vi test.c int main(int argc, char **argv) { int (*func)(); func = (int (*)()) argv[1]; (int)(*func)(); } -> gcc test.c -o test -fno-stack-protector -z execstack -no-pie ... ING!!
44. Weird Return-Oriented Programming Tutorial - bin.0x2A # Replay video(very Hard) : ROP - Return Oriented Programming : Last video I showed you this programming language I made, ugly but works. -> And we compiled this into this weird binary format. -> And then you pass this binary file to this program called invoice, and it executes our program. : In the last video I also showed you, that the ..

43. Introducing Weird Machines: ROP Differently Explaining part 1 - bin.0x29 : The topic of this video is very special to me because it's the slogan of this channel. -> "explore weird machines". So in this video I want to introduce what a weird machine is and use it to explain return oriented programming. -> But let's start from a clean slate. -> Please forget the term return oriented programmin..
42. heap0 exploit speedrun & weird ASCII string on the Heap - bin.0x28 : This video will cover " heap0". -> The basic weakness of this video has not changed. -> But I have a special idea for this video. -> Use it to identify other things we learn at the end. : heap0 Code(/opt/protostar/bin/heap0) & Ubuntu 16.04 LTS.version #include #include #include #include #include struct data { # data and fun..
41. Adapting the 32bit exploit to 64bit for format4 - bin.0x27 : Let’s have a look at “format4” from exploit-exercises protostar on a current ubuntu machine. -> And this time I thought instead of building the complete exploit from the ground up, we take the old exploit that we developed for the 32bit linux image, and see if it still works. -> Probably it won’t but then we debug it and slowly mak..
40. format2 on modern Ubuntu - bin.0x26 : Last video we have explored a format string vulnerability from the protostar examples, but had it compiled on a modern system with “ASLR” and 64bit. -> At first I thought we couldn’t solve it but explored some tricks and played around with it, but then actually figured out a reliable technique. -> So let’s explore some more of the format levels. : “Forma..
39. Stack grooming and 100% reliable exploit for format0 - bin.0x25 : We played with the "0x24" video to figure out how to strike against "format0" in the modern Ubuntu system. -> I couldn't solve it after all. -> But luckily, in "reddit," a user named "wcbowling" actually found a case of success. -> https://gist.github.com/wbowling/fb103329997debca34ff92b97440c87b : Now let's take a look at it...
38. Playing around with a Format String vulnerabiltiy and ASLR.format0 - bin.0x24 : "Exploit-exercise / proctostar" offers a Linux image as a few challenges for learning binary. -> But there have been many changes over the years and editing these challenges is no longer an easy challenge in the modern system. -> We described in three videos in a way that we could still do. And that's only possib..
37. Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23 : Next time...
36. Identifying another exploit mitigation and find bypass. stack0: part 2 - bin.0x22 : Now let's look at what happens when you compile the "stack0" code from "protostar" on a newer system. -> Specifically, look at stack cookies. : In this video I wanna develop a working exploit for it. -> And I think there are some mountains we need to overcome. : Let’s get everybody quickly on track. -> We hav..