วีดีโอ

Thanks for the detailed one. What is the mitigations we can implement for this bypass ?

I was following the same instructions and noticed while in your disassembly of main, you had 2 libc functions which weren't available in my case, causing no pop rdi, ret instructions in the binary

awesome material, concise and clear. love it ❣

nice

How do you get the gdb view with all those sections (stack, code, variables, etc).? at 5:18 in video. Great tutorial btw.

please tell how can i buy this course

sir i want this course from offensive labs , but i couldnot find this produce , please help me

why your website is not wotking ? I want to buy your courses

bro why i know this voice from somewhere....

I am getting (initramfs) error, maybe it is not able to find the partition when I worte blkid it shows nothing. or I guess there is no partition created. when I open the /etc/fstab file there is some other type of entries which I change to /dev/vda1 and vda2.

No gui? bad demo

So *that* is how they reverse engineer APIs.

Accidentally watched your video. This is awesome work

Thank you

On windows I can start?

Can we add a GPU passthrough to this raspberry PI setup such that I can run complex deep learning algorithms on this emulation (irl Raspberry Pi uses Google Coral to allow Raspberry PI to run deep learning based algorithms) If this is possible could you please the link of your source of info on this?

Can you help me? I also can not find pop rdi instruction. What should I do? Enable or disable some other option?

Hi! is it possible to install windows arm64 ? Ty ;)

Can you upload the lab for us?

Please give me the file yaml was not

How to prevent Based on some input field like date parameter Could you please reply it

I cannot find the gadget pop rdi, I could only find pop rbp; ret;

How do I find the offset to the system and exit function? I tried using the page offset using xinfo but it doesn't work.

Damn.. i learn alot to this.. i didnt expect this to would work.. idor to sql injection

virtual machine and relevant files are unavailable in both google cloud and mega link u have shared

THANK YOU! AWESOME! (YOU ARE AWESOME)

Your content is very rich, thank you, You helped me alot

Could. you also make a similar video on relocatable shared libraries?

i followed every step but i did get release folder on desktop ...what can i do now sir?

Could someone kindly provide me with a working link to the VM? The links that were mentioned in the course don't seem to be working.

参考になりました。ありがとうございます😊

response is encoded in funny characters you know how to decrypt then ? otherwise it is useless

Hey can you tell me how to do the same for a docker image running my nginx website pls???

i like to hacking apis i love them i have a book for api hacking

Wow this is great! Thanks really helped me understand things a lot better.

Fantastic! Loved Your Way Of Teaching.

Hi u there

You are using qemu-system-aarch64 in the command, and the memory is 1GB, I am guessing the raspberry Pi guest is 3B model. Can you please confirm if the network configuration that you did for the guest Raspberry Pi system is NAT network? Because you have not mentioned the broadcast range of your host system, I am slightly confused. I am looking for some help regarding a public bridged network between my emulated guest Raspberry Pi and my host Linux system, so that I am able to see my emulated system as a separate LAN device in my router. I have had some luck with bridged network while emulating older models (qemu-system-arm with 256 MB RAM). But for some reason, the 1G aarch64 variant doesn't click, no matter what! Please share any insight that you might have regarding this. Thx

Good video. Thank you!

bro please upload more videos

Is jail break needed?

Brilliant video!! Thanks a ton; keep uplaoding more!

One of the best videos

umm.. why "delete patition" method? why not _truncate_ with "parted"? or use the same "expand partition" command that RPi (and others) use (resize2fs)?

Thanks for your great tutorial. Did you understand the reason why the formula for calculating the stack base address is wrong and you must add a fixed offset to it?

Awesome explanation ! Thank you

can we bypass liapp alert ???

Excellent Presentation!!!

I found this and seems pretty good, but, where can I get this VM?

Missed important details between 6:01 and 6:20, that's the whole relationship between PLT and GOT.