at 1:16:40 why did we put 4 B's after 44 bytes. I tried with one B, 2 Bs ,3Bs also but only 4Bs reflected at eip address. I guess it is some kind of minimum byte of data that is needed to reflect?
No, it’s probably just gdb not showing it to you, if you did like x/4x $eip to manually show 4 bytes of eip, it probably would show. It may be x/4s or something, im horrible with those commands in gdb
Nice video! Thank you! Qq - would you recommend a practical approach to buffer overflow with heap randomization enabled (excluding env variable injection)? Also, what would you call the most bulletproof modern approach to binary protection (os level or not)?
Hiya, this is the first video of yours I've seen and ... wow - really impressive. How do you segment your console windows like that? looks very handy / slick how to switch around
@1:26:11 you did not link the symlink right....... it was going nowhere... . maybe thats why it didnt work? ah nevermind, still doesnt work in tmp :( Great video tho!
fix Perspective please, that box breaks all the time and cannot render anything completely, that makes it impossible to play. of course mods are always here to blame spoils but no-one is there to fix things correctly
damn,this time is so hard,First is web pentest then went into binary overflow and reverse.good video!
When u watch his video and know solution on problem he have, you have feeling like he have rised you well. ❤️
Thanks ippsec.
This is the third time "Too many authentication failures" has popped up in as many videos :-)
I guess you could have run the encrypter again to decrypt, because the reverse function of xor is xor. Cool Video :)
at 1:16:40 why did we put 4 B's after 44 bytes. I tried with one B, 2 Bs ,3Bs also but only 4Bs reflected at eip address. I guess it is some kind of minimum byte of data that is needed to reflect?
No, it’s probably just gdb not showing it to you, if you did like x/4x $eip to manually show 4 bytes of eip, it probably would show. It may be x/4s or something, im horrible with those commands in gdb
Nice video! Thank you!
Qq - would you recommend a practical approach to buffer overflow with heap randomization enabled (excluding env variable injection)?
Also, what would you call the most bulletproof modern approach to binary protection (os level or not)?
You're AWESOME !! ❤❤❤
44:37 the dog is as annoyed as ipp :)
lets do test [dog tests]
Hiya, this is the first video of yours I've seen and ... wow - really impressive.
How do you segment your console windows like that? looks very handy / slick how to switch around
Check the tmux video out on my channel.
@1:26:11 you did not link the symlink right....... it was going nowhere... . maybe thats why it didnt work?
ah nevermind, still doesnt work in tmp :(
Great video tho!
yeah in the troubleshooting i cut out. I figured that out... tried it in /dev/shm (which it also doesn't work oddly).
@@ippsec YT removed my previous comment with the link (grrr!), search for symlinks and sticky bit. It's a security mitigation feature.
@@zx_gio thank you! But it's still weird it works inside folders of /tmp
Love how Ippssec said it f-ck it to taking notes this time
Amazing explanation
Let's gooooo
fix Perspective please, that box breaks all the time and cannot render anything completely, that makes it impossible to play. of course mods are always here to blame spoils but no-one is there to fix things correctly
You should use the HTB Ticketing system to report it. I haven't played perspective, so no way to know what is wrong to report it.
Customer Support link doesnt work on the site
can you please tell me the path to become hacker like you please
Sure its simple:
1) Start reading a lot of documentation and writeups, also watch videos like this
2) ....
3) You are a trainee hacker in 3-5 years!
Ipp OP
its strange whenever i sent the send message request i do not get the "auth cookie"
Probably a typo in cookie, I send cookies pretty often
@@ippsec I shall try it soon thank you
Subtitles are not enabled in this video
wow thats insane
Thanks
First comment 👍 great video
First :D
Damm
@@prateekthakur2039 you almost had it :)
Lol 😁
Download and watchcare, i notice your all words, want to say some words.
Common ippsec learn how to type, i am idiot, etc.
Tf