You are such a gem. You make hard concepts look like a piece of cake. I wish to oneday learn binary exploits like you. But idk how long will it take. It's such a long journey and so many things to learn. The duration frustrates me. No matter how hard I try it will take minimum of 3-6 months just to cash in the basics.
Thank for the challenge! 😉 I liked the combo, even if you knew how to leak canary and ret2libc, you still had to do some reversing/debugging to even get to that point. The issues I had local vs remote didn't occur at all either, I wish it was that smooth during the competition 😂
Hi crypto love your videos I need some help with pwndbg i cant use the cyclic command i get the like this Pwndbg> cyclic Undefined command : "cyclic" try help
thanks mate 🥰 probably the issue is that pwntools isn't in your system path, check this from the pwntools docs: "If these tools do not appear to be installed, make sure that you have added ~/.local/bin to your $PATH environment variable." so you can run "echo $PATH" to see if it's there, if not modify your PATH in the ~/.bashrc file to include it 😉
why didn't u use a leaked libc addr and calculate the offset from that addr to the base libc on gdb, like so io.sendline("%3$p") leaked = int(io.recvuntil(".").strip().decode()[:-1][9:],16) libc.address = leaked - 0x114a37 the puts method didn''t really get into my head, this would still work right ? Great videos btw
![Overwriting RBP with an Off-by-One Buffer Overflow - Cake - [Intigriti 1337UP LIVE CTF 2022]](http://i.ytimg.com/vi/jU7yB-elFV8/mqdefault.jpg)
![Overwriting RBP with an Off-by-One Buffer Overflow - Cake - [Intigriti 1337UP LIVE CTF 2022]](/img/tr.png)
![Format String Vulnerability - "Floor Mat Store" [INTIGRITI 1337UP LIVE CTF 2023]](http://i.ytimg.com/vi/Zu32BHwH-sA/mqdefault.jpg)
![Heap Exploit (ret2win) - "Hellbound" Pwn Challenge [HackTheBox Cyber Apocalypse CTF 2022]](/img/n.gif)
Finally got some time to sit down and watch this one! Well done. Loved it!
💜💜💜
Again, absolutely love this video!
thank youuu 💜💜💜
You are such a gem. You make hard concepts look like a piece of cake.
I wish to oneday learn binary exploits like you. But idk how long will it take. It's such a long journey and so many things to learn. The duration frustrates me. No matter how hard I try it will take minimum of 3-6 months just to cash in the basics.
Awwww thanks mate 💜 This was a nice challenge!
Still watching, thanks for the video about my challenge!
Thank for the challenge! 😉 I liked the combo, even if you knew how to leak canary and ret2libc, you still had to do some reversing/debugging to even get to that point. The issues I had local vs remote didn't occur at all either, I wish it was that smooth during the competition 😂
Such an amazing challenge, Thanks for the great video mate!💪
thanks mate 👊
Hi crypto love your videos
I need some help with pwndbg i cant use the cyclic command i get the like this
Pwndbg> cyclic
Undefined command : "cyclic" try help
thanks mate 🥰 probably the issue is that pwntools isn't in your system path, check this from the pwntools docs:
"If these tools do not appear to be installed, make sure that you have added ~/.local/bin to your $PATH environment variable."
so you can run "echo $PATH" to see if it's there, if not modify your PATH in the ~/.bashrc file to include it 😉
!
?!
why didn't u use a leaked libc addr and calculate the offset from that addr to the base libc on gdb, like so
io.sendline("%3$p")
leaked = int(io.recvuntil(".").strip().decode()[:-1][9:],16)
libc.address = leaked - 0x114a37
the puts method didn''t really get into my head, this would still work right ? Great videos btw
Sure, you could also use the format string vuln to leak libc 🙂 The puts() method will also work when you only have BOF and no leak though!