Hey I have a question, what if we write the leaked memory address to the m function where we are asked for a username and then the we call another function like s. Why doesn't that call the haha function ?
Sorry, it's been too long since I made this video 😂 I couldn't answer your question without reviewing the challenge, which I just don't have time for atm 😆
Thanks mate! Without reviewing the video, I'm guessing I just did this to quickly find out what the state of registers/memory was *after* the instruction was executed. I could also set a breakpoint on the instruction and then type "next" (or "n") but if you have to run the program a lot of times it can also get annoying xD
Hey great video man. I don't have much knowledge on the foundational skills used to solve these rooms. Specifically understanding of addresses, heaps and such. Can you recommend anything to learn the foundations?
Thanks mate, here's a list of all my favourite resources: github.com/Crypto-Cat/CTF#resources I did a couple of binary exploitation playlists as well and LiveOverflow + PinkDraconian + RazviOverflow have some good videos 😉
I don't understand this. Surely after overwriting user by leaving a message, control would return back to doProcess() then back to main() which would run the printMenu(), processInput() loop again and you would somehow have to get back to the call to doProcess() without changing the value of user->whatToDo() from our modified value. Why does the program immediately jump to the address we insert in the leaveMessage function when doProcess has already called the address in user->whatToDo() to get into the leave message function. I'm confused.
Just realised that processInput() doesn't set a value for user->WhatToDo when the leave message option is selected and instead just calls leaveMessage() directly and execution will then naturally pass into doProcess with the user modified value! 😀
100% made by italian guy... talks about spaghetti in the description and EAX contains "c1a0" (hello in italian), nice easter eggs. Anyway amazing video by you.
I only have experience with Kali/Parrot and I think they are both perfectly good options for pen-testing. They come with most of the same tools, installation of new tools is similiar etc. A lot of people swear by Blackarch though!
![SEETF [Social Engineering Experts] 2022 - Challenge Walkthroughs](http://i.ytimg.com/vi/-cc4U1H53F8/mqdefault.jpg)
![SEETF [Social Engineering Experts] 2022 - Challenge Walkthroughs](/img/tr.png)
![Format String Vulnerability - "Floor Mat Store" [INTIGRITI 1337UP LIVE CTF 2023]](http://i.ytimg.com/vi/Zu32BHwH-sA/mqdefault.jpg)
write-up and solve script: github.com/Crypto-Cat/CTF/tree/main/ctf_events/pico_gym/pwn/unsubscriptions_are_free
Your videos are always a pleasure to watch! Keep up the good work!
thanks mate 🙏🥰 you've been doing a great job as well! i respect the dedication and consistency 👊
@@_CryptoCat I appreciate you mate!
Great work! Thank you, clear and concise explanation.
thanks mate 🙏🥰
This was amazing! Thanks again for the fantastic work and keep it up.
tyty 🥰
First comment! Woo Hoo! Thanks again bro. Great stuff
🙏🥰
Another awesome video man! Keep it up
💜
Hey I have a question, what if we write the leaked memory address to the m function where we are asked for a username and then the we call another function like s. Why doesn't that call the haha function ?
Sorry, it's been too long since I made this video 😂 I couldn't answer your question without reviewing the challenge, which I just don't have time for atm 😆
Great videos mate, can you please tell why you were setting the break point at the next instruction?
Thanks mate! Without reviewing the video, I'm guessing I just did this to quickly find out what the state of registers/memory was *after* the instruction was executed. I could also set a breakpoint on the instruction and then type "next" (or "n") but if you have to run the program a lot of times it can also get annoying xD
Hey great video man. I don't have much knowledge on the foundational skills used to solve these rooms. Specifically understanding of addresses, heaps and such. Can you recommend anything to learn the foundations?
Thanks mate, here's a list of all my favourite resources: github.com/Crypto-Cat/CTF#resources
I did a couple of binary exploitation playlists as well and LiveOverflow + PinkDraconian + RazviOverflow have some good videos 😉
I don't understand this. Surely after overwriting user by leaving a message, control would return back to doProcess() then back to main() which would run the printMenu(), processInput() loop again and you would somehow have to get back to the call to doProcess() without changing the value of user->whatToDo() from our modified value. Why does the program immediately jump to the address we insert in the leaveMessage function when doProcess has already called the address in user->whatToDo() to get into the leave message function. I'm confused.
Just realised that processInput() doesn't set a value for user->WhatToDo when the leave message option is selected and instead just calls leaveMessage() directly and execution will then naturally pass into doProcess with the user modified value! 😀
@@Gaminislife123 I'm glad you worked it out because I would of had to re-watch the video 😂
@@_CryptoCat Haha I was just having a moment. Thanks for all these videos and for helping us out! Really enjoying the binary exploitation series 👊
@@Gaminislife123 Wait why does it matter if execution is naturally paseds into doProcess with the user modified value ?
100% made by italian guy... talks about spaghetti in the description and EAX contains "c1a0" (hello in italian), nice easter eggs. Anyway amazing video by you.
Haha that's awesome, I definitely missed that! 💜
yeahhhh lets gooooo
👊
which OS best for redteam and penetration testing? Blackarch or Kali or Parrot?
I only have experience with Kali/Parrot and I think they are both perfectly good options for pen-testing. They come with most of the same tools, installation of new tools is similiar etc. A lot of people swear by Blackarch though!
Exploit gobrrrrrr
😁