Cannot access memory at address // Debugging PIE Binaries affected by ASLR - bin 0x2E
ฝัง
- เผยแพร่เมื่อ 2 ก.ค. 2024
- A typical error in gdb with setting breakpoints when dealing with binaries affected by ASLR is: "Cannot access memory at address 0x807". This can be quite frustrating at the beginning, especially if you don't know much about PIE yet. In this video I want to cover a few different ways how you can still debug them with gdb and Ghidra.
=[ 🔴 Stuff I use ]=
→ Microphone:* geni.us/ntg3b
→ Graphics tablet:* geni.us/wacom-intuos
→ Camera#1 for streaming:* geni.us/sony-camera
→ Lens for streaming:* geni.us/sony-lense
→ Connect Camera#1 to PC:* geni.us/cam-link
→ Keyboard:* geni.us/mech-keyboard
→ Old Microphone:* geni.us/mic-at2020usb
US Store Front:* www.amazon.com/shop/liveoverflow
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Website: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
=[ 📄 P.S. ]=
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
"Okay that was really it"
>sees video length
*Doubt*
*insert doubt meme*
Everybody: Making hacking videos is hard and takes time
Liveoverflow: Lets do it daily
To be fair. This style of video is super low effort. I can make 6-10 of these in the time it takes me to make one typical liveoverflow video ;)
@@LiveOverflow i see your steelseries mousepad and what i assume is the Logitech g304 or the g903.......
Why Do I Have A Strong Feeling That You Might Be A FPL/ESEA/Faceit Player Or A Global Elite, Tell Me. Do You Game? Cause usually hackers are always out there improving their skillset.
or is it pure personal preference / likes the hardware...........
@@LiveOverflow Well, I like it more in a way, in that we also have the time to watch it daily and comprehend the info shown; with a typical video, it would be really hard to keep up and learn all the stuff shown there. That's not to say I do not enjoy the regular videos. Thanks for your videos btw, really useful and informative.
@@imgladnotu9527 On Twitter he's talked about playing Apex :))
@@imgladnotu9527 What?? I have a newer steelseries mousepad and a G403 and I don't game. They're just good products
Doesn’t matter what you upload, it’s still very useful in my opinion. You should have more subs because you definitely deserve it! Anything I want to know about exploiting or researching, this is the very first place I go to. Well made and these last few videos had some laughs! Thanks for detailed videos and especially all of the work you put into making these happen!
There is nothing better then coming from school and directly get notified of a new video
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
I absolutely love this daily style! See you tomorrow ;)
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Hope I would have saw this earlier, was doing a CTF to learn stuffs and encountered ASLR. Took me LONG while to figure out that it's "randomized". It surely is a helpful series
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Impeccable demonstration. Splendid.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Exactly what i was looking for, Thank you!
Just one more thing:* I love this channel♡
This was a great explanation, thank you
this really helped me a lot!! Thank you soooo much!!
Fantastic video helped a ton I just ran into this topic so it came at the perfect time.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
This helped tremendously, thanks
Keep the video going !!! Luv it
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
In Ghidra, you can change the image base using "currentProgram.setImageBase()".
In GDB, you can disable disabling ASLR, with "set disable-randomization off".
No words can describe this.. video but .. Amazing...
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
I can't believe it can be this good
you can get aslr in gdb by doing set disable-randomization off :) great video!
Make a video about 1 Day binary diffing and explore changes made by software vendors. It would be interesting :)
I just looked thru your videos and I've never seen any of them and I don't mess with what you teach, there is no way I subscribed myself to your channel, that much I'm sure of. That would be like taking a mid level mandarin chinese class.but I'll keep the sub and hopefully I'll pick up a word or idea or two at sometime.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Getting better by the day..
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Nice vid u have here, keep on going
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
One more way: Instead of disabling ASLR for the whole system I prefer to run a shell with ASLR revoked
alias noaslr='setarch x86_64 -R /bin/bash'
Slightly more generalized version: alias noaslr='setarch `uname -m` -R $SHELL'
What is the difference between "break " and "break *"?
Eres el puto amo tío
outside of a forensic aspect, is there an application where this could be applied to embedding and running hidden scripts on a target? My malicious side has a longer attention span than my pride often allows.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
👑
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
If you want to disable ASLR in gdb you can as well enter "set disable-randomization off" inside gdb.
Sorry if this has been asked before, but what keyboard are you using?
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Even better than disabling ASLR system wide you can start individual programs (including shells that then in turn run programs without ASLR!) with this command:
setarch `uname -m` -R
And to open a shell without ASLR just run
setarch `uname -m` -R $SHELL
i generally use the "gef" plugin with gdb, it is great you can even enable aslr or inject assembly
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
ASLR is in vanilla gdb - use “set disable-randomisation off”
@@---kp1hm uh neat, then i'm so used to use a custom gdb lol
Do i need to watch something before it because I can't understand
The binary exploitation playlist
Will these addresses remain same on other computers too ? provided, ASLR is disabled, same ISA, same OS, same environment ?
Yap
Can you please release a full course on Advanced Exploit Development which covers ROP, SEHOP, Different Techniques for Bypassing ASLR, Egg hunters , kernel exploitation etc. I am very happy to even pay for it :)
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
VERY I LIKE YOUS PROOF
PLEAZE GIVE ME OTHER ILIK YOUR JOB
How would you convert between address that IDA or Ghidra shows and the address (VA) that debugger shows
That’s what I show in this video? :D
Watch the ending, like the third or fourth one, and he shows the buttons in Ghidra that'll specify the base address.
You just subtract the base address that one is using and add the base address of the other, in case that detail wasn't clear. I'm not sure if gdb has a way to set a base while loading a position independent binary, but he showed how to change ghidra's base, and if I recall correctly IDA has a similar feature.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
emm, gdb assistance makes pwn easier (peda/gef/gdbpwn/gdbdbg) , love your videos
Of course. Also shown it in several CTF writeup videos. But for this deries I try to stay as vanilla as possible so it’s applicable to most
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Hey liveoverflow, what about some nfc hacking videos. I know there are multiple attack vectors for rfid cards and most of them can be bruteforce even the mifware ones
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
How about some heap based over flows?
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
is there any good documentation about how to write com dlls without atl?
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Well you can also break ASLR using AnC or RevAnC, in which they show that ASLR is fundamentally broken
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
I asked before but maybe it wasn't seen. How does bottom up aslr affect these exploits.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
6 videos in one week?! What is this witchcraft?
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
You need more `pidof format4_nonstripped` in your live (heh...)!
edit: Damn! I was too fast. Should've watched until the end before commenting.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
I just want to inform you that I've learned about "Van Eck phreaking" in Edward Snowden's book "Permanent Record" and that it is in use.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
It felt like the ending of a Beethoven symphony
Bru I feel pranked by the endings
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Be nice if you mentioned what the acronym ASLR was shorthand for, and what it's purpose was, for people seeing this as their first video.
Its episode 0x2E in a whole series. I can’t start over in every video ;)
@@LiveOverflow This is the kind of web service bugs I like to find, and it's in the news... www.bbc.co.uk/news/technology-50670433
I like web bugs, as all you need is chrome browser and to use the console.
Bro...could you please suggest me ways to learn computer networks.!
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
An AD showed up just after a fake ending. I almost left the video
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
but aren't process loaded in a virtual memory space that is then mapped to the physical memory? and each process has a different memory map? because as I understand it, from the process's view, it has the whole memory space for itself, even though in truth it may have pages all over the physical memory space... Tbh that's also what confuses me in tools like cheat engine
btw you are a real troll
Soon: real ending after the outro.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Is the binaries available on Your GitHub ??
He says in the video they are from exploit.education/
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
remember that EBFE is always your friend.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
"Okay that was really it"
i got jebaited.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
But how do I get my coworkers to delete their downloaded files regularly?
FINALY SANS 660 LEVEL :)
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Why not add your own symbols if it's stripped?
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
5th fuck yeah i love this man
I keep getting Jebaited by the endings lol
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Hi
ah you did know :) LUL
first
second
@@AzharMashuri i watched the vid a little before i commented my tab had 6 viws no comments no likes
frist
6th
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
JUST IF I CAN GIVE YOU 10000000 LIKE
PLEAZE IM BREAKING I WANT PATCH FILE EXE FOR GAME WITCH GHIDRA IS GIVE ME FALL HOW I CAN SOLVE
I LIKE YOU
why are you uploading tons of videos? and why is your face in everyone?
Just having some fun in december. Making like an advents calendar type thing. It’s an experiment
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Video with your face are better!
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
I reached for the keyboard so many times. Curse you
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
Watch the fucking video.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine
When you turned off ASLR it reminded me of that old joke where NASA spent millions developing a pen that could write without gravity, and the Russians used a pencil.
It is a myth. The owner of Fisher pens invested his own money to get a biro-like pen which would work in zero G. He then gifted a supply of pens to NASA, and later also to the Russians. Using pencils leads to shavings which are not welcome in space stations.
i'll refer you to this pro for SPY/HACK related issues i can swear on my late dads grave he is legit
contact via:::::WHATSAPP>>> wa.me/17472081186
remember a stitch in time saves nine