Haxember experiment! There will be DAILY videos. I will cover topics I always wanted to cover, but didn't feel like they make for a good dedicated video. These videos take a lot less effort, but they still contain (hopefully) relevant information.
LiveOverflow as always great video! Mind if I ask for some guidance? So I want to work as an malware analyst/anything that requires RE but I also would love to exploit things, not just typical ctf binaries but like kernel exploits/pwn2own exploiting level stuff. Which should I focus on improving/working on: reversing or binary exploitation skills?
"Show me what effort you have put in to solve the problem yourself" - Man I have been preaching this for years. No shame in asking for help, but it shouldn't be the first thing to do.
A while a go, I had some problems with my shellcode and especially at the injection point. With a lot of research and experimentation I did manage to solve it nonetheless, but now looking at this tutorial it will be far far way easier to debug these kind of problems. Thanks again for posting this !
You know, one time we had a box shelled for 12 hours. When it was all over, I logged in. We didn't find one of 'em. Not one stinkin' sysadmin. The smell... you know that ASM smell. The whole lab smelled like ... victory.
Quick hint if msfvenom-generated shellcode is failing: add a couple of NOPs (\x90) to the start. Certain encoders need to decode the actual payload and may end up messing with things in unforseen ways.
i love the chennel and the ctf stuff u make but in the end its all jibberish to me coz im so far away from all this knowledge... makes me sad sometimes but incurages me to keep learning.. u rock... oh yeah i forgot... du bist der hammer!! ;D.. ich kann nachvollziehen das nicht viele deutsche den channel ansehen weil kaum einer english spricht das macht mich auch traurig.. :/
Great video, man! Quick question; don't exploits that return code execution to the stack not work anymore? It seems to me that ROP and Ret2lib style attacks are the most prominent these days, though I'm obviously asking with the intention to know for sure.
Oh they’re still out there, but most developers worth their salt probably won’t make a mistake that’ll lead to you returning to the stack. Most modern compilers will scream at you to avoid mistakes like that happening.
Hey thank you for this great playlists ! I have been trying to shellcode a remote server for a CTF where I did not have the binary. I have been trying quite a few shellcodes from shellstorm and only one worked. Why would some shellcodes work and others won't ? (I was taking all of them in the same architecture (x86-32) and always selecting ones with execve bin/sh). By the way, the source code was just a C program executing the code from read function.
Hey, LiveOverflow, i know you already answered this on some stream or podcast or something, but i can't find it, so I have to ask again: What's your typing speed?
I once had an exploit in which the software for some reason would always corrupt 3 bytes in the middle of my shellcode at the exact same position the fix i had for it is making a nop slide (because i'm too lazy to count) and having an "\xeb\x10" at the begining to bassically jump after the corrupted bytes into the rest of the nop slide and then the shellcode.
My experience : Don't put your shellcode just before the return address... The shellcode needs the stack to works, and will therefore modify itself if you do so... And it's a pain to debug :')
Holy fuckkk broo!!!! I always get a segmentation fault when placing shellcode on the stack even though I try with Trap to Debuger (\xCC) to trace that my shellcode is working and after I try saving the shellcode after the return pointer and it works. Thank you very muchh
in windows exploit development when using python to exploiting overflow in vulnserver or any other software be sure u encode in following way shellcode+=("your_shellcode_here") shellcode = shellcode.encode('raw_unicode_escape') and then run the program if you send directly as strings this not gonna work i was fucked for so many hours when directly sending string format also use struct module to pack any address to be expressed as big endian format
If the author of the shell code provides it yes. Of course, you could just disassemble it and turn it into C yourself. Since there are only a dozen or so instructions that's actually pretty manageable if you've never reversed anything before.
He is building an actual computer from scratch. He is more or less following the steps laid out in a series by ben eater on a breadboard 8-bit computer. You can watch his streams of this build on LiveOverflow's twitch.
You know when I was 14/15 I nearly did it, became just as elite. I installed suse Linux on a partition. Bought the manual and everything. But I couldn't find drivers for my damn modem that would work. So I couldn't get on the Internet (this was 1999) and my hacking project died there =(
I really like your videos *a lot* and have a great deal of respect for you but your accent eludes me. I mean, your account says you're from Germany and your pronunciation also sounds German but sometimes you have really weird grammar that doesn't really work in German or English? For example in the first part of the video: "Because I get often questions..." The more natural way to say this in English would be "Because I often get questions" But! In German the sentence in this context would be "Weil ich oft Fragen kriege" (or something similar) WHICH HAS THE SAME ORDER OF WORDS EXCEPT TWO DIFFERENT WORDS ARE SWAPPED Again, please don't misunderstand this as critique or an insult (As a German, I totally get how hard it is to speak English well!). It's just that the mistakes you make genuinely intrigue me.
Haxember experiment! There will be DAILY videos. I will cover topics I always wanted to cover, but didn't feel like they make for a good dedicated video. These videos take a lot less effort, but they still contain (hopefully) relevant information.
LiveOverflow as always great video! Mind if I ask for some guidance? So I want to work as an malware analyst/anything that requires RE but I also would love to exploit things, not just typical ctf binaries but like kernel exploits/pwn2own exploiting level stuff. Which should I focus on improving/working on: reversing or binary exploitation skills?
Modern Heap exploitation would be nice.
"Show me what effort you have put in to solve the problem yourself" - Man I have been preaching this for years. No shame in asking for help, but it shouldn't be the first thing to do.
Unless you are asking google, of course
A while a go, I had some problems with my shellcode and especially at the injection point. With a lot of research and experimentation I did manage to solve it nonetheless, but now looking at this tutorial it will be far far way easier to debug these kind of problems. Thanks again for posting this !
Listening on my new headphones, the bass when you type on your keyboard is fantastic!
should I do some ASMR videos?
No. We want pwn porn
Ahh the smell of asm on a cold sunday morning
You know, one time we had a box shelled for 12 hours. When it was all over, I logged in. We didn't find one of 'em. Not one stinkin' sysadmin. The smell... you know that ASM smell. The whole lab smelled like ... victory.
Thank you :) Always enjoying your videos
Ever since someone pointed out to me that he kind of looks like Micheal Cera, I cannot stop thinking: "This is the German Micheal Cera'"
hahaha right, i know him in Juno movie
i thought he's Indian when i previously watched a video with his face absent. So now he's Indiana Cera.
Quick hint if msfvenom-generated shellcode is failing: add a couple of NOPs (\x90) to the start. Certain encoders need to decode the actual payload and may end up messing with things in unforseen ways.
I like the addition of webcam. It makes the video more personalised.
Thats a dope hoodie
www.blue-tomato.com/de-AT/product/Teddy+Fresh-Patchwork+Hoodie-595502/
See but then I wonder would it look as good on me. I dunno.
@@pikadroo worth a try? or isn't it?
You have a way of making things really easy to understand and follow along to. Thank you
I am surprised no one asked him to use gdb -q, I see them almost everywhere xD
Finally! Good videos on my favourite channel! :)
This is the video that I'm looking for.... Thanks man u cleared some of my doubts.. great video
Life pro tip, the `printf` command escapes inputs for free.
Ehrenmann, dass du so viele Infos für umsonst raus gibst.
Grüße aus Berlin!
Insightful as always, your videos are a real gem. Thank you once again :)
You rocking some Teddy Fresh in this video?? H3H3 Represent!!!
Michael ceratops explains shellcode debugging
oh godd... i can see myself doing the exact thing in the first example
the cameray portrait is too big
but i love the rest!
Please never change dat intro
i love the chennel and the ctf stuff u make but in the end its all jibberish to me coz im so far away from all this knowledge... makes me sad sometimes but incurages me to keep learning.. u rock... oh yeah i forgot... du bist der hammer!! ;D.. ich kann nachvollziehen das nicht viele deutsche den channel ansehen weil kaum einer english spricht das macht mich auch traurig.. :/
Is that Ben Eater's 8 bit computer kit?
Beautiful hexplanation!
What a great hoodie.
Do CTF! Need ROP exploit walkthrough!
Great video, man! Quick question; don't exploits that return code execution to the stack not work anymore? It seems to me that ROP and Ret2lib style attacks are the most prominent these days, though I'm obviously asking with the intention to know for sure.
Oh they’re still out there, but most developers worth their salt probably won’t make a mistake that’ll lead to you returning to the stack. Most modern compilers will scream at you to avoid mistakes like that happening.
Thanks, this cleared so many things !
hey can u help me out.... I'm trying to solve the HTB headache2 challenge and i dont know what to do...!
i don't know where to begin.
Hey thank you for this great playlists ! I have been trying to shellcode a remote server for a CTF where I did not have the binary. I have been trying quite a few shellcodes from shellstorm and only one worked. Why would some shellcodes work and others won't ? (I was taking all of them in the same architecture (x86-32) and always selecting ones with execve bin/sh). By the way, the source code was just a C program executing the code from read function.
Is that a ben eater 8 bit computer kit i see in the background?
Hey, LiveOverflow, i know you already answered this on some stream or podcast or something, but i can't find it, so I have to ask again: What's your typing speed?
Do you have any gdb tutorials to recommend? Or perhaps you already have a video on that?
Nice to see you in a TeddyFresh hoodie :)
I'd like to see a review of RedASM. I think this can be a great alternative to these expensive disassembly softwares
never heard of that. But checkout Ghidra ;)
@@LiveOverflow RedASM is an open source tool. I believe you can find it here redasm.io
I once had an exploit in which the software for some reason would always corrupt 3 bytes in the middle of my shellcode at the exact same position
the fix i had for it is making a nop slide (because i'm too lazy to count) and having an "\xeb\x10" at the begining to bassically jump after the corrupted bytes into the rest of the nop slide and then the shellcode.
Is it a Ben Eater kit I see running in the background?
Yes! He's doing (or at least used to do) livestreams building the kit
That's what I'm going to say!
Greetings from Spain 🇪🇦 new sub
Video too quiet (as compared with other videos) approx 30% volume boost was needed on my end to be able to hear and understand.
Thx for explanation.
My experience : Don't put your shellcode just before the return address... The shellcode needs the stack to works, and will therefore modify itself if you do so...
And it's a pain to debug :')
Holy fuckkk broo!!!! I always get a segmentation fault when placing shellcode on the stack even though I try with Trap to Debuger (\xCC) to trace that my shellcode is working and after I try saving the shellcode after the return pointer and it works. Thank you very muchh
Me clicking to see if that's a teddy fresh hoodie
How to inject shell code to binary with non-executable stack?
damm, where's that hoodie from?
it looks like teddyfresh, hila from H3H3's brand.
@@TheAmmOmatic perfect, thanks
Interested as well, looks cool!
Lool hab mir gerade letzte Woche auch einen colorblock Hoodie von Teddy Fresh gekauft xD
why int 0x80 sometimes isn't working tho
in windows exploit development
when using python to exploiting overflow in vulnserver or any other software
be sure u encode in following way
shellcode+=("your_shellcode_here")
shellcode = shellcode.encode('raw_unicode_escape')
and then run the program
if you send directly as strings this not gonna work
i was fucked for so many hours when directly sending string format
also
use struct module to pack any address to be expressed as big endian format
Where did you get that Hoodie?! 😁
Teddyfresh
HEEY VERY GOOD TNKS VERY TANKYOU
Can you get C code or something higher than asm from shellcode?
If the author of the shell code provides it yes. Of course, you could just disassemble it and turn it into C yourself. Since there are only a dozen or so instructions that's actually pretty manageable if you've never reversed anything before.
>caused a segfault
No, a sigill was triggered.
I love you!!!!
Tell me more about that interesting breadboard on your desk. 🤔
He is building an actual computer from scratch. He is more or less following the steps laid out in a series by ben eater on a breadboard 8-bit computer. You can watch his streams of this build on LiveOverflow's twitch.
@@kebien6020 I was wondering if it was the Ben Eater project.
Curious to it myself.
Protip!
Zsh (oh-my-zsh) escapes the shellcode without the -e flag
Lol i needed this tutorial 2 days ago
Michael Cera?
Yo bois
Don't you need to pass -e to echo in order for it to interpret the \x sequences?
well nevermind
this shows copy and paste is not solution for everything you're trying some things still needs some small attention 🤠
You know when I was 14/15 I nearly did it, became just as elite. I installed suse Linux on a partition. Bought the manual and everything. But I couldn't find drivers for my damn modem that would work. So I couldn't get on the Internet (this was 1999) and my hacking project died there =(
I think qiling ( github.com/qilingframework/qiling ) can help you debug and analyze shellcode.
What the hell is that sweater?
I really like your videos *a lot* and have a great deal of respect for you but your accent eludes me.
I mean, your account says you're from Germany and your pronunciation also sounds German but sometimes you have really weird grammar that doesn't really work in German or English?
For example in the first part of the video:
"Because I get often questions..."
The more natural way to say this in English would be "Because I often get questions"
But! In German the sentence in this context would be "Weil ich oft Fragen kriege" (or something similar) WHICH HAS THE SAME ORDER OF WORDS EXCEPT TWO DIFFERENT WORDS ARE SWAPPED
Again, please don't misunderstand this as critique or an insult (As a German, I totally get how hard it is to speak English well!). It's just that the mistakes you make genuinely intrigue me.
1st