Exploring pwnable with ltrace and gdbinit script - Exploitation part 1/2 - RHme3 Qualifier

Channel:

Subscribers:

921,000

Published on September 1, 2017 6:07:09 PM ● Video Link: https://www.youtube.com/watch?v=sJPhsE_XeKI

Duration: 8:48

19,242 views

481

Exploitation challenge from the RHme3 qualification round. We use ltrace to understand what the binary does and then use gdbinit to create custom logging.

https://github.com/Riscure/Rhme-2017

-=[ 🔴 Stuff I use ]=-

→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb

US Store Front:* https://www.amazon.com/shop/liveoverflow

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#BinaryExploitation

Other Videos By LiveOverflow

2017-10-20	Play CTF! A Great Way to Learn Hacking - Fsec 2017
2017-10-17	KRACK - Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2
2017-10-13	Using z3 to find a password and reverse obfuscated JavaScript - Fsec2017 CTF
2017-10-06	Software Side-Channel attack on AES - White Box Unboxing 4/4 - RHme3 Qualifier
2017-09-29	Some failed attack ideas - White Box Unboxing 3/4 - RHme3 Qualifier
2017-09-22	TL;DR it's AES... - White Box Unboxing 2/4 - RHme3 Qualifier
2017-09-15	Understanding the execution flow of the binary - White Box Unboxing 1/4 - RHme3 Qualifier
2017-09-10	[Live] Reverse Engineering new PopUnder for Chrome 63 on Windows
2017-09-08	†: Use-after-free with fast bins
2017-09-08	Use-after-free and overwrite entry in GOT - Exploitation part 2/2 - RHme3 Qualifier
2017-09-01	Exploring pwnable with ltrace and gdbinit script - Exploitation part 1/2 - RHme3 Qualifier
2017-08-29	RHme3 qualification ended but you could still get a board!
2017-08-25	Don't trust time
2017-08-20	Reminder: sign up for RHme3 hardware CTF - loopback 0x04
2017-08-18	Making-of LiveOverflow Videos 2017
2017-08-11	Reverse Engineering PopUnder Trick for Chrome
2017-08-04	Reverse Engineering Obfuscated JavaScript
2017-07-28	Injection Vulnerabilities - or: How I got a free Burger
2017-07-21	Bruteforce 32bit Stack Cookie. stack0: part 3 - bin 0x23
2017-07-14	Identifying another exploit mitigation and find bypass. stack0: part 2 - bin 0x22
2017-07-07	Buffer overflow on a modern system impossible? stack0: part 1 - bin 0x21

Tags:

Live Overflow

liveoverflow

hacking tutorial

how to hack

exploit tutorial

gdbinit

ltrace

strace

gdb

debugging

exploit

use-after-free

use after free

linux exploitation

daemon

deamon

server

tcp server

netcat

rhme3

riscure

hardware ctf

ctf tutorial

pwning

heap exploitation