how do hackers exploit buffers that are too small?

Wow that's pretty cool.

I think this is a perfect start

Why would the executable file contain any information about the names of the functions?

This is so freaking cool. Edit: i click on 1 video and watch all 3 related to it. Man this is so awesome.

now make a video on how to make your thing secure from this...

If you use strace when running the program and overflow the buffer it actually shows you the password that it’s comparing your input to 😅 I found this out by accident.

Run: strace ./hacked
Then: overflow buffer
Once the seg faults you’ll see the output somewhere that states :

write(1. “Password: “, 10password: )
read(0, too_kool_4_skool

Thought you were John Hammond for a little bit and I was like "wow, he looks so different cleanshaven!"

Hacking ideas.

The title implies the solution is to just make the buffer longer. It should be called "what happens when you don't use fgets()"

Interesting for debugging your local code, but a "how to fix this hole" closing would be better for teaching.

I love you man

OK, this was, obviously, way oversimplified, with much more info available to us than would be to a typical attacker, but still it illustrates the principle of buffer overrun exploit, the most common of them all, very nicely.

Can't you use actual vulnerabilities?

Nobody uses gets anymore ...

It doesn't make sense.

What if we use strdup or fgets instead of gets, obviously gets is deprecated now.

smart

can u please tell me the distro ure using in this video

Why would hacker have the execution file? And does this trick works on interpreted languages?

the Waffle House has found its new host.

In no way did he start of the video by breaking bad.

The more I look at C/POSIX, the more I find it horribly designed...
or perfectly designed for exploitation 😕
You couldn't do this in Ada !

Hey! I am loving the recent content but have to ask a question, arent operating systems increasingly protective over buffer overflows? Like modern windows versions make it near impossible from what I have heard.

using c or c++ is basically begging for getting hacked

amazing man !!! thank you very much !!

Why wouldn't your code be compiled as a PIE with ASLR and SSP? Buffer overflows while still a major problem deferring address resolution until runtime with a cannery to pick up accidental overruns would lessen the number of people that could feasible attack the process.

Very nice video; though how would you find the debug() address on windows?

I just discovered a whole new interest watching this video

Also you can write 0x08049296.to_bytes(4, "little") to convert the address to bytes in little endianness

I like how you release this video after I had a project in my computer security class on performing buffer overflow attacks

Great info! SUBSCRIBED

If you have access to the compiled binary cant you just edit it and write a call to the debug function at the start of the program? I cant see why you would need to write a python exploit and overflow the buffer.

How do we know (as hypothetical hackers) that we want to look for the debug() function?

is it bad that i dont space my brackets? I have them attached to their control struct or function.

Cybersecurity noob here; I have a question.

You only knew the address of debug() because you had access to the compiled executable. How would someone hack in over the net not knowing the address of the function?

Not into C at all but very educational and well explained. Thank you

I like your funny words magic man

Isnt the address of debug() function going to change when it is loaded into memory? I remember something like relocateable executable, but not sure.

THANKS@!

Security on computers is just like security anywhere else, its all about how much security you need. For a lot of software, this exploit (except for the fact that it casuses a crash when the user inputs a password that is to long) is not something you need to worry about. For the same reason a pad lock is fine to use on your bike. Its hard enough to discourage people from even bothering because the benefit of breaking in is not worth the hassle of figuring out how. In my experience, buffer overflow attacks are (for any meaningful gains) usually way to hard to be a worth while endevaor (asides from possibly causing software to crash and using that to cause a service to be down).

well i use python not c so 🤷‍♂️

Please keep uploading!

I am note even remotely a coder, but I did write a horribly if then nested piece of code in LUA in Minecraft with the ComputerCraft mod and have been wanting to make a mostly secure password Programm from scratch for me there, too. I wonder if I can break that like this too ...

Nice video but honestly Java is far better

I have a question:
In c++, is the string standard library safe or is it vulnerable to similar attacks to what’s seen here?

i never seen some one use tail linux for coding or exploit finding or hacking

Can you make one of these videos with the arduino environment: methods such as Serial.read() etc ??

this is a GOLDEN content. Please keep it up. I love your channel it's unique.