Video walkthrough for retired HackTheBox (HTB) Pwn (binary exploitation) challenge "Ropme" [hard]: "Can you pwn the service and get the flag?" - Hope you enjoy 🙂
Sign up for HackTheBox: hacktheboxltd.sjv.io/xk75Yk
↢Social Media↣
Twitter: / _cryptocat
GitHub: github.com/Crypto-Cat
HackTheBox: app.hackthebox.eu/profile/11897
LinkedIn: / cryptocat
Reddit: / _cryptocat23
RU-vid: / cryptocat23
Twitch: / cryptocat23
↢HackTheBox↣
app.hackthebox.eu/challenges/8
↢Resources↣
guyinatuxedo.github.io/
github.com/Gallopsled/pwntool...
↢Chapters↣
Start - 0:00
Basic file checks - 0:55
Analyse with Ghidra - 3:30
Identify IP offset in GDB - 4:42
Create PwnTools script - 7:00
Leak GOT address with puts() - 9:45
Calculate libc base and offsets - 18:52
Build second payload (shell) - 22:15
Update Libc offsets for remote - 23:50
Bonus (PwnTools ROP objects) - 27:53
Bonus (Import Libc to PwnTools) - 31:20
3 июл 2024