I totally understand the high one gets from first shell execution (it was immensely rewarding for me). CTF is really awesome. Although I am not into cyber-sec, I enjoy these videos and actually helps me become aware of vulnerabilities! It would be cool if you would like into exploiting neural networks too. Since there are lot of organization using NN these days, it definitely has a lot of attack space!
It is always amazing to see someone taking what is started to be their hobby to the level you did. Congratulations for you 10 years, I see you enjoyed every second of it, and that is the most important about it. Thank you for making educational videos about CTFs, I am sure you inspired many of us to start a career in IT sec, and even more to start playing CTFs as a hobby. We are very grateful for your inspiration!
24:10 That final solution looks like how hacking is displayed in movies! The hours and hours that lead up to that point are just not as cinematic. -edit- more precise timestamp
one of LO's older challenge writeups had one of these he had done deliberately with the /r trick. don't think I'll find it tho, 7 active years on youtube really doesn't lend itself for searching obscure clips like that
Haven't watched the full video yet. But first, Congratulations!👍👍 The kind of thorough understanding you've gained over these years, most people don't reach that level even after having 20-25 years of experience.(It's my opinion based on the kind of people I've met) I think it is mostly because not everyone has the same mindset about this field, career, and life in general. And that's actually sad. Keep making great content! Back to the video..
Kudos for the was of presentation: the retrospective explaining as a voice over for a recorded screen capture with split-screen, that looks and feels like you are doing it "right now" is quite engaging. On the downside it promotes the idea, that hacking is fast like in Hollywood movies and not some tedious hour long labor... but you mention it all the time, how long it takes, so it's fine by me.
First congrats! I learn something new whenever I got your amazing live tests with great explanations. Keep it up, it is huge knowledge for everyone, who is interested in CTF and vulnerability research. Alright, let's continue. Peace.
I went from understanding and following you at level02 to being completely lost by level03... I always think, yeah I'm ready to start my offensive security journey, then you pull the rug from under me and I realise I'm not even close.
@@xdtimetoastergaming273 Thank you for the kind reply 🙂. You are right. I would love to turn a passion into a career, that could support my family. That is where I am putting too much pressure on myself! Peace x
Bro, I'm certified OSCP and a few of these challenges were quite a ways beyond me. How were you able to solve these challenges with no exploitation experience? I am so impressed
Very inspiring. BTW, notice in challenge 6 the the dots are printed to stderr while echo write to stdout. This means you could send stdout somewhere else (i.e. 1>/dev/null) and attack again using the dots as correct character indicator.
Do IT stuff, learn to code, do some programming projects that interest you, do CTFs. Liveoverflow has a video talking about this, it's one of his most popular. The more you understand about how computers work and are architected the easier this stuff comes.
@@syedimran90 this is what that video is about. Basically gather information about how computers work, learn programming in different languages, and have a mindset of "how can it fail" Look it back. There is no step by step tutorial for that. CTFs are.
Great video, I like the different types of attacks/challenges. I understand that using python2 for exploitation is often easier and more code can be found especially on older writups. But could you try and use python3 in the future?
Lol you really must be into 'reversing' (pun intended) when even the 32-bit little-endian representation of your nick totally makes sense :D Greetings from Austria!
Congratulations 🎉😁 can you recommend someone in German who makes videos about it? I would also like to switch to IT security, but learning extra English at the same time will then be too much 🙈
I really liked how this video was set up. The technical content is always great, but I really liked the exposition and execution of this video. Did you abandon full script writing in favor of bullet points to make it? Or did you memorize parts of the script and just play them as if they were improvised? I know it's a bit of an odd question, but I'm really fascinated by the making and behind the scenes of your videos (in addition to the content itself, of course).
Für ein Anfänger den selbst SSH-Zugriff überrascht hat, mit wenigen Programmierkenntnissen so ein schweres CTF zu schaffen, Hut ab! 🎉 Hast du Literatur welche du empfehlen würdest? 😄
CSCG is indeed a great opportunity to start hacking! There are quite a lot of time intensive but pretty easy challenges, which is exactly what beginners like me should get!
Transcript (wrong) 0:00 ally. I have been coding throughout my teenage years, and even in 2009 in high school 0:33 I had a class assignments about databases, and I explained SQL injections. So I had
Transcript 0:00 i have been in i.t security for 10 years 0:03 and i want to celebrate by going back to 0:06 where it all started i want to go over 0:08 the first vulnerabilities that i have 0:10 exploited 10 years ago and see how i 0:13 think about them today when people ask 0:15 me when did you start with hacking 0:17 usually i say around 2012 because 2012 0:21 is the year when i discovered capture
I've find out challenge on netgarage has been changed and it's got a completely new puzzles. I'm trying to solve it now, but really stuck with level03 with off-by-one overflow. Did someone solved it?
Hacking involves: Any individual that enters into any device comment using telegraphic signal, today know as digital or analog signal. Hacking must be done on those that are certified to be a threat to each and every United States of North American citizen and/or loved ones. Hacking must be presented to a federal judge by pursued, who must have beyond a reasonable doubt, that the individual(s) are intentionally using their device for purposes of defrauding for any reason against each and every United States of America Citizen or any of humanity on the Global Planet Earth. Otherwise the intent of a hacker can lay upon those supervisor and managers first then the hacker, for overstepping their authorization. A city judge can not give authorization nor a county or state judge is authorized to overstep a federal judges assumed choice to give authorization within the sovernity of the United States of North America.
Hi Liveoverflow I tried to follow along your video. but I failed to ssh to level01. it says /bin/bash refused everytime I ssh to level01 account. I try also to search about the problem and tried possible solution but still i couldn't find the solution. please help me to solved this problem I been having this for two days still failed to connect with level01. thank you so much whoever response to my question. 🙏
It was about reflecting back. I did these challenges 10 years ago for the first time. Of course they are now easy. With this video I can show people that stuff that is hard, will become easy after some time. That’s not bragging. That’s showing you that you can get there too
I tried to set up this VM and first I got a bunch of errors saying it could not find folders /var/chroot-rw/home/levelXX so I created them manually and the first script was happy (finished with 'Done.' message) Then after sudo /etc/init.d/level05 start I get "Starting CTF level05 python server [fail]" - is that how it's supposed to be?
Hacking involves: Any individual that enters into any device comment using telegraphic signal, today know as digital or analog signal. Hacking must be done on those that are certified to be a threat to each and every United States of North American citizen and/or loved ones. Hacking must be presented to a federal judge by pursued, who must have beyond a reasonable doubt, that the individual(s) are intentionally using their device for purposes of defrauding for any reason against each and every United States of America Citizen or any of humanity on the Global Planet Earth. Otherwise the intent of a hacker can lay upon those supervisor and managers first then the hacker, for overstepping their authorization. A city judge can not give authorization nor a county or state judge is authorized to overstep a federal judges assumed choice to give authorization within the sovernity of the United States of North America.
"Evil revo wolf" is a great hacker name tho!
Of course🤣
Yes lol
😂
agreed:) cTfOv3R again after these ten years with a more sudden and brutal way:)
PwnCat
I totally understand the high one gets from first shell execution (it was immensely rewarding for me). CTF is really awesome. Although I am not into cyber-sec, I enjoy these videos and actually helps me become aware of vulnerabilities! It would be cool if you would like into exploiting neural networks too. Since there are lot of organization using NN these days, it definitely has a lot of attack space!
Like what?
It is always amazing to see someone taking what is started to be their hobby to the level you did. Congratulations for you 10 years, I see you enjoyed every second of it, and that is the most important about it. Thank you for making educational videos about CTFs, I am sure you inspired many of us to start a career in IT sec, and even more to start playing CTFs as a hobby. We are very grateful for your inspiration!
Congrattulations ♥️♥️ you’re the one who helps me a lot when i start this career
24:10 That final solution looks like how hacking is displayed in movies!
The hours and hours that lead up to that point are just not as cinematic.
-edit- more precise timestamp
one of LO's older challenge writeups had one of these he had done deliberately with the /r trick. don't think I'll find it tho, 7 active years on youtube really doesn't lend itself for searching obscure clips like that
Haven't watched the full video yet. But first, Congratulations!👍👍
The kind of thorough understanding you've gained over these years, most people don't reach that level even after having 20-25 years of experience.(It's my opinion based on the kind of people I've met)
I think it is mostly because not everyone has the same mindset about this field, career, and life in general. And that's actually sad.
Keep making great content!
Back to the video..
@S how did you put an image infront of your name in your youtube username
@@astagfargamer that's a badge, which shows the user joined as member
@@SuperSohaizai omg
congrats! 10 years of infose twitter tho might get to me personally id be dead inside
Back then 10 yrs you were still 20+ yrs ahead of me 😂❣️
🙃30 + ahead of me....
Kudos for the was of presentation: the retrospective explaining as a voice over for a recorded screen capture with split-screen, that looks and feels like you are doing it "right now" is quite engaging.
On the downside it promotes the idea, that hacking is fast like in Hollywood movies and not some tedious hour long labor... but you mention it all the time, how long it takes, so it's fine by me.
Congratulations man, love your videos and your passion for this stuff is downright *contagious!* And as we all know, that's definitely what it takes!
Thanks for all your hard work and content over the years, I highly appreciate it!
First congrats! I learn something new whenever I got your amazing live tests with great explanations. Keep it up, it is huge knowledge for everyone, who is interested in CTF and vulnerability research. Alright, let's continue. Peace.
Thx for sharing your experience from the days back then.. Cant stop being amazed 😮
Happy 0x0Ath Anniversary coach 🥳, you've been a superb teacher for 0x0A Years
You have been inspiring me for last 5 years.
I went from understanding and following you at level02 to being completely lost by level03... I always think, yeah I'm ready to start my offensive security journey, then you pull the rug from under me and I realise I'm not even close.
dw you will get there one day, just keep practicing and learning and having fun. try not to focus on the huge goals that you arent ready for.
@@xdtimetoastergaming273 Thank you for the kind reply 🙂. You are right. I would love to turn a passion into a career, that could support my family. That is where I am putting too much pressure on myself! Peace x
This was the first CTF I ever finished and the shirt is one of my prized possessions. Thanks for the memories
congrats for your 7 years youtubing and doing an amazing job at it. Continue to spread the hacker manifesto spirit !
Man! you are on a level of your own. this is crazy, the stuff you know not everyone knows it
I took a RE class in Uni and this reminded me of everything I learned. thanks
How Fun~! Thank You for Your Contributions to the World ❣️
Lovely. Well spent 10 years. Thank you very much for being such a great inspiration @LiveOverflow. Your "wolf" is not "live".
9:10 aww thanx for shutout "evil wolf" :)
Bro, I'm certified OSCP and a few of these challenges were quite a ways beyond me. How were you able to solve these challenges with no exploitation experience?
I am so impressed
Congratulations on your achievements!
@Liveoverflow congratulations bro... Already 10 years making and learn hacking
Congrats 👏 👏 man you're great keeping doing
Thx for what I learned in your channel, this channel is very helpful for me. once again thx "evil revo wolf"
Very inspiring. BTW, notice in challenge 6 the the dots are printed to stderr while echo write to stdout. This means you could send stdout somewhere else (i.e. 1>/dev/null) and attack again using the dots as correct character indicator.
Wouldn’t work, because the problem is not that it’s printed on a different pipe. But that it forks and prints.
Can u reaally make a video about what is really important you learnt after all these 10 years? What should we as a novice learner focus on ?
CTFs :P
Do IT stuff, learn to code, do some programming projects that interest you, do CTFs. Liveoverflow has a video talking about this, it's one of his most popular.
The more you understand about how computers work and are architected the easier this stuff comes.
@@LiveOverflow I am also looking to do but from where should I start...?
@@syedimran90 this is what that video is about. Basically gather information about how computers work, learn programming in different languages, and have a mindset of "how can it fail" Look it back. There is no step by step tutorial for that. CTFs are.
@@whiteflameME okay,
But I am week in learning programming language.
Great Video.
Cool CTF
What an amazing 10 years past. I still have a long way to go.
The experience of learning new things by reviewing the past is 温故而知新.
I'm late to the party but nonetheless, congratulations for your 10+7 years anniversaries :)
Hi, Its a nice video and a nice ctf. One VM with a lot of concepts to learn. There is no more this today.,
I start my journey in 2016 by doing overthewire bandit CTF shell games.
Congratulations
Great video, I like the different types of attacks/challenges. I understand that using python2 for exploitation is often easier and more code can be found especially on older writups. But could you try and use python3 in the future?
Sorry, I actually realized that you were running these on the old vm,so python2 is most likely all it had
exactly ;) for personal use I have moved completely to python3
Lol you really must be into 'reversing' (pun intended) when even the 32-bit little-endian representation of your nick totally makes sense :D
Greetings from Austria!
Congratulations 🎉🎉🎉🎉
Congratulations!👍👍
Congratulations 🎉😁
can you recommend someone in German who makes videos about it? I would also like to switch to IT security, but learning extra English at the same time will then be too much 🙈
I really liked how this video was set up. The technical content is always great, but I really liked the exposition and execution of this video. Did you abandon full script writing in favor of bullet points to make it? Or did you memorize parts of the script and just play them as if they were improvised?
I know it's a bit of an odd question, but I'm really fascinated by the making and behind the scenes of your videos (in addition to the content itself, of course).
I read it all off the screen and teleprompter;) full script as always
@@LiveOverflow Wow, I would have never imagined that! Really well done :) Thanks!
Evil Wolf is such a great name
Für ein Anfänger den selbst SSH-Zugriff überrascht hat, mit wenigen Programmierkenntnissen so ein schweres CTF zu schaffen, Hut ab! 🎉
Hast du Literatur welche du empfehlen würdest? 😄
CSCG is indeed a great opportunity to start hacking! There are quite a lot of time intensive but pretty easy challenges, which is exactly what beginners like me should get!
It's kind of hilarious that protostar is still in your list of VMs (03:38).
18:40 - if the for loop is synchronous, couldn't you inject into the loop and override control - with return pointers and whatnot - RCE style??
Transcript (wrong)
0:00
ally. I have been coding throughout my teenage years, and even in 2009 in high school
0:33
I had a class assignments about databases, and I explained SQL injections. So I had
More videos like this!
I love this channel
Very talented guy
rip cc at beginning
Transcript
0:00
i have been in i.t security for 10 years
0:03
and i want to celebrate by going back to
0:06
where it all started i want to go over
0:08
the first vulnerabilities that i have
0:10
exploited 10 years ago and see how i
0:13
think about them today when people ask
0:15
me when did you start with hacking
0:17
usually i say around 2012 because 2012
0:21
is the year when i discovered capture
I am still on the wargames level 2 in bandit wargames 😂
👍🏻
Evil revo wolf! ♥
Are you trying to look like Mr. Robot? Because this is how you start...
YESS MINECRAFT
You really remind me of Christian Slater from Mr.Robot
Waiting for this year April 1st
I've find out challenge on netgarage has been changed and it's got a completely new puzzles. I'm trying to solve it now, but really stuck with level03 with off-by-one overflow. Did someone solved it?
😊
❤️❤️❤️
Is there still anything like stripe CTF on the internet that covers the same stuff that S CTF covered?
The furry shout-out was unexpected
unexpected, but very appreciated!
are you doing IT jobs interviews for other companies?
LOL @ that furry shoutout 👀
Hacking involves: Any individual that enters into any device comment using telegraphic signal, today know as digital or analog signal. Hacking must be done on those that are certified to be a threat to each and every United States of North American citizen and/or loved ones. Hacking must be presented to a federal judge by pursued, who must have beyond a reasonable doubt, that the individual(s) are intentionally using their device for purposes of defrauding for any reason against each and every United States of America Citizen or any of humanity on the Global Planet Earth. Otherwise the intent of a hacker can lay upon those supervisor and managers first then the hacker, for overstepping their authorization. A city judge can not give authorization nor a county or state judge is authorized to overstep a federal judges assumed choice to give authorization within the sovernity of the United States of North America.
Hi can you teach about Linux and Raspberry pi?
Hi Liveoverflow I tried to follow along your video. but I failed to ssh to level01. it says /bin/bash refused everytime I ssh to level01 account. I try also to search about the problem and tried possible solution but still i couldn't find the solution. please help me to solved this problem I been having this for two days still failed to connect with level01.
thank you so much whoever response to my question. 🙏
Dude looks like mr. robot
I have a bad feeling about something...
Damn Earthers, restricting their CTFs to themselves, but yeah..Martians can GTFO! Belt for life!
I get this reference. Good one! :D
My name is simply “the hacker”
there is target - russia aggression machine! Would be great if you could assist attacking them.
..wird dringend Zeit für ne neue Kamera.
Willst du mir eine kaufen?
@@LiveOverflow lol. I thought this was an old video until I saw the 13 min ago on your comment.
@@LiveOverflow habs mir jetzt 4 stunden überlegt aber ich muss dir leider absagen :(
I'm a skid
😶are you going cripto'meme' route!?....
U look fuckin cute with glasses
huh, for a second I though you meant cryptocurrency mining. phew...
a
B
It was informational but a tint of too much bragging. Saying "I saw the solution instantly" for each puzzle is unnecessary.
It was about reflecting back. I did these challenges 10 years ago for the first time. Of course they are now easy. With this video I can show people that stuff that is hard, will become easy after some time. That’s not bragging. That’s showing you that you can get there too
I tried to set up this VM and first I got a bunch of errors saying it could not find folders /var/chroot-rw/home/levelXX so I created them manually and the first script was happy (finished with 'Done.' message)
Then after sudo /etc/init.d/level05 start I get "Starting CTF level05 python server [fail]" - is that how it's supposed to be?
Congratulations
Hacking involves: Any individual that enters into any device comment using telegraphic signal, today know as digital or analog signal. Hacking must be done on those that are certified to be a threat to each and every United States of North American citizen and/or loved ones. Hacking must be presented to a federal judge by pursued, who must have beyond a reasonable doubt, that the individual(s) are intentionally using their device for purposes of defrauding for any reason against each and every United States of America Citizen or any of humanity on the Global Planet Earth. Otherwise the intent of a hacker can lay upon those supervisor and managers first then the hacker, for overstepping their authorization. A city judge can not give authorization nor a county or state judge is authorized to overstep a federal judges assumed choice to give authorization within the sovernity of the United States of North America.