mov = move. It is an operation. ebp and esp are CPU registers. Just to put you in context... He is explaining how a function is called in C at machine code level.
a very nice video. I have a question please: They always say, we add the canary values (StackGuard) into the prologue function, how is that? thank you very much :)
yes that is correct to protect the stack the canaries are placed below the return address on the stack such that if you generally need to overwrite the canary to overwrite the return address.
@@paladingroupllc3480 that is right, but please the question is: How can I do that my self? (editing the prologue and epilogue and add canaries) thank you very much ^^
@@hamzahm7767 The way you do this is to recompile your software on linux us -fstack-protector on windows I think? it's /GS. basically teh compiler puts it in. you COULD binary edit your exiting code potentially but that would be a mess.
I like using GDB the gdb disassembly for analyzing small areas of code where I might currently be looking, and understanding stack layout, however for large areas of code I used to us IDA pro, however the NSA just this month opened sourced their decompiler called Ghidra (ghidra-sre.org). I tried it out and though it's rough around the edges especially the user interface it's incredibly powerful and free. even better looks like it does de-compilation! IDA's de-compilers costs nearly $4000.00 PER architecture. I'd recommend you try out Ghidra if your looking at anything large I might move away from IDA especially if the open sourcing gets people to contribute and make it even better than it is now. in the future if time permits I might make some videos on using it. In the download there's a "Docs" section which has what looks to be "classes in PDF form" on how to use it!
Hey, I am new to this channel. nice video. I really like very much. Put a video about how executable files load into computer and runs? That means, when we execute ./a.out , what happens behind the scene. How elf binary files executed by OS?. Please explain.
nice video btw what does mov ebp,esp do can you explain a bit more
mov = move. It is an operation.
ebp and esp are CPU registers.
Just to put you in context... He is explaining how a function is called in C at machine code level.
a very nice video. I have a question please: They always say, we add the canary values (StackGuard) into the prologue function, how is that? thank you very much :)
yes that is correct to protect the stack the canaries are placed below the return address on the stack such that if you generally need to overwrite the canary to overwrite the return address.
@@paladingroupllc3480
that is right, but please the question is: How can I do that my self? (editing the prologue and epilogue and add canaries)
thank you very much ^^
@@hamzahm7767 The way you do this is to recompile your software on linux us -fstack-protector on windows I think? it's /GS. basically teh compiler puts it in. you COULD binary edit your exiting code potentially but that would be a mess.
Thank you so much
no problem, glad you enjoyed it.
Thanks for the video. What are your thoughts on using GDB for analyzing disassembled code?
I like using GDB the gdb disassembly for analyzing small areas of code where I might currently be looking, and understanding stack layout, however for large areas of code I used to us IDA pro, however the NSA just this month opened sourced their decompiler called Ghidra (ghidra-sre.org). I tried it out and though it's rough around the edges especially the user interface it's incredibly powerful and free. even better looks like it does de-compilation! IDA's de-compilers costs nearly $4000.00 PER architecture. I'd recommend you try out Ghidra if your looking at anything large I might move away from IDA especially if the open sourcing gets people to contribute and make it even better than it is now. in the future if time permits I might make some videos on using it. In the download there's a "Docs" section which has what looks to be "classes in PDF form" on how to use it!
Hey, I am new to this channel. nice video. I really like very much.
Put a video about how executable files load into computer and runs?
That means, when we execute ./a.out , what happens behind the scene. How elf binary files executed by OS?. Please explain.
I found a bug in your code, it's NOT just radius BUT radius squared: Area = radius * radius * Pi
hah good catch, I never was very good at math. hah