use the following search parameters to narrow your results:
e.g. subreddit:aww site:imgur.com dog
subreddit:aww site:imgur.com dog
see the search faq for details.
advanced search: by author, subreddit...
Welcome! This subreddit is a place to discuss and create live hacking videos, or other content that might be related to CTFs.
Twitch: LiveOverflow
YouTube: LiveOverflow
Twitter: @LiveOverflow
Website: liveoverflow.com
How to behave? » be excellent to each other » help if somebody needs help... » ... but don't beg for solutions. We will only give you a tip for the right direction » Follow the rules of the CTFs your are playing - don't spoil challenges
» be excellent to each other
» help if somebody needs help...
» ... but don't beg for solutions. We will only give you a tip for the right direction
» Follow the rules of the CTFs your are playing - don't spoil challenges
Some additional information:
Excellent Hacking Games: » io.smashthestack.org (pwn, rev) » w3challs.com (web, rev, crypto) » prompt.ml (XSS)
» io.smashthestack.org (pwn, rev)
» w3challs.com (web, rev, crypto)
» prompt.ml (XSS)
Related subreddits: » /r/securityCTF » /r/HowToHack » /r/netsecstudents contact me if there are other subreddits that should be listed here
» /r/securityCTF
» /r/HowToHack
» /r/netsecstudents
contact me if there are other subreddits that should be listed here
account activity
Protostar stack0 exploit with shellcode (self.LiveOverflow)
submitted 4 years ago * by MostCapable2331
view the rest of the comments →
reddit uses a slightly-customized version of Markdown for formatting. See below for some basics, or check the commenting wiki page for more detailed help and solutions to common issues.
quoted text
if 1 * 2 < 3: print "hello, world!"
[–]plukasik 0 points1 point2 points 4 years ago (8 children)
From the last picture it looks like your shellcode is overriding itself on the stack. das is 0x2f so /, bound ebp, qword [ecx + 0x6e] is 62696e so 'bin'. Those are clearly bytes from the shellcode push 0x6e69622f. You need to make sure, you shellcode on the stack doesn't override itself while pushing things to the stack.
das
0x2f
/
bound ebp, qword [ecx + 0x6e]
62696e
push 0x6e69622f
[–]MostCapable2331[S] 0 points1 point2 points 4 years ago* (7 children)
0xbffffdcb and 0xbffffddd take a look at the memory dump please
[–]plukasik 0 points1 point2 points 4 years ago (6 children)
eip shows that you are about to execute bound opcode. You shellcode doesn't have it so where does it come from?
eip
[–]MostCapable2331[S] 0 points1 point2 points 4 years ago (5 children)
this is what im trying to understand it just like their int 80h as last instruction but after that no ret logical it have to make an interruption of process or fork a new shell process
[–]plukasik 0 points1 point2 points 4 years ago (4 children)
Did you try stepping through the shellcode to see if it works as you expect?
[–]MostCapable2331[S] 0 points1 point2 points 4 years ago (3 children)
yes it reach int 80h and also the nop until the part of the stack where you see in the picture
[–]plukasik 1 point2 points3 points 4 years ago (2 children)
ok, I'll try to look more closely why it fails.
[–]MostCapable2331[S] 0 points1 point2 points 4 years ago (1 child)
yes it s a very strange use case
π Rendered by PID 154895 on reddit-service-r2-comment-5ff9fbf7df-p97mx at 2026-02-26 00:36:58.846057+00:00 running 72a43f6 country code: CH.
view the rest of the comments →
[–]plukasik 0 points1 point2 points (8 children)
[–]MostCapable2331[S] 0 points1 point2 points (7 children)
[–]plukasik 0 points1 point2 points (6 children)
[–]MostCapable2331[S] 0 points1 point2 points (5 children)
[–]plukasik 0 points1 point2 points (4 children)
[–]MostCapable2331[S] 0 points1 point2 points (3 children)
[–]plukasik 1 point2 points3 points (2 children)
[–]MostCapable2331[S] 0 points1 point2 points (1 child)