NokiMo
LiveOverflow

LiveOverflow

patreon


LiveOverflow posts

Critical Sudo Vulnerability Walkthrough - CVE-2021-3156

The most comprehensive video covering the sudo vulnerability CVE-2021-3156 Baron Samedit. I spent two weeks on rediscovering, analysing and exploitation of the sudoedit heap overflow. We will talk ...

View Post

Protect Linux Server From Hackers

Do you have a linux server and do you know how to prevent getting hacked? In this video we will critically discuss a few best practices. The video can be summarized as: "a lot of fluff, not much us...

View Post

Running Out Of Hacking Video Ideas

I made every video I ever wanted to make... At least that's how I feel. I feel like "Everything I know I have shared in my over 300 videos". I recently celebrated 6 years on YouTube, and it made me...

View Post

Hacking into Google's Network for $133,337

In this video we hear the story how Ezequiel Pereira found a critical vulnerability in Google Cloud and was awarded $164,674 in total. This is a crazy bug, because it requires so much knowledge abo...

View Post

Format String Exploit Troubleshooting Over Twitter - bin 0x11 b

A troubleshooting video about a binary exploitation challenge. Should fit well into the binary exploitation playlist 

2021-02-25 18:29:25 +0000 UTC View Post

How CPUs Access Hardware - Another SerenityOS Exploit

When I looked at another SerenityOS exploit, I learned something new! The hack is very creative and directly interacts with hardware. I never really understood how modern CPUs interact with periphe...

View Post

Does Hacking Require Programming Skills?

When I saw how easy it is for Andreas to find bugs in his own code, and even write exploits for it, I thought about the relationship between hacking and coding skills. And it's not surprising that ...

View Post

Reading Kernel Source Code - Analysis of an Exploit

Part two of analysing the Serenity wisdom2 exploit

View Post

Kernel Root Exploit via a ptrace() and execve() Race Condition

Let's have a look at a kernel local privilege escalation exploit in SerenityOS! And why it is beneficial to learn about it, even though it's not a widely used OS.

View Post

December Project Video Bundle #4

This is the last set of videos for my advents calendar. The last video is a more regular video that I scripted and edited.

December Project Video Bundle #3

The third set of videos for the December t-shirt project, only one more set to go.

December Project Video Bundle #2

This is the second set of December videos!

December Project Video Bundle #1

Hellooo o/

This is the first Patreon bundle for the December project.

Solving Nintendo HireMe!!! with "Basic" Math

We are going to solve the Nintendo HireMe.cpp challenge with some "basic" math. I call it basic, because linear algebra is taught pretty early in school. But I know it is not so easy to figure out ...

View Post

Plans for December - Warning!!

Hey everyone, last year I made 24 daily videos as an "advents calendar" (https://www.you...

View Post

Nintendo Hire me!!!!!!!!

Difficult programming and reverse-engineering challenge by Nintendo European Research & Development (NERD). In this first part I have a first look at the challenge and try different stuff. In t...

View Post

How Hacking Actually Looks Like - ALLES! CTF Team in Real Time

Get a unique insight into how hacking really looks like. This is a live recording and commentary of the ALLES! CTF Team playing the Google CTF finals hackceler8. After we have placed 8th in the Goo...

View Post

What is a File Format?

Let's explore what a file format is, and provide a different view on it. We dive into polyglots, file format research and the impact on security. 

Funky File Formats Talk: 2020-10-26 17:56:23 +0000 UTC View Post

Guessing vs. Not Knowing in Hacking and CTFs

I really hate it when I have to guess stuff. This applies to CTFs, but also to my real-world work in penetration testing. It is incredibly frustrating to bruteforce or guess something, that could j...

View Post

Chaining Script Gadgets to Full XSS - All The Little Things 2/2 (web) Google CTF 2020

In the second part we are building on top of what we have learned. We figure out how to craft something special out of a very limited script gadget. Eventually we can use it to leak the secret note...

View Post

CTF Web Challenge Recon - All The Little Things 1/2 (web) Google CTF 2020

All The Little Things was a pretty hard web challenge from the Google CTF 2020. In this video we do some initial recon and research and try to find an angle to attack. Part 1/2.  

Chall...

View Post

XSS on the Wrong Domain T_T - Tech Support (web) Google CTF 2020

Try chatting with tech support about getting a flag. There is a very easy XSS in the support chat, but the problem is, the XSS is on the wrong domain. So we can't easily grab the flag.  

View Post

XSS a Paste Service - Pasteurize (web) Google CTF 2020

Easy web challenge from the Google CTF. XSS a paste service.

Challenge: https://capturethef...

View Post

Why Hackers Love the Number 1,094,795,585

It turns out, I have a favorite number over 1 million! Let me show you why 1094795585 is special to me and to many hackers.

#MegaFavNumbers Playlist: 2020-09-01 17:04:08 +0000 UTC View Post

Winners of Google Capture-The-Flag Finals 2019 🏳️

The last day from my trip to the Google CTF Finals 2019 in London.

Defusing a Bomb at Google London HQ - Having a Blast Google CTF Finals 2019 (hardware)

 Hardware challenge "Having a Blast" from the Google CTF Finals. It can be compared to the "Keep Talking and Nobody Explodes".

Google CTF Finals 2019! - Escal8 2019 Day 3

Day 1 of the Google CTF Finals 2019

View Post

Bug Hunter Talks & Init.G for Student - Escal8 2019 Day 2

In December 2019 I was invited by Google to come to London for the Google CTF finals. This Vlog is about my second day where I listened to some bug hunter talks and met students at init.G.

I'...

View Post

JavaScript Gadgets! Google Docs XSS Vulnerability Walkthrough

A very interesting Cross-site Scripting Issue in gDocs Spreadsheets. I get a chance to talk to the bug hunter Nick, as well as Google engineers to understand both sides. How did he find it? And why...

View Post

MMO Hacking Game Design in Unity (IL2CPP) - Game Devlog #4

To make a hackable MMO game, I had to think a lot about the unique game design. So we are going over challenges as well as level design and how the game evolved.

This is part 4/4. Next video ...

View Post