Friday , April 3 2020
Home / Video / Jump Oriented Programming: Ethereum Smart Contract #2 – Real World CTF 2018

Jump Oriented Programming: Ethereum Smart Contract #2 – Real World CTF 2018



Partially 2 we determine a backdoor and discover the devices to do JOP in a ethereum sensible contract.

Problem Recordsdata + Resolution:
Remix:
EVM Opcodes:
Ethereum plugin for Binary Ninja:

-=[ 🔴 Stuff I use ]=-

→ Microphone:*
→ Graphics pill:*
→ Digital camera#1 for streaming:*
→ Lens for streaming:*
→ Join Digital camera#1 to PC:*
→ Digital camera#2 for electronics:*
→ Lens for macro pictures:*
→ Keyboard:*
→ Headphones:*

-=[ ❤️ Support ]=-

→ per Video:
→ per Month:

-=[ 🐕 Social ]=-

→ Twitter:
→ Web site:
→ Subreddit:
→ Fb:

-=[ 📄 P.S. ]=-

All hyperlinks with “*” are affiliate hyperlinks.
LiveOverflow / Safety Flag GmbH is a part of the Amazon Affiliate Associate Programm.

#CTF #SmartContract

About beheer

Check Also

Datadash and Richard Heart talk all things Bitcoin and Ethereum in Singapore

Declare free HEX tokens! Launching this month. The First Excessive Curiosity Blockchain Certificates of Deposit …

Ethereum Infinite Scaling, Bakkt Custody, Capital Controls & Bitcoin Price Bottom

My Second Channel: —————————————————————————- Assist Me On Patreon! —————————————————————————- Shield And Retailer Your Crypto With …

37 comments

  1. Euhhh why did I subscribe ?? Donno !!… but i guess congrats on solving what i don’t know and don’t understand, and hope for more future videos that will make feel better for not being a programer or whatever you do in life !!

  2. Nice bro, you dont give up that easily 🙂

  3. Love your video. This is really amazing.

  4. What a satisfying journey for me, watching your struggling process and the bingo process. So damn good. Would you consider making another video which you recreates the challenge as if you were the challenge author?

  5. SO is Ethereum still a good buy ?

  6. where did you learn hacking?? i know i little bit from youtube but how are you so good?

  7. Glad you enjoy it and great explanation! This was a great birthday&christmas gift, especially the drawings lol(wait where's my glasses). BTW Monica wants to say "You beat me! :D"

  8. Please make a video on satellite tv smartcard cloing. It's possible????

  9. i dont even know eth but i still enjoy watching your videos

  10. When explaining the solution, it is extremely clear. However, if you don't pause for a second, someone that doesn't know exactly what you're talking about (i.e. me :p) tunes out. So if you just pause for like one or two seconds, just to breathe, I think these video would be on a whole other level. Apart from that, great video!

  11. Anyone else just still trying to figure out what a smart contract even is?

  12. Jump-Oriented Programming = Return-Oriented Programming is a security exploit technique.

  13. As someone who knows a bit of assembly, and a bit about Ethereum smart contracts: wtf did I just watch. This challenge is insane, nice work figuring it out!

  14. PLEASE stop writing the word "answer" as "anwser", you did it pretty much every time on your hand drawn text, but never on typed text xD still a great challenge and videos but god damn I saw that typo too many times to shut up about it :p

  15. Incredible job, this was very informative and enjoyable

  16. wow…so incredible.. normally i dont watch youtube…but this video makes me glued…thanks and merry christmas!!!

  17. And here I am writing php 😀

  18. 9 lunix(meme) haters has disliked the video

  19. A question i have though, when doing CTFs you know there is a vuln to be found
    But when working for someone you don't know if there even is one and that's why you are here, so do you get paid if you didn't found any
    and at what point do you stop searching for a vuln in a particular software ?

  20. Wow. Just mad respect to you for digging into this in such depth in such short time.
    I'm now scared for live, writing evm code just when thinking about function signature collision O_O

  21. What programming language the winners were using and what apps

  22. I was really exited for part 2 of this series! I only had some basic knowledge of ethereum smart contracts but you explained everything pretty good. It's quite bizarre that smart contracts allow inline assembly. A bit too 'low level' in my opinion. Hope you keep up your good work!

    Would you say that your experience with CTFs help you generally in your career? I personally love to look into 'implementations' of copy protections, licence validations or 'trial-periods' but I don't really know how to make money of it. (At the moment I do regular software development work)

    Viele Grüße aus 🇦🇹

  23. whoooow what a great explanation. To be honest, i'm not there yet. However, I do got one question already. At the end you mention you gained professional insights and knowledge. My question is, given your efforts, who would have the same experience and insights you have. To rephrase, why not hire you on the spot given your gained knowledge. To rephrase again, how many would resolve this ctf and can tell me how they did it in such clear insights.

  24. Why did you pad with 4848? I was so sure I found a cute little easteregg in the video, but G is 0x47, so no GG…
    Meine Trauer lässt sich nicht in Worte fassen :p

  25. It's really a hard CTF challenge, I couldn't even continue the video

  26. Sweet video, I too fell out with the detail. But you know, this was probably the most enjoyable video I've seen from you. Mainly because you sounded so determined to nail it and got excited nearing the end. Congratulations

  27. What editor/viewer is he using to display the assembly code at 13:08 ?

  28. I wanna ask: Is metasploit using pwn to remote exploit? I'm new to pwn in ctf.

  29. Hiya Live, I admire the honest and clean approach your channel is still maintaining. Love you man, keep on the good work learning and teaching at the same time is the best, especially for the noobs like me 🙂

  30. "anwser". Literally unwatchable.

    Seriously though that was a deeeeeep dive in Smart contracts. I never realised how in depth a eth ctf challenge could go. If only that ctf was a day longer huh 😁

  31. make Jscrambler and reverse engineering

  32. i dont understate most of you said ..(yes i am a super noob) but i like your cool animation ..so funny 🙂

  33. Don't study solidity, just watch these two videos on repeat.