How CPUs Access Hardware - Another SerenityOS Exploit
When I looked at another SerenityOS exploit, I learned something new! The hack is very creative and directly interacts with hardware. I never really understood how modern CPUs interact with peripherals, so this was very interesting to me.
Previous SerenityOS videos:
https://www.youtube.com/watch?v=qUh507Na9nk
https://www.youtube.com/watch?v=oIAP1_NrSbY
Linus' wisdom2 exploit: https://github.com/allesctf/writeups/blob/master/2020/hxpctf/wisdom2/writeup.md
SerenityOS hacking: https://www.youtube.com/watch?v=DhVZ7vO69DI&list=PLMOpZvQB55bcRA5-KjvW7dVyGUarcqZuL
Vulnerable SerenityOS version: https://github.com/SerenityOS/serenity/tree/5505159a94c226d0c8a5e82a163a6d37a9404c57
Binary Exploitation Playlist: https://www.youtube.com/watch?v=iyAyN3GFM7A&list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN
Hardware Wallet Research: https://www.youtube.com/watch?v=nNBktKw9Is4&list=PLhixgUqwRTjyLgF4x-ZLVFL-CRTCrUo03
00:00 - Intro
00:47 - Accumulating Knowledge Over Years
01:14 - The Plan For This Video
02:00 - Computers are Simple!
02:40 - Computers are Hard!
03:39 - What I Already Know About Kernels
04:58 - Missing Link Between Hardware and Software
06:00 - Andreas Summarizes Another SerenityOS Exploit
08:18 - What Are CPU EFLAGS?
11:02 - What Are IO Ports?
12:03 - Playing With EFLAGS
13:06 - Talking To Hardware via IO Ports
13:45 - Arduino Hardware Example - OUT Instruction
14:45 - Access Harddisk Controller With Ports
15:15 - Detecting Keybord Key Press
15:43 - EUREKA!
16:46 - Outro
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from LiveOverflow · LiveOverflow · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
![[Live] Remote oldschool dlmalloc Heap exploit - bin 0x1F](https://i.ytimg.com/vi/2GVi8_9u5TY/mqdefault.jpg)
57
58
59
60
LiveOverflow - Trailer
LiveOverflow
Introduction to Linux - Installation and the Terminal - bin 0x01
LiveOverflow
Writing a simple Program in C
LiveOverflow
Writing a simple Program in Python - bin 0x03
LiveOverflow
Live Hacking - Twitch Recording overthewire.org - Vortex 0x01-0x03 (3h)
LiveOverflow
Reversing and Cracking first simple Program - bin 0x05
LiveOverflow
Abusing the exception handler to leak flag - 32C3CTF readme (pwnable 200)
LiveOverflow
ROP with a very small stack - 32C3CTF teufel (pwnable 200)
LiveOverflow
Uncrackable Programs? Key validation with Algorithm and creating a Keygen - Part 1/2 - bin 0x07
LiveOverflow
Uncrackable Program? Finding a Parser Differential in loading ELF - Part 2/2 - bin 0x08
LiveOverflow
Syscalls, Kernel vs. User Mode and Linux Kernel Source Code - bin 0x09
LiveOverflow
Smashing the Stack for Fun and Profit - setuid, ssh and exploit.education - bin 0x0B
LiveOverflow
Live Hacking - EFF-CTF 2016 - Level 0-4 (Enigma Conference)
LiveOverflow
First Stack Buffer Overflow to modify Variable - bin 0x0C
LiveOverflow
First Exploit! Buffer Overflow with Shellcode - bin 0x0E
LiveOverflow
Buffer Overflows can Redirect Program Execution - bin 0x0D
LiveOverflow
Doing ret2libc with a Buffer Overflow because of restricted return pointer - bin 0x0F
LiveOverflow
Reverse engineering C programs (64bit vs 32bit) - bin 0x10
LiveOverflow
pwnable.kr - Levels: fd, collision, bof, flag
LiveOverflow
Reverse Engineering and identifying Bugs - BKPCTF cookbook (pwn 6) part 1
LiveOverflow
Leaking Heap and Libc address - BKPCTF cookbook (pwn 6) part 2
LiveOverflow
Arbitrary write with House of Force (heap exploit) - BKPCTF cookbook (pwn 6) part 3
LiveOverflow
Live Hacking - Internetwache CTF 2016 - web50, web60, web80
LiveOverflow
Live Hacking - Internetwache CTF 2016 - crypto60, crypto70, crypto90
LiveOverflow
A simple Format String exploit example - bin 0x11
LiveOverflow
NEW VIDEOS ARE COMING - loopback 0x00
LiveOverflow
HTML + CSS + JavaScript introduction - web 0x00
LiveOverflow
The HTTP Protocol: GET /test.html - web 0x01
LiveOverflow
Building Poor Man's Logic Analyzer with an Arduino - Reverse Engineering A/C Remote part 1
LiveOverflow
What is PHP and why is XSS so common there? - web 0x02
LiveOverflow
Introducing the AngularJS Javascript Framework - XSS with AngularJS 0x00
LiveOverflow
Sandbox Bypass in Version 1.0.8 - XSS with AngularJS 0x1
LiveOverflow
Capturing & Analyzing Packets with Saleae Logic Pro 8 - Reverse Engineering A/C Remote part 2
LiveOverflow
XSS Contexts and some Chrome XSS Auditor tricks - web 0x03
LiveOverflow
Previous Bypass is now fixed in version 1.4.7 - XSS with AngularJS 0x2
LiveOverflow
New Sandbox Bypass in 1.4.7 - XSS with AngularJS 0x3
LiveOverflow
The Heap: what does malloc() do? - bin 0x14
LiveOverflow
The Heap: How to exploit a Heap Overflow - bin 0x15
LiveOverflow
Reverse Engineering with Binary Ninja and gdb a key checking algorithm - TUMCTF 2016 Zwiebel part 1
LiveOverflow
Scripting radare2 with python for dynamic analysis - TUMCTF 2016 Zwiebel part 2
LiveOverflow
Live Hacking - Internetwache CTF 2016 - exp50, exp70, exp80
LiveOverflow
Sandbox bypass for the latest AngularJS version 1.5.8 - XSS with AngularJS 0x4
LiveOverflow
Channel is growing and Riscure hardware CTF starting soon - loopback 0x01
LiveOverflow
Explaining Dirty COW local root exploit - CVE-2016-5195
LiveOverflow
What is CTF? An introduction to security Capture The Flag competitions
LiveOverflow
The Heap: How do use-after-free exploits work? - bin 0x16
LiveOverflow
The Browser is a very Confused Deputy - web 0x05
LiveOverflow
The Heap: Once upon a free() - bin 0x17
LiveOverflow
Simple reversing challenge and gaming the system - BruCON CTF part 1
LiveOverflow
int0x80 from DualCore lent me his lockpicking set and I'm a horse - BruCON CTF part 2
LiveOverflow
The Heap: dlmalloc unlink() exploit - bin 0x18
LiveOverflow
MD5 Length Extension and Blind SQL Injection - BruCON CTF part 3
LiveOverflow
TCP Protocol introduction - bin 0x1A
LiveOverflow
Socket programming in python and Integer Overflow - bin 0x1B
LiveOverflow
Linux signals and core dumps - bin 0x1C
LiveOverflow
[Live] Remote oldschool dlmalloc Heap exploit - bin 0x1F
LiveOverflow
Riscure Embedded Hardware CTF setup and introduction - rhme2 Soldering
LiveOverflow
Rooting a CTF server to get all the flags with Dirty COW - CVE-2016-5195
LiveOverflow
How to learn hacking? ft. Rubber Ducky
LiveOverflow
Format String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150)
LiveOverflow
More on: Security Basics
View skill →
Related AI Lessons
⚡
⚡
⚡
⚡
HDFC AMC Just Confirmed a Cybersecurity Incident.
Medium · Cybersecurity
BEFORE YOU TOUCH THE TARGET: A PASSIVE AND ACTIVE RECON WALK-THROUGH FOR CYBERSECURITY…
Medium · Cybersecurity
Virtual Keyboard Login with PingOne Advanced Identity Cloud
Medium · Cybersecurity
Why Businesses Quietly Accept Technology Friction as “Normal”
Medium · Cybersecurity
Chapters (17)
Intro
0:47
Accumulating Knowledge Over Years
1:14
The Plan For This Video
2:00
Computers are Simple!
2:40
Computers are Hard!
3:39
What I Already Know About Kernels
4:58
Missing Link Between Hardware and Software
6:00
Andreas Summarizes Another SerenityOS Exploit
8:18
What Are CPU EFLAGS?
11:02
What Are IO Ports?
12:03
Playing With EFLAGS
13:06
Talking To Hardware via IO Ports
13:45
Arduino Hardware Example - OUT Instruction
14:45
Access Harddisk Controller With Ports
15:15
Detecting Keybord Key Press
15:43
EUREKA!
16:46
Outro
🎓
Tutor Explanation
DeepCamp AI