1 00:00:00,210 --> 00:00:06,160 Hello, everybody, welcome to my advanced ethical hacking, networking, penetration testing, costing. 2 00:00:16,770 --> 00:00:22,720 OK, so we assume that you already download and extract your application. 3 00:00:22,950 --> 00:00:30,030 So now let's use instead of using machine all we can use all Windows machine. 4 00:00:30,030 --> 00:00:30,680 So let's come back. 5 00:00:31,260 --> 00:00:31,830 Let's go there. 6 00:00:33,150 --> 00:00:36,670 OK, so let's try to open the application to see how it looks like. 7 00:00:37,020 --> 00:00:41,360 So we double click and then we will enter again. 8 00:00:41,370 --> 00:00:43,170 Try to take anything. 9 00:00:43,170 --> 00:00:48,150 But first thing first, let's take let's try to type some letters and. 10 00:00:50,040 --> 00:00:52,430 It quickly it quickly goes away. 11 00:00:52,970 --> 00:00:53,780 Let's try again. 12 00:00:55,790 --> 00:00:57,080 And also numbers. 13 00:01:00,470 --> 00:01:11,420 OK, in Syria, all that means we see that that means we see that we should probably need to put some 14 00:01:11,420 --> 00:01:13,260 numbers on it. 15 00:01:13,280 --> 00:01:17,490 And remember, this is a message, a war in Syria. 16 00:01:17,510 --> 00:01:26,660 So we get to try to find the strength that's inside it and inside the Kurds and to do some modifications. 17 00:01:27,020 --> 00:01:33,530 OK, so let's let's try to win it now with extra attitude. 18 00:01:37,560 --> 00:01:50,310 Well, so now we can just go to the entry point and instead of going here or instead of instead of let's 19 00:01:50,310 --> 00:02:01,590 go back to you instead of clicking right click and and search for our modules and string references, 20 00:02:01,590 --> 00:02:08,460 it will take a long not a long time, but probably 10 seconds. 21 00:02:08,820 --> 00:02:12,860 But we don't want to use it now because we just want some specific text. 22 00:02:12,870 --> 00:02:18,620 So we just come here and click on symbols and automatically it's here if it's not here. 23 00:02:18,630 --> 00:02:24,170 So you get to put it here, you click on that icon A to find the strings and boom. 24 00:02:24,180 --> 00:02:26,090 So you get it in a split of seconds. 25 00:02:26,490 --> 00:02:29,900 So what we need now, we need a good job or encode. 26 00:02:30,390 --> 00:02:34,200 So anyway, so we can just try to click on one of them. 27 00:02:35,250 --> 00:02:48,630 So it's going to be all up to see until we see a jump jump, if not equal, to let me into it. 28 00:02:49,800 --> 00:02:51,210 John, to dislocation. 29 00:02:54,510 --> 00:03:03,270 O kay, what we can do that we can see the job goes ahead on this application, let me try to see. 30 00:03:05,570 --> 00:03:06,840 Here, so. 31 00:03:07,280 --> 00:03:08,160 Oh, no, no, no. 32 00:03:08,180 --> 00:03:16,010 It's on here, OK, here and then after this operation, it just pushed the stakes so we don't need 33 00:03:16,010 --> 00:03:17,650 or jump to be jumped down. 34 00:03:17,670 --> 00:03:20,300 So we got to change this light. 35 00:03:20,300 --> 00:03:26,660 So we waste space and then we remove that in. 36 00:03:29,220 --> 00:03:37,500 And all right, so we can now click on Kinsale, so let's go ahead with a little bit up what we can 37 00:03:37,500 --> 00:03:41,360 see now, something campell moves. 38 00:03:41,880 --> 00:03:49,440 OK, so let's pass it and then let's try the application first so that we can see how it will be so 39 00:03:49,440 --> 00:03:49,920 much. 40 00:03:52,030 --> 00:03:54,390 OK, so define. 41 00:03:55,480 --> 00:04:04,540 Let me call it another name, a public application, this one, but instead we will put another full 42 00:04:05,680 --> 00:04:07,000 put it here like this. 43 00:04:07,200 --> 00:04:12,910 OK, so OK, one application for applied. 44 00:04:13,210 --> 00:04:19,810 OK, we can come here and let me try to find it on your desktop to see how it would be. 45 00:04:22,120 --> 00:04:22,540 So. 46 00:04:25,830 --> 00:04:27,340 In D.C., Debra. 47 00:04:29,080 --> 00:04:30,610 Good job you got it. 48 00:04:30,790 --> 00:04:35,440 The password is two two two oh, it sounds like fake. 49 00:04:36,670 --> 00:04:37,630 Let me check again. 50 00:04:39,510 --> 00:04:40,350 Checking in. 51 00:04:43,590 --> 00:04:48,240 Now it is a one, two, three, four, and. 52 00:04:49,950 --> 00:04:51,870 Two, four, six, eight. 53 00:04:51,900 --> 00:05:01,770 OK, what we can detect is that it multiplies Egypt numbers by two or what it does, it adds the same 54 00:05:01,770 --> 00:05:02,610 number on it. 55 00:05:02,610 --> 00:05:08,230 Again, for example, it says that or one, two, three, four, plus one, two, three, four. 56 00:05:08,580 --> 00:05:09,870 So let's quit. 57 00:05:10,000 --> 00:05:12,270 Let's try again another time. 58 00:05:12,460 --> 00:05:15,960 Now, let's put something bigger. 59 00:05:16,020 --> 00:05:19,650 One, two, three, four, five, six. 60 00:05:21,640 --> 00:05:29,910 OK, so it is this let me check if I said to myself that six and six plus six is 12. 61 00:05:30,130 --> 00:05:30,590 Okay. 62 00:05:31,030 --> 00:05:38,950 And then one C one plus five, six six plus five 11. 63 00:05:39,160 --> 00:05:50,090 Oh, again, one four and four plus one nine and three to entry into into four one and one two. 64 00:05:50,200 --> 00:05:58,720 OK, so this, these codes when we, when we are here, it's, it's just added the number that we have 65 00:05:58,720 --> 00:06:01,240 put on it again on itself. 66 00:06:01,600 --> 00:06:06,130 So we should try to bypass these things. 67 00:06:06,500 --> 00:06:08,980 OK, let me put it out like this. 68 00:06:09,430 --> 00:06:12,180 What we can do, we say compare here. 69 00:06:12,220 --> 00:06:18,820 We can put a big point on the comparison and try to figure it out how it will look like, oh, you can 70 00:06:18,820 --> 00:06:20,860 just know it. 71 00:06:21,130 --> 00:06:24,310 I mean, you feel it with no to do so. 72 00:06:24,310 --> 00:06:31,270 You like click and Binoy and fill with numbers in. 73 00:06:31,270 --> 00:06:32,500 Yes, ok. 74 00:06:33,610 --> 00:06:35,320 Now it is filled with. 75 00:06:35,320 --> 00:06:35,640 Nope. 76 00:06:35,920 --> 00:06:39,730 OK, so we can try to win this application. 77 00:06:39,730 --> 00:06:41,070 Right, right over here. 78 00:06:41,380 --> 00:06:42,790 Let me try to see what. 79 00:06:42,790 --> 00:06:43,320 What's that. 80 00:06:43,340 --> 00:06:45,120 OK, it's empty of course was me. 81 00:06:45,550 --> 00:06:50,760 So now we can try to win this application here to see the wizard. 82 00:06:50,770 --> 00:07:00,460 We got to understand and and check what the what will be the result of our X, which is. 83 00:07:02,530 --> 00:07:11,260 Let's try before watching again, let's try to put a quick point on this comparison. 84 00:07:11,560 --> 00:07:18,430 OK, so was it a function function and after. 85 00:07:19,670 --> 00:07:21,500 All right, so now it is there. 86 00:07:22,840 --> 00:07:23,830 That is so great. 87 00:07:24,280 --> 00:07:26,880 So we can try to run it again. 88 00:07:28,500 --> 00:07:29,880 So we come here. 89 00:07:32,230 --> 00:07:41,800 OK, we can come here now, we're going to try to put anything that's a bluff and we have to verify. 90 00:07:42,480 --> 00:07:46,170 We have to check how or X will be changed. 91 00:07:46,200 --> 00:07:52,820 OK, so we got something here. 92 00:07:54,420 --> 00:08:07,460 What we get to get this takes is it's X exotics, OK, zero 24, zero F F 20. 93 00:08:08,400 --> 00:08:09,810 We can try to copy it. 94 00:08:11,390 --> 00:08:12,180 Can I go? 95 00:08:12,380 --> 00:08:17,750 Yes, this is Lane, the Lane, and let me try to put it here on. 96 00:08:19,670 --> 00:08:24,450 OK, so we're going to play without delay. 97 00:08:24,620 --> 00:08:29,960 This one is on, OK, so let's try again to verify. 98 00:08:30,080 --> 00:08:31,060 I want to do it again. 99 00:08:33,070 --> 00:08:33,630 Geer's. 100 00:08:36,180 --> 00:08:44,520 So we get to the point now, we can go in here, get in again, let's say this one, and it was under. 101 00:08:47,050 --> 00:08:48,490 So. 102 00:08:49,640 --> 00:08:52,190 As we can detect, it's the same. 103 00:08:53,240 --> 00:08:53,860 Come here. 104 00:08:56,530 --> 00:08:57,540 Let me come here. 105 00:08:59,230 --> 00:08:59,440 Your. 106 00:09:00,190 --> 00:09:00,730 Okay. 107 00:09:00,760 --> 00:09:12,980 Twenty six seven four zero zero twenty four f f twenty again one last time to the 260 to one last time. 108 00:09:14,350 --> 00:09:16,370 Let me try to come back here. 109 00:09:17,680 --> 00:09:19,080 Gun control. 110 00:09:20,560 --> 00:09:23,260 Again, we start. 111 00:09:25,120 --> 00:09:34,240 And go to the entry point, so we are here so we can we want you can come here just for a quick view 112 00:09:34,270 --> 00:09:38,770 and this one or one, two, three, four, five. 113 00:09:38,800 --> 00:09:39,020 Good. 114 00:09:39,040 --> 00:09:39,650 Good job. 115 00:09:39,670 --> 00:09:41,850 OK, so we can go and do it. 116 00:09:41,900 --> 00:09:42,750 OK, ok. 117 00:09:42,820 --> 00:09:44,670 Equipment is here. 118 00:09:46,580 --> 00:09:50,900 No, we don't want this, we want to be. 119 00:09:52,910 --> 00:09:54,500 Jump is. 120 00:09:56,770 --> 00:09:57,240 Look. 121 00:10:02,320 --> 00:10:04,870 Well, now we can win it again. 122 00:10:06,900 --> 00:10:12,800 So let's type something, something like an event under. 123 00:10:14,790 --> 00:10:24,330 OK, can we get back into Syntex Light, so we're going to try to go to all to hellbound hackers on 124 00:10:24,330 --> 00:10:28,590 Killing Machine and password twenty four. 125 00:10:28,620 --> 00:10:36,990 So let me put first twenty six, the password 14, application 14. 126 00:10:37,000 --> 00:10:38,040 So let me put first. 127 00:10:39,090 --> 00:10:39,900 Twenty six. 128 00:10:40,500 --> 00:10:41,340 Twenty six. 129 00:10:41,580 --> 00:10:42,570 Twenty six. 130 00:10:43,900 --> 00:10:54,550 So then for we don't know what if it if it will be good, but we would check it out until X Day and 131 00:10:54,670 --> 00:10:57,940 come here to submit. 132 00:11:00,690 --> 00:11:04,600 Please enter a password, OK, and it's not a problem, I know. 133 00:11:05,370 --> 00:11:14,170 So what we can do, we can try now to put the X password, but the experts issued it with you. 134 00:11:14,790 --> 00:11:22,550 But anyway, so before trying the next step, let me try this 020 for you if. 135 00:11:23,860 --> 00:11:34,180 Zero 24, you, if you would, 24, you will if if 20 and control X. 136 00:11:35,530 --> 00:11:41,760 Is it right for the F f Kennedy if I. 137 00:11:43,900 --> 00:11:44,710 Ta ta ta ta ta. 138 00:11:46,880 --> 00:11:47,630 Zero twenty. 139 00:11:48,620 --> 00:11:52,400 So that you can see let me open it slightly. 140 00:11:52,900 --> 00:11:53,350 OK. 141 00:11:56,270 --> 00:11:57,260 Zero twenty four. 142 00:11:58,200 --> 00:12:06,990 Yeah, it's all right, so let's come back here and just bust it, controlling it, shouldn't we? 143 00:12:07,070 --> 00:12:07,340 What worry? 144 00:12:07,340 --> 00:12:07,830 You see? 145 00:12:08,110 --> 00:12:11,790 OK, so now let's try the next step. 146 00:12:13,740 --> 00:12:16,830 So let me jump in here. 147 00:12:17,220 --> 00:12:17,670 This. 148 00:12:19,860 --> 00:12:29,040 So we are going to try to see what numbers this is, this is represented for us or what is the stream. 149 00:12:32,270 --> 00:12:40,160 OK, here, many people fall into the trap that when they want these applications or even when they 150 00:12:40,160 --> 00:12:46,310 put the weak point, but they don't figure out exactly where the password is, because after having 151 00:12:46,310 --> 00:12:53,810 those operation following the algorithm, they still didn't get the password when they got when they 152 00:12:53,810 --> 00:12:56,930 tried the password on their own account. 153 00:12:56,930 --> 00:12:57,860 And it doesn't work. 154 00:12:58,190 --> 00:13:05,000 So I'm going to show anyway, first thing first, we're going to one application and we can keep doing 155 00:13:05,000 --> 00:13:05,180 it. 156 00:13:05,180 --> 00:13:08,820 So now we in we entered into a point. 157 00:13:09,260 --> 00:13:13,030 OK, so it can be was the code because it's not that much. 158 00:13:13,040 --> 00:13:17,180 So we don't have to search for Olufsen syntax. 159 00:13:17,180 --> 00:13:18,410 So we don't need to do that. 160 00:13:18,710 --> 00:13:22,970 We just have to check for good messages. 161 00:13:23,210 --> 00:13:25,930 And my message is, OK, this is one good. 162 00:13:25,940 --> 00:13:29,130 You're looking at it again, problem and increasingly. 163 00:13:29,180 --> 00:13:29,920 All right. 164 00:13:30,230 --> 00:13:34,120 So what we can do now, we just go a little bit up. 165 00:13:34,580 --> 00:13:38,270 Let me increase the screen for you guys. 166 00:13:38,360 --> 00:13:42,790 OK, so now it's better for, you know, what we can do. 167 00:13:43,100 --> 00:13:51,770 We are going to try in deeper to see what kind of stuff it is required, it says, into your silly. 168 00:13:51,770 --> 00:13:53,300 All right, over here. 169 00:13:53,660 --> 00:14:04,640 So after that, it enters this string and we push it and then the function now will point this string 170 00:14:04,640 --> 00:14:05,450 text out. 171 00:14:05,600 --> 00:14:17,150 So to go to the terminal, OK, and then the population does that, it add 10 on E.S.P register and 172 00:14:17,150 --> 00:14:25,630 then so struck it by eight and then it make a calculation of SBP minus C on it. 173 00:14:26,120 --> 00:14:30,050 OK, so this stuff, does it really matter to us. 174 00:14:30,950 --> 00:14:32,530 This is the calling function. 175 00:14:32,540 --> 00:14:34,840 OK, and what does that mean. 176 00:14:35,090 --> 00:14:38,330 What does the percentage and means in C++. 177 00:14:38,330 --> 00:14:44,650 It's that the, the point out the point if it will be as a decimal number. 178 00:14:44,660 --> 00:14:52,520 So that's why they put D that means the decimal number and then we push that that takes. 179 00:14:52,910 --> 00:14:54,320 Okay and then. 180 00:14:54,970 --> 00:14:55,940 Okay let's go. 181 00:14:55,940 --> 00:14:56,720 Let's go, let's go. 182 00:14:56,720 --> 00:14:58,450 Let's go, let's go, let's go. 183 00:14:59,780 --> 00:15:04,190 What we can see now of data into your celil. 184 00:15:04,880 --> 00:15:09,430 So that means this suja must be the similar numbers of course. 185 00:15:09,440 --> 00:15:13,820 OK, so we can go, go, go, go. 186 00:15:13,850 --> 00:15:15,850 OK, so let's stay here. 187 00:15:16,640 --> 00:15:20,750 We can try to put a point over here guys, so that we don't mess it up. 188 00:15:20,750 --> 00:15:22,220 So let's try to put it now. 189 00:15:22,580 --> 00:15:28,540 So we went over here on the call and then we go down below. 190 00:15:28,910 --> 00:15:32,750 So it had ten on ESPN. 191 00:15:33,470 --> 00:15:48,740 It moves SBP minus C on X and then it goes, this is the result of the X and then it makes a calculation 192 00:15:48,740 --> 00:15:56,360 of it takes time to or plus in X and then they metacognition with the X. 193 00:15:57,140 --> 00:15:58,000 Just wait here. 194 00:15:58,400 --> 00:16:03,680 OK, so now it moves X on EBP minus ten. 195 00:16:04,400 --> 00:16:05,600 OK, interesting. 196 00:16:05,960 --> 00:16:09,560 So we will show all this things when we win this application. 197 00:16:09,560 --> 00:16:18,650 But first thing first, let me try to explain to you and then therefore what it does, it moves SBP 198 00:16:18,650 --> 00:16:20,980 minus ten on E X. 199 00:16:21,380 --> 00:16:32,300 So now what it does is it compares the value of B minus eight now with the X here. 200 00:16:32,460 --> 00:16:40,300 OK, and then if it's not equal to zero job over here, jump over here. 201 00:16:41,160 --> 00:16:41,600 Here. 202 00:16:42,200 --> 00:16:47,150 So as you can see, the address is 203 00:16:50,570 --> 00:16:57,110 four or one three four zero four one three four zero right over here. 204 00:16:57,290 --> 00:16:59,460 OK, so over here. 205 00:16:59,840 --> 00:17:09,260 So now if it is equal now it's not the jump will not be taken. 206 00:17:09,260 --> 00:17:15,120 Therefore it will go right here below and then add minus. 207 00:17:15,140 --> 00:17:18,350 You will see OK on E.S.P and then it will push. 208 00:17:19,540 --> 00:17:20,500 This takes. 209 00:17:21,820 --> 00:17:28,000 To your terminal, and then after pushing this to a terminal, it could have pointed out, call it so 210 00:17:28,030 --> 00:17:39,880 that it can appear on your terminal and yeah, after that again, then on SB minus 10 on E.S.P and Maw's 211 00:17:39,880 --> 00:17:51,740 MBP minus 10, again on E, X and push X must be decimal number and push mistakes and make it appeared 212 00:17:51,790 --> 00:17:52,620 on your terminal. 213 00:17:53,020 --> 00:17:56,840 OK, and then jump to this location. 214 00:17:57,180 --> 00:18:06,750 Alright, so what we can do, we can try to put some equipment over here, wait on the call again. 215 00:18:07,000 --> 00:18:11,770 So let me put it here so that we can go with you step by step. 216 00:18:12,030 --> 00:18:14,370 OK, so now we're going to open the application. 217 00:18:14,380 --> 00:18:16,690 So let me put it a little bit back. 218 00:18:16,900 --> 00:18:17,770 A little bit back. 219 00:18:18,000 --> 00:18:31,030 OK, so we're going to come here on this or debugger or debug and then just click here and one or just 220 00:18:31,510 --> 00:18:32,050 click here. 221 00:18:32,290 --> 00:18:37,450 Sometimes people might say, but it's all it's already here, but it's not because if we click on it, 222 00:18:37,450 --> 00:18:38,210 nothing is here. 223 00:18:38,260 --> 00:18:46,480 OK, so we have to try so that we enter the program because now we are in the entry point so that we 224 00:18:46,480 --> 00:18:47,620 can analyze the code. 225 00:18:48,090 --> 00:18:48,520 Right. 226 00:18:48,760 --> 00:18:51,600 So we click over here, OK. 227 00:18:51,970 --> 00:19:00,010 Now what we can see that degree line is automatically due to to a waypoint, OK? 228 00:19:04,230 --> 00:19:06,100 It says in your cereal. 229 00:19:06,480 --> 00:19:12,930 OK, so we're going to go step by step so that we understand how it works. 230 00:19:13,800 --> 00:19:15,820 Let me try to enter my terminal. 231 00:19:15,840 --> 00:19:21,470 It won't accept anything because we are still in the calling function. 232 00:19:21,480 --> 00:19:24,510 We don't we don't push. 233 00:19:25,730 --> 00:19:33,230 I have eight yet, and therefore four dysfunction doesn't create its own dysfunction, which are calling. 234 00:19:33,270 --> 00:19:40,740 OK, so let me just try to show you we can type one, two, three, four, one, two, three, four. 235 00:19:40,770 --> 00:19:41,720 Nothing is a bit. 236 00:19:41,770 --> 00:19:46,820 OK, so now let's go back here and see if eight. 237 00:19:47,510 --> 00:19:48,470 If eight. 238 00:19:50,200 --> 00:19:54,730 Like this week, we hear of if eight. 239 00:19:55,750 --> 00:19:56,800 Okay, so. 240 00:19:58,190 --> 00:20:01,410 Come back here and automatically it is here. 241 00:20:01,700 --> 00:20:08,600 So let me try to go down, but before that, that hypocenter. 242 00:20:08,810 --> 00:20:10,520 OK, so let's do. 243 00:20:12,420 --> 00:20:18,510 All right, nothing nothing is a because we have said to wait when so the court doesn't know where to 244 00:20:18,510 --> 00:20:18,770 go. 245 00:20:18,990 --> 00:20:20,760 So we keep pressing. 246 00:20:20,760 --> 00:20:25,830 If eight, if eight, let me increase the screen again. 247 00:20:26,640 --> 00:20:27,450 So much. 248 00:20:28,120 --> 00:20:28,770 OK, it's good. 249 00:20:29,430 --> 00:20:33,260 So and then control the value of X. 250 00:20:33,560 --> 00:20:37,590 OK, so let's come back here if eight again. 251 00:20:38,960 --> 00:20:42,320 If aid control the value you see. 252 00:20:43,970 --> 00:20:55,130 Okay, four D two, and then again, if eight, so is going to make the population, so MDX now get 253 00:20:55,310 --> 00:20:56,010 changed. 254 00:20:56,030 --> 00:21:04,460 Okay, let's move now X is nine eight for it has been added. 255 00:21:04,940 --> 00:21:10,040 As you can see that X is moving on this EBP minus 10. 256 00:21:10,090 --> 00:21:13,220 OK, so let's go again. 257 00:21:14,840 --> 00:21:17,940 Okay, so nothing's changed. 258 00:21:17,960 --> 00:21:19,610 Let's go now to see. 259 00:21:20,960 --> 00:21:31,040 But before going to see be over here, what we can do that we can try to modify this so that the code 260 00:21:31,250 --> 00:21:35,900 does a jump into the incorrect serial message. 261 00:21:36,290 --> 00:21:39,200 So let me put this 262 00:21:42,080 --> 00:21:46,000 and we can try to assemble it, OK? 263 00:21:46,880 --> 00:21:47,780 And no. 264 00:21:47,990 --> 00:21:49,330 So now let's come back here. 265 00:21:49,340 --> 00:21:51,770 Over here and compressing of eight. 266 00:21:53,270 --> 00:21:54,200 If eight. 267 00:21:55,750 --> 00:22:06,820 OK, so now we are in the comparison area and the value of it is still the same 94, if you want to 268 00:22:07,180 --> 00:22:13,250 find out which is where you can come here, over here and try to type. 269 00:22:13,600 --> 00:22:20,440 Let me go on on Exar six, eight, nine, a four. 270 00:22:21,430 --> 00:22:30,670 So and then we click on 10, which means the small and then the value is two four, six, eight. 271 00:22:30,700 --> 00:22:37,060 That means it's double eight because we have both one, two, three, four and four and four. 272 00:22:37,060 --> 00:22:41,170 Eight twenty six and two and two for one and one two. 273 00:22:41,200 --> 00:22:44,820 So this is exactly what the code does guys. 274 00:22:44,830 --> 00:22:47,640 So nothing complicated. 275 00:22:47,650 --> 00:22:51,220 So for now, let's begin with if eight. 276 00:22:52,810 --> 00:23:00,560 Kick it its job now into the code, into the job equal to zero. 277 00:23:01,030 --> 00:23:05,220 OK, but it isn't college yet because we have to have eight. 278 00:23:05,550 --> 00:23:14,860 We can try again to launch it again by pressing F eight function F eight to a job. 279 00:23:15,940 --> 00:23:19,820 OK, so now it's jump to the next lane. 280 00:23:19,840 --> 00:23:21,710 It doesn't go wide over here. 281 00:23:21,940 --> 00:23:23,590 OK, so let's check again. 282 00:23:26,620 --> 00:23:33,660 Let's go again, if aid, if aid and control the value of it is to see the change. 283 00:23:34,190 --> 00:23:39,250 Now we are in the area of the pushing phase. 284 00:23:39,730 --> 00:23:41,320 The tax is Kujo. 285 00:23:41,320 --> 00:23:44,690 You carried Lischak eat here, OK? 286 00:23:44,710 --> 00:23:45,200 Nothing. 287 00:23:46,240 --> 00:23:50,620 So let me guess if if aid again. 288 00:23:51,820 --> 00:23:57,700 OK, we get to pull it, so after after printing it, it will be displayed on not doing OK. 289 00:23:57,970 --> 00:24:01,450 So if if eight begins or no one should be there. 290 00:24:04,200 --> 00:24:06,560 OK, good job you got it. 291 00:24:06,580 --> 00:24:09,800 All right, so let's come back over here again. 292 00:24:10,540 --> 00:24:20,170 So now the value of each of E exchange to 15, it is an exact number. 293 00:24:20,450 --> 00:24:29,260 OK, so what we can do for now, because we have seen already over here that we get it, but we don't 294 00:24:29,260 --> 00:24:29,650 know yet. 295 00:24:29,660 --> 00:24:36,580 So let's try to come back here and await this value down. 296 00:24:37,690 --> 00:24:45,420 So it is six 015, so we write it down when people say we can do it by yourself. 297 00:24:45,880 --> 00:24:49,340 One, two three four zero zero zero 15. 298 00:24:49,390 --> 00:24:50,710 So it is an example. 299 00:24:50,980 --> 00:24:57,520 So now we can come back here to this calculator and then we put it here for like 15. 300 00:24:57,520 --> 00:25:01,570 Oops, we get to do it like this or, you know, 15. 301 00:25:03,200 --> 00:25:05,750 Fifteen and go back to Mars. 302 00:25:05,800 --> 00:25:13,170 So in this small number, it is 21, OK, so far so good. 303 00:25:13,700 --> 00:25:24,080 So let's come back here so we can try to WFA it again if eight disvalue is still the same. 304 00:25:25,070 --> 00:25:30,470 The value is still the same, the value is still the same. 305 00:25:30,680 --> 00:25:31,970 Now. 306 00:25:34,110 --> 00:25:40,620 It convert automatically the value of 94 to the result. 307 00:25:41,190 --> 00:25:48,650 So how can we see that you can come back over here again and try to do this? 308 00:25:48,660 --> 00:25:51,150 And it is 94. 309 00:25:51,570 --> 00:26:04,190 So we click on renewed 16 nine a four, and then the value should be equal to two, four, six, eight. 310 00:26:04,380 --> 00:26:05,910 So let's push this. 311 00:26:07,170 --> 00:26:08,550 Come on here. 312 00:26:10,660 --> 00:26:11,410 Excellent. 313 00:26:11,650 --> 00:26:15,540 You see the same thing, the same thing right over here. 314 00:26:16,680 --> 00:26:22,050 Here and here, so therefore we're going to try to push it again. 315 00:26:22,530 --> 00:26:29,700 So now pushing it takes it by pressing F eight, F eight. 316 00:26:29,990 --> 00:26:41,610 OK, now we have to point that takes on terminology with a the value of X, now still nine A4 wide. 317 00:26:41,830 --> 00:26:43,410 So we can check here. 318 00:26:43,560 --> 00:26:44,170 Over here. 319 00:26:44,810 --> 00:26:45,980 Good job, Garrett. 320 00:26:45,990 --> 00:26:46,240 OK. 321 00:26:46,590 --> 00:26:46,890 Good job. 322 00:26:46,900 --> 00:26:47,490 We get it. 323 00:26:47,880 --> 00:26:50,420 So we don't know the password yet. 324 00:26:50,430 --> 00:26:53,280 That means we have to go again. 325 00:26:53,280 --> 00:26:54,840 Go again by pressing F eight. 326 00:26:55,620 --> 00:26:56,460 F eight. 327 00:26:56,890 --> 00:27:05,380 OK, now the value is again 15 the value of X, Y, Y to over here. 328 00:27:06,010 --> 00:27:14,460 OK, so we are going again step by step in function if eight. 329 00:27:15,710 --> 00:27:16,420 OK. 330 00:27:17,680 --> 00:27:27,710 OK, now let's check if the jump will be taken, if it was not so, okay, now we can come back over 331 00:27:27,710 --> 00:27:35,770 here, right here to see that your your the password is this is OK, good. 332 00:27:36,080 --> 00:27:38,350 So we still need this text. 333 00:27:38,370 --> 00:27:43,400 OK, so come back here slightly up. 334 00:27:44,030 --> 00:27:49,640 And if eight again, OK, the value of it, it's still the same. 335 00:27:50,160 --> 00:27:54,990 So now let's try to put a breakpoint on the CMB. 336 00:27:55,370 --> 00:28:02,530 OK, so for this we're going to try to put this in, OK. 337 00:28:02,540 --> 00:28:08,300 And then now we're going to restart the application so we pick one debugger. 338 00:28:09,730 --> 00:28:11,980 Right over here and then we start. 339 00:28:13,870 --> 00:28:22,840 Yes, yes, and then we click here again to enter the entry point of age. 340 00:28:22,850 --> 00:28:23,540 So we are there. 341 00:28:23,560 --> 00:28:29,590 So let's try to go down below so that we can check the messages, OK? 342 00:28:30,790 --> 00:28:31,530 All right. 343 00:28:31,810 --> 00:28:35,770 So let's verify again or jump. 344 00:28:36,790 --> 00:28:38,510 Let me put it like this for you guys. 345 00:28:38,980 --> 00:28:42,580 OK, so this space as usual. 346 00:28:43,000 --> 00:28:48,710 And then here we removed the end and then we can assemble. 347 00:28:52,750 --> 00:28:53,130 And. 348 00:28:54,240 --> 00:28:55,570 OK, now it's right over here. 349 00:28:55,830 --> 00:28:59,700 So let me put it back in just like this. 350 00:29:00,090 --> 00:29:07,600 This might be OK, but so was control after all. 351 00:29:09,030 --> 00:29:14,230 OK, so now it seems, therefore, we're going to try to stop the application. 352 00:29:14,970 --> 00:29:15,810 Nothing is here. 353 00:29:15,890 --> 00:29:22,240 OK, so now let's come back here and start the application or let's go. 354 00:29:22,310 --> 00:29:26,970 You just just want it as you can see that again. 355 00:29:26,970 --> 00:29:30,850 So it jumps exactly to the waypoint side. 356 00:29:31,080 --> 00:29:33,540 So what it says, we don't know. 357 00:29:33,730 --> 00:29:35,550 Let's check into your CV. 358 00:29:35,790 --> 00:29:41,220 OK, so we're going to be afraid, afraid, afraid to enter functions. 359 00:29:41,280 --> 00:29:51,960 OK, so if let me put it a little bit like this for you, OK, this is enough so far if you're was afraid 360 00:29:53,640 --> 00:29:54,540 that we click here. 361 00:29:57,580 --> 00:30:00,860 So we have to enter now the dysfunction. 362 00:30:01,300 --> 00:30:04,470 OK, let me see it, one, two, three, four. 363 00:30:07,090 --> 00:30:14,200 OK, so now it jumps to the add 10 on E! 364 00:30:15,100 --> 00:30:23,340 OK, so lets with F eight go down below and again we will verify the X value. 365 00:30:23,650 --> 00:30:26,950 You can check it either here on this stack over here. 366 00:30:27,310 --> 00:30:27,720 Right. 367 00:30:28,060 --> 00:30:34,240 So we can we will of eight again if eight. 368 00:30:35,710 --> 00:30:40,130 If aid, if aid, if aid more. 369 00:30:40,220 --> 00:30:48,790 OK, now we are we are in June, so it doesn't take the values of the yet because we don't receive aid. 370 00:30:50,770 --> 00:30:55,180 He was afraid again to go to the jungle if eight. 371 00:30:57,250 --> 00:30:59,110 OK, now it takes the jumper. 372 00:30:59,960 --> 00:31:06,090 OK, now what it says is that John is not taken, of course, because it is not equal. 373 00:31:06,140 --> 00:31:10,240 So therefore, it doesn't take the job so that it goes. 374 00:31:10,690 --> 00:31:13,340 Let me let me put it right over here. 375 00:31:13,510 --> 00:31:13,990 All right. 376 00:31:14,200 --> 00:31:17,200 So the value of X is. 377 00:31:18,380 --> 00:31:21,430 Nine, a full 94. 378 00:31:21,470 --> 00:31:27,050 OK, so let's just pressing for eight of eight. 379 00:31:31,540 --> 00:31:36,550 No, we will not try to control things that are pushed on or stack like. 380 00:31:40,670 --> 00:31:52,430 OK, so when I wake up here and we come back here, so we take anything that's a passenger and automatically 381 00:31:52,940 --> 00:31:53,480 we. 382 00:31:54,840 --> 00:32:06,300 Well, the code jumps into the into the white print and pushed a number, of course, exactly my number 383 00:32:06,570 --> 00:32:07,550 into a stack. 384 00:32:07,890 --> 00:32:13,760 So assuming that this is the password, because anything that we typed here. 385 00:32:13,800 --> 00:32:18,100 So if we want, we can just by proceed as we did before. 386 00:32:18,120 --> 00:32:23,790 So when we did it, when we were not able to find the password, we can bypass this jump, not equal 387 00:32:23,790 --> 00:32:24,260 to zero. 388 00:32:24,900 --> 00:32:33,750 But as you can see that everything that we take here, it push it pushes this value into a stack. 389 00:32:34,200 --> 00:32:37,410 Therefore, we can assume that this is the password. 390 00:32:37,530 --> 00:32:46,140 So we're going to try to convert it into a decimal number and try it out or on or on his account. 391 00:32:46,260 --> 00:32:51,690 OK, so you write it down again and then let's go to machine. 392 00:32:55,340 --> 00:33:00,860 All right, so now we are all cutting machines, so we're going to try to convert it first twenty six 393 00:33:00,860 --> 00:33:03,770 and seventy four into a decimal value. 394 00:33:04,430 --> 00:33:08,150 So to do so, we're going to try to open a calculator. 395 00:33:08,330 --> 00:33:09,950 So it is. 396 00:33:10,520 --> 00:33:12,990 I've already got a. 397 00:33:15,120 --> 00:33:19,380 So it was let me come back to Windows Machine. 398 00:33:20,630 --> 00:33:25,170 So twenty six, seventy four, let me open it. 399 00:33:25,400 --> 00:33:27,690 Let me make it bigger for you, okay. 400 00:33:27,890 --> 00:33:30,420 Twenty six, seven, four. 401 00:33:30,980 --> 00:33:35,790 So we're going to come back right here and put it on 16. 402 00:33:36,770 --> 00:33:38,450 It was twenty six. 403 00:33:38,780 --> 00:33:39,650 Seventy four. 404 00:33:40,400 --> 00:33:41,240 Seventy four. 405 00:33:41,750 --> 00:33:44,300 OK, and then now we're going to try a brace then. 406 00:33:45,920 --> 00:33:48,110 OK, nine, eight, four, four. 407 00:33:48,560 --> 00:33:58,490 Okay, so let's come back here and I'm going to type it into all 14 application nine nine. 408 00:33:59,720 --> 00:34:05,200 Eight four four four four injuries we're going to. 409 00:34:08,950 --> 00:34:09,760 Congrats. 410 00:34:10,840 --> 00:34:19,720 Forty five points has been added to you guys, so it's it's not that much harder, but many, many people 411 00:34:19,720 --> 00:34:21,270 find this application is hard. 412 00:34:21,320 --> 00:34:27,720 That's because they don't really know exactly where to look at, because sometimes the value of eight 413 00:34:27,760 --> 00:34:31,720 of X will match and then you might get the person there. 414 00:34:31,730 --> 00:34:39,440 But you got you got to check out what is the text which is pushed into your stack. 415 00:34:39,670 --> 00:34:49,420 So that means here, when we try to enter any kind of value or any password and what we can determine 416 00:34:49,420 --> 00:34:57,250 that or X value entered into the register or right over here gets changed again and again. 417 00:34:57,250 --> 00:35:05,040 But the takes I mean, the exact text, which is which is pushed onto or stuck, never change. 418 00:35:05,050 --> 00:35:08,170 Always it is twenty six, seventy four, twenty six point four. 419 00:35:08,350 --> 00:35:10,950 That means we assume that it is the password. 420 00:35:11,230 --> 00:35:13,720 So it is and it's a decimal form. 421 00:35:13,720 --> 00:35:17,690 So we get to convert it into the decimal so that we can get the password. 422 00:35:17,710 --> 00:35:23,230 OK guys, so we really think that in this video you learn something new. 423 00:35:23,260 --> 00:35:26,020 So go to the next application. 424 00:35:26,030 --> 00:35:28,700 Let me put it back for you. 425 00:35:29,020 --> 00:35:34,960 So go back to your next application and click right over here. 426 00:35:35,830 --> 00:35:41,230 And 15, download the X and extract it and see. 427 00:35:41,680 --> 00:35:42,760 OK, thank you.