1
00:00:00,780 --> 00:00:01,950
Hello, my name is Stephen.

2
00:00:01,950 --> 00:00:07,860
And now we will talk about a new technique on how to deal with the string's address, which is the GMP

3
00:00:07,860 --> 00:00:08,850
call technique.

4
00:00:08,850 --> 00:00:16,080
So this technique is simply for we need to make first make the GMP instruction to the string.

5
00:00:16,080 --> 00:00:18,480
We want to move to a specific register.

6
00:00:18,480 --> 00:00:24,300
After that we call the actual code using the call instruction, which pushes the strings address to

7
00:00:24,300 --> 00:00:24,870
the stack.

8
00:00:24,900 --> 00:00:27,750
Then we pop the address into that register.

9
00:00:27,750 --> 00:00:36,090
Now when you look at this code, when we write, you will understand it better and you will understand

10
00:00:36,090 --> 00:00:37,050
it fully here.

11
00:00:37,050 --> 00:00:40,650
So now we will create a new text file.

12
00:00:41,590 --> 00:00:43,720
And actually let's instead of creating.

13
00:00:43,990 --> 00:00:46,270
So we have the shell code here.

14
00:00:47,610 --> 00:00:48,000
Let's.

15
00:00:49,200 --> 00:00:49,920
Shellcode.

16
00:00:50,280 --> 00:00:54,480
And in this shellcode let's actually save this in our shellcode here.

17
00:00:55,830 --> 00:00:57,930
Our system is.

18
00:00:59,570 --> 00:01:01,730
Somehow I wrote here.

19
00:01:01,730 --> 00:01:02,540
So yes.

20
00:01:02,540 --> 00:01:07,430
Save as in assembly, not assembly source shell code.

21
00:01:07,430 --> 00:01:09,230
And here we will name it.

22
00:01:10,090 --> 00:01:11,380
Uh, hacked here.

23
00:01:11,620 --> 00:01:12,700
So.

24
00:01:13,460 --> 00:01:18,140
Or yeah had hacked here and that.

25
00:01:19,750 --> 00:01:21,990
Because we will first live right here.

26
00:01:21,990 --> 00:01:25,110
And as you can see here, you didn't have an extension for debugging.

27
00:01:25,110 --> 00:01:26,280
We don't need debugging.

28
00:01:26,280 --> 00:01:29,250
We are doing it manually because we are professionals.

29
00:01:29,250 --> 00:01:29,730
Right.

30
00:01:29,730 --> 00:01:35,430
And what we're going to do is we will use the declare the entry point of the program as the start.

31
00:01:35,430 --> 00:01:40,330
So global start and section text.

32
00:01:40,330 --> 00:01:43,710
This is for the text section containing the actual program code.

33
00:01:43,860 --> 00:01:49,230
And here we will the program will start executing from this label.

34
00:01:49,350 --> 00:01:52,440
So that's why we write this start here.

35
00:01:52,440 --> 00:01:57,060
And after that we will use the GMP, which is a string.

36
00:01:57,060 --> 00:02:04,470
We will add the string here, which means that with this we are jumping to the string label and we also

37
00:02:04,470 --> 00:02:08,190
we will also create here the code label, which.

38
00:02:09,770 --> 00:02:18,830
Ma We will mark at it like the main code section here and we will pop the RSI first layer, which is

39
00:02:18,830 --> 00:02:19,340
the pop.

40
00:02:19,610 --> 00:02:24,950
With this here we are popping the return address of our.

41
00:02:27,260 --> 00:02:30,650
A string label and into our RSI.

42
00:02:30,710 --> 00:02:31,370
So.

43
00:02:32,980 --> 00:02:35,040
And also we will move a.

44
00:02:37,540 --> 00:02:38,230
One.

45
00:02:40,240 --> 00:02:46,210
We are doing this to load the fiscal number for write into al.

46
00:02:47,200 --> 00:02:49,840
Actually, let's use this here.

47
00:02:50,830 --> 00:02:51,430
Yeah.

48
00:02:51,550 --> 00:02:56,420
And after that we will xor rti rti.

49
00:02:56,920 --> 00:03:07,050
With this we are clearing the RDR register for standard output and now we will add the add the RTI one.

50
00:03:07,060 --> 00:03:15,250
We are setting the RTI to one which is the file descriptor for standard output and x or are they x?

51
00:03:15,250 --> 00:03:23,350
Are the x here with this here we are clearing the register, which is the length of the string and we

52
00:03:23,350 --> 00:03:26,140
will add the RDX here again.

53
00:03:26,140 --> 00:03:28,330
And this is the this is going to be.

54
00:03:30,270 --> 00:03:31,350
No, actually.

55
00:03:31,350 --> 00:03:36,090
So our string length is going to be let's actually firstly create a string length here.

56
00:03:36,240 --> 00:03:37,140
String.

57
00:03:39,280 --> 00:03:42,520
So the string label marks a string generation section here.

58
00:03:42,520 --> 00:03:45,910
So we will call the code here and.

59
00:03:47,480 --> 00:03:48,380
Without this here.

60
00:03:48,380 --> 00:03:48,740
Yeah.

61
00:03:48,740 --> 00:03:52,730
And now what we're going to do is we will create our string.

62
00:03:53,420 --> 00:03:54,530
Name it here.

63
00:03:54,530 --> 00:03:57,350
So let's name it hacked.

64
00:03:59,350 --> 00:04:02,800
A is here and we will need to be.

65
00:04:04,620 --> 00:04:06,300
And hacking.

66
00:04:07,490 --> 00:04:08,570
Success.

67
00:04:10,580 --> 00:04:13,700
Or let's actually write malware injected.

68
00:04:14,510 --> 00:04:18,410
And after that we will use the null parameter string here.

69
00:04:18,410 --> 00:04:22,400
We will declare that with this and that's it.

70
00:04:22,400 --> 00:04:27,440
And here what we're going to do is we will add our the X.

71
00:04:28,770 --> 00:04:31,620
And here we will make it.

72
00:04:31,620 --> 00:04:32,790
Let's actually count it.

73
00:04:33,060 --> 00:04:40,640
One, two, three, four, five, six, seven, eight, nine, ten, 11, 12, 13, 14, 15, 16.

74
00:04:40,650 --> 00:04:45,930
So and with this, we have the 17 here with null terminated string.

75
00:04:45,930 --> 00:04:47,370
It counts 17.

76
00:04:47,370 --> 00:04:55,380
And what we're going to do is we will call the syscall to perform the syscall to print the string syscall

77
00:04:55,380 --> 00:05:01,030
here and XOR rex racks.

78
00:05:01,140 --> 00:05:05,140
This is for clearing the rax register, which is this.

79
00:05:05,160 --> 00:05:18,000
And also we will add the set the rax to 60 for the syscall number for exit at rax 60 and we will clear

80
00:05:18,010 --> 00:05:20,190
the register.

81
00:05:22,300 --> 00:05:24,430
Are the I here?

82
00:05:26,350 --> 00:05:27,040
Also.

83
00:05:29,800 --> 00:05:34,450
And after that we will perform the syscall to exit the program.

84
00:05:34,690 --> 00:05:35,500
Cisco.

85
00:05:38,230 --> 00:05:41,110
So that's it with our assembler code here.

86
00:05:41,110 --> 00:05:49,420
Now, as you can see here, we created the call code, Hello World DB and we also ended with null terminated

87
00:05:49,420 --> 00:05:50,240
string.

88
00:05:50,260 --> 00:05:55,300
So let's actually make it a little bit nicer with spaces here.

89
00:05:56,050 --> 00:05:57,400
Delete the.

90
00:05:58,420 --> 00:06:02,590
And this is our spaces here and that's it.

91
00:06:02,710 --> 00:06:06,220
So now let's explain this code deeper.

92
00:06:06,220 --> 00:06:10,870
And so let's start with the Start label.

93
00:06:10,870 --> 00:06:14,000
And this Start label is declared as the program's entry point.

94
00:06:14,020 --> 00:06:17,920
Execution begins in this at this label.

95
00:06:17,920 --> 00:06:26,860
And we also have the GMP string instruction with this GMP string instruction jumps to the string label

96
00:06:27,640 --> 00:06:32,830
as firstly essentially skipping this code section here.

97
00:06:32,830 --> 00:06:38,800
And the code section contains the main code that performs the Shell code's functionality.

98
00:06:38,800 --> 00:06:46,150
And with this here Pop RSI is used to pop the value of the return address, which is the address of

99
00:06:46,150 --> 00:06:50,590
this of this hacked str.

100
00:06:51,920 --> 00:06:58,700
Uh, which and this is the also label from the stack into the rc rc register.

101
00:06:58,700 --> 00:07:05,270
And the value will be used as a pointer to the string and the sequence of instructions starts with the

102
00:07:05,270 --> 00:07:10,220
mov al one and ending with the second cycle.

103
00:07:10,220 --> 00:07:11,080
Here.

104
00:07:11,090 --> 00:07:19,310
This performs the syscall to print the malware injected string to the console and the sequence instruction

105
00:07:19,310 --> 00:07:24,620
after the syscall sets up the syscall exit program.

106
00:07:25,400 --> 00:07:29,720
So and after that we have this string label here.

107
00:07:29,720 --> 00:07:37,550
This marks the section where the string generation occurs and we have the call code is used to call

108
00:07:37,550 --> 00:07:46,190
the code section here, effectively executing the code that prints the malware injected string into

109
00:07:46,190 --> 00:07:47,330
the console.

110
00:07:47,330 --> 00:07:49,340
And here we.

111
00:07:50,820 --> 00:07:57,450
With this label hacked STR and DB malware injected with this.

112
00:07:57,450 --> 00:08:00,990
Here we are declaring the null terminated string.

113
00:08:01,530 --> 00:08:02,840
Malware injected.

114
00:08:02,850 --> 00:08:11,010
So we have the jump instructions here we use the JMP and call instructions are used for control flow

115
00:08:11,220 --> 00:08:15,750
jumping to different parts of the code and we use syscalls here.

116
00:08:15,780 --> 00:08:23,940
This code demonstrates how to use x86 64 Linux syscalls for writing the to the console, which is write

117
00:08:23,940 --> 00:08:34,680
and exiting the program which is exit as we used here Ida and our Rex Rex Rex and we use the register.

118
00:08:34,680 --> 00:08:42,930
So we use various registers here a l r, c, r, d RDX and a x rex.

119
00:08:42,930 --> 00:08:51,910
So we are we use this to pass arguments and perform the Syscalls and here we also generated the.

120
00:08:53,230 --> 00:08:59,020
Null terminated string and we used its address for output.

121
00:09:00,400 --> 00:09:06,550
And now what we're going to do is we will assemble our assembly code here In order to do that, actually

122
00:09:06,550 --> 00:09:11,890
let's create our GDB, which I opened previously here for testing purposes.

123
00:09:11,920 --> 00:09:12,880
Now we will.

124
00:09:12,880 --> 00:09:21,370
And as you can see, we have this Hector ASM and now we will call the Nasm f 64.

125
00:09:22,090 --> 00:09:23,470
So we will name it.

126
00:09:23,470 --> 00:09:31,210
Let's, let's get Hector ASM or Hector object file and that's it.

127
00:09:31,210 --> 00:09:31,960
So.

128
00:09:32,940 --> 00:09:42,740
Now here an Netwide assembler is used to assemble this assembly code and Flif here specifies the output

129
00:09:42,740 --> 00:09:50,420
format as 64 bit elf which is executable and linkable format, which is the format used for most executables

130
00:09:50,420 --> 00:09:52,430
on Linux systems.

131
00:09:52,730 --> 00:10:02,030
And with this here, this is the input assembly code file and this all is object specifies the output

132
00:10:02,030 --> 00:10:09,590
object file which is named Hacksaw, where the assembled machine code will be saved and now we will

133
00:10:09,590 --> 00:10:11,330
link to the object file.

134
00:10:11,330 --> 00:10:15,140
In order to do that, we will use the LD here.

135
00:10:15,140 --> 00:10:16,820
So LD.

136
00:10:18,990 --> 00:10:19,710
Hack.

137
00:10:21,690 --> 00:10:24,000
That all here output file is going to be.

138
00:10:24,800 --> 00:10:25,340
Hacked.

139
00:10:28,290 --> 00:10:38,220
So Aldi is a G and new linker used to link object files into executables and this hacked dot object

140
00:10:38,220 --> 00:10:40,770
file generated from the assembly code.

141
00:10:40,800 --> 00:10:42,630
This is the object file here.

142
00:10:42,630 --> 00:10:48,270
We firstly created in with this here ESM assembler here.

143
00:10:48,270 --> 00:10:57,030
And this with this dot o parameter we are specifying the output executable file name.

144
00:10:57,970 --> 00:11:02,790
Then we are specifying the output executable file name as hacked here.

145
00:11:02,790 --> 00:11:07,440
And now let's actually use this.

146
00:11:07,990 --> 00:11:08,310
Sorry.

147
00:11:08,310 --> 00:11:08,700
Yeah.

148
00:11:10,020 --> 00:11:14,400
And as you can see here, we are printing this malware injected.

149
00:11:14,490 --> 00:11:15,420
So.

150
00:11:16,410 --> 00:11:19,290
Now what we're going to do is we will disassemble the code.

151
00:11:19,290 --> 00:11:21,780
So objdump here.

152
00:11:22,580 --> 00:11:25,820
The Intel hacked.

153
00:11:26,630 --> 00:11:29,060
So that's it.

154
00:11:29,630 --> 00:11:35,870
As you can see here, Objdump is a utility that displays information about object files and executables,

155
00:11:35,870 --> 00:11:38,410
including disassembly of machine code.

156
00:11:38,420 --> 00:11:48,050
And with here we are specifying that the disassembly output should be displayed and m Intel here specifying

157
00:11:48,410 --> 00:11:55,760
we are with this here we are specifying that the output format as Intel style assembly language and

158
00:11:55,760 --> 00:11:59,530
this is the name of the executable file to disassemble.

159
00:11:59,540 --> 00:12:05,960
Now running these commands will assemble the assembly code and link it into executable and then display

160
00:12:05,960 --> 00:12:11,840
the disassembled machine code in Intel style assembly language using the Objdump utility.

161
00:12:11,840 --> 00:12:18,050
So this allows you to see the actual machine instructions that corresponds to your assembly code.

162
00:12:18,050 --> 00:12:22,020
And our journey has led us to a significant milestone.

163
00:12:22,020 --> 00:12:25,290
This is a shellcode that's free from troublesome characters.

164
00:12:25,290 --> 00:12:30,030
Now let's recap our accomplishments.

165
00:12:30,030 --> 00:12:34,770
So to start, we implemented a JMP instruction to navigate to the string.

166
00:12:34,770 --> 00:12:40,560
Subsequently, we employed the call instruction to execute the actual code, and this call instruction

167
00:12:40,560 --> 00:12:44,640
triggers the subsequent instruction to be pushed onto the stack.

168
00:12:44,640 --> 00:12:50,700
Now let's take a closer look within the GDB.

169
00:12:51,000 --> 00:12:54,150
Let me actually check if my voice is recording.

170
00:12:54,150 --> 00:12:54,990
Yeah, perfect.

171
00:12:55,020 --> 00:13:05,400
Now what we're going to do is we will not clear actually, so we will open the new tab, see data source

172
00:13:05,400 --> 00:13:08,910
Shellcode here unless we have the hex here.

173
00:13:08,910 --> 00:13:12,300
So what we're going to do is we will use a GDB.

174
00:13:13,860 --> 00:13:14,250
Hello?

175
00:13:14,340 --> 00:13:14,910
No, no.

176
00:13:14,920 --> 00:13:15,270
Hello.

177
00:13:15,270 --> 00:13:18,900
No hacked here and here.

178
00:13:18,900 --> 00:13:22,260
We need to set the disassembly flavor to Intel syntax.

179
00:13:22,260 --> 00:13:23,310
So set.

180
00:13:23,610 --> 00:13:24,810
Disassembly.

181
00:13:24,810 --> 00:13:25,500
This.

182
00:13:26,950 --> 00:13:28,810
Assembly flavor.

183
00:13:30,700 --> 00:13:31,640
Or Intel.

184
00:13:31,660 --> 00:13:37,600
So this command configures gdb to use Intel style assembly syntax for disassembly.

185
00:13:37,630 --> 00:13:43,690
Now we also need to break set a breakpoint at this start label.

186
00:13:44,840 --> 00:13:46,750
So set.

187
00:13:47,990 --> 00:13:48,640
Yeah.

188
00:13:48,690 --> 00:13:53,540
No, actually, in order to set breakpoint, we will use break start.

189
00:13:53,900 --> 00:14:00,230
And as you can see, we have the breakpoint at a 4010 zero zero.

190
00:14:01,770 --> 00:14:04,740
4010 zero zero.

191
00:14:05,850 --> 00:14:14,400
So as you can see here, we have set the break breakpoint in here in the start section of our no in

192
00:14:14,400 --> 00:14:19,560
the text section, in the start phase of our program in the start label.

193
00:14:19,920 --> 00:14:23,430
And now what we're going to do is let's actually.

194
00:14:25,300 --> 00:14:27,130
Quarter here and.

195
00:14:28,800 --> 00:14:30,150
We will run this code.

196
00:14:30,750 --> 00:14:31,230
Run.

197
00:14:31,230 --> 00:14:34,860
And as you can see, we are we are in this breakpoint.

198
00:14:35,070 --> 00:14:44,010
So this command here, this run command starts the execution of the program and stops at this Start

199
00:14:44,010 --> 00:14:49,650
label due to the breakpoint we defined here and now what we are going to do.

200
00:14:49,650 --> 00:14:51,840
We will use a step here.

201
00:14:51,840 --> 00:14:57,810
So this command executes one instruction at a time and provides you with the assembly and register information

202
00:14:57,810 --> 00:14:59,040
for that instruction.

203
00:14:59,040 --> 00:15:04,230
So now let's use that several times and let's see what happens.

204
00:15:05,030 --> 00:15:05,900
So.

205
00:15:08,010 --> 00:15:08,670
And that's it.

206
00:15:08,670 --> 00:15:15,030
So by using this step command, you are moving through the program on one assembly instruction at a

207
00:15:15,030 --> 00:15:15,570
time.

208
00:15:15,570 --> 00:15:19,920
So one, two, three, four, five, six, seven.

209
00:15:19,920 --> 00:15:20,520
Right.

210
00:15:20,520 --> 00:15:24,600
So one, two, three, four, five, six, seven.

211
00:15:24,600 --> 00:15:26,040
Not actually from here.

212
00:15:26,160 --> 00:15:28,950
One, two, three, four, five, six, seven.

213
00:15:28,950 --> 00:15:30,360
And this is the cycle.

214
00:15:30,360 --> 00:15:32,760
And as you can see, we printed.

215
00:15:32,760 --> 00:15:36,450
And after that, this is the exit code of our assembly program.

216
00:15:36,450 --> 00:15:43,050
So as you continue to use this step command, you will be able to see how the control flow progresses

217
00:15:43,050 --> 00:15:46,470
and how each instruction modifies registers and memory.

218
00:15:46,470 --> 00:15:52,740
So this step by step analysis is a great way to gain a deeper understanding of how your assembly code

219
00:15:52,740 --> 00:15:56,610
is executed and how the program's behavior evolves.

220
00:15:56,640 --> 00:16:00,300
Now we will use this layout.

221
00:16:01,660 --> 00:16:06,820
So as you can see, this program is not being run because it's already executed and exited normally

222
00:16:06,820 --> 00:16:07,960
without any errors.

223
00:16:07,990 --> 00:16:10,300
Now, what we're going to do is we will run this program again.

224
00:16:10,300 --> 00:16:12,670
And as you can see, we had a breakpoint here.

225
00:16:12,670 --> 00:16:14,770
So now we will use the layout.

226
00:16:15,100 --> 00:16:15,880
Layout.

227
00:16:16,690 --> 00:16:18,850
You will love this here.

228
00:16:18,850 --> 00:16:21,280
So that's it, right?

229
00:16:21,280 --> 00:16:22,720
This is what we wanted here.

230
00:16:22,720 --> 00:16:30,430
So this command sets up the assembly layout, allowing to view the assembly code and corresponding source

231
00:16:30,430 --> 00:16:34,090
code side by side in this GDB interface.

232
00:16:34,090 --> 00:16:39,880
So this can be incredibly helpful for understanding the relationship between the assembly instructions

233
00:16:39,880 --> 00:16:41,590
and high level source code.

234
00:16:41,590 --> 00:16:47,400
With this layout you can easily follow the flow of the instructions as you step through the program's

235
00:16:47,410 --> 00:16:48,190
execution.

236
00:16:48,190 --> 00:16:55,090
So by entering this layout you have activated and activated the assembly layout and you should now see

237
00:16:55,090 --> 00:17:02,870
the assembly code on the left side of this GDB interface and any corresponding source code on the right

238
00:17:02,870 --> 00:17:03,410
side.

239
00:17:03,410 --> 00:17:09,320
And this layout enables you to track the execution of instructions while simultaneously observing the

240
00:17:09,320 --> 00:17:12,950
context of your code in this source file.

241
00:17:12,950 --> 00:17:13,670
So.

242
00:17:15,280 --> 00:17:20,240
Now what we're going to do is we will let's actually use the step here step.

243
00:17:20,450 --> 00:17:22,130
And as you can see, we are jumping, right?

244
00:17:22,130 --> 00:17:25,970
So step E after this syscall.

245
00:17:27,500 --> 00:17:33,110
Then that's because this program malware injected and this program exited normally.

246
00:17:34,280 --> 00:17:35,180
Now.

247
00:17:36,920 --> 00:17:38,480
What are we going to do is.

248
00:17:44,050 --> 00:17:45,700
We will run this program again.

249
00:17:46,090 --> 00:17:46,900
Run.

250
00:17:46,920 --> 00:17:48,160
And.

251
00:17:49,550 --> 00:17:50,720
Sexually acquitted?

252
00:17:51,800 --> 00:17:52,700
Yes.

253
00:17:53,800 --> 00:17:54,940
Run it again.

254
00:17:56,040 --> 00:17:59,150
Break at start and layout.

255
00:18:00,700 --> 00:18:01,630
And run.

256
00:18:03,020 --> 00:18:03,530
Here.

257
00:18:07,890 --> 00:18:08,490
Yeah.

258
00:18:09,400 --> 00:18:15,100
Now what we're going to do is here we will need to analyze it deeper.

259
00:18:15,100 --> 00:18:17,200
And now.

260
00:18:19,420 --> 00:18:22,930
Let's actually use the step I.

261
00:18:25,020 --> 00:18:28,050
So we are at this here and this one.

262
00:18:28,050 --> 00:18:31,680
We also have this B row here and this.

263
00:18:32,570 --> 00:18:35,450
The with this plus means break point here.

264
00:18:35,720 --> 00:18:41,440
And we jumped from here to here.

265
00:18:41,450 --> 00:18:42,160
Right.

266
00:18:42,220 --> 00:18:45,110
Where with using the GMP here.

267
00:18:46,370 --> 00:18:52,700
And here the output, as you can see here, the looks like this.

268
00:18:53,180 --> 00:18:57,050
And there's a some interesting things we need to discover here.

269
00:18:57,050 --> 00:18:57,630
Right.

270
00:18:57,650 --> 00:18:58,460
So.

271
00:18:59,690 --> 00:19:02,180
What are we going to do Here is.

272
00:19:04,130 --> 00:19:04,850
As you can see.

273
00:19:04,910 --> 00:19:07,700
Xor we also.

274
00:19:08,620 --> 00:19:11,050
Let's actually step in again.

275
00:19:11,110 --> 00:19:11,890
Step.

276
00:19:12,980 --> 00:19:13,330
Oops.

277
00:19:14,000 --> 00:19:14,570
Yeah.

278
00:19:16,270 --> 00:19:17,020
Step.

279
00:19:17,050 --> 00:19:17,590
Step.

280
00:19:20,110 --> 00:19:20,830
Here.

281
00:19:21,580 --> 00:19:23,110
We need to see this.

282
00:19:24,990 --> 00:19:29,850
So you don't have to write the step every time just by entering pressing enter.

283
00:19:30,060 --> 00:19:32,340
You can call the step here.

284
00:19:34,180 --> 00:19:40,810
No assemble available because the program is having have already run here.

285
00:19:50,260 --> 00:19:53,590
And as you can see here, after the start.

286
00:19:54,760 --> 00:20:02,830
The address of our tagged str, which is also called the malware injected, but we will call it hacked

287
00:20:02,920 --> 00:20:07,420
STR because this is the variable name and not the value.

288
00:20:07,420 --> 00:20:17,200
And this address of this hacked STR string is pushed into the stack and the next instruction is somewhere

289
00:20:17,200 --> 00:20:22,290
pop RC here which moves the address of the hello.

290
00:20:22,300 --> 00:20:33,090
No, the which moves the heart address of the malware injected string from the stack to the RC register.

291
00:20:33,100 --> 00:20:40,570
Now in the next lecture we will create this shellcode and we will execute it within the C program.

292
00:20:40,570 --> 00:20:42,250
And I'm waiting you in next lecture.

293
00:20:42,250 --> 00:20:56,020
So and this is it with our program and and exciting times lie ahead in our shellcode exploration and

294
00:20:56,020 --> 00:21:03,940
in this in next lecture also I want to tell you that we will delve into the intriguing process of generating

295
00:21:03,940 --> 00:21:07,510
and executing our meticulously crafted Shellcode.

296
00:21:07,540 --> 00:21:14,800
Together, we will witness the practical implementation of the concepts we have been mastering so far,

297
00:21:14,800 --> 00:21:22,450
and I'm eagerly anticipating our next section where we will dive into the realm of live execution and

298
00:21:22,450 --> 00:21:24,580
see our shellcode in action.

299
00:21:24,580 --> 00:21:30,130
Until then, feel free to prepare any questions or ideas you would like to discuss further.

300
00:21:30,160 --> 00:21:31,720
See you in the next lecture.