Friday, January 19, 2024

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















Related word


  1. Hacker Tools Software
  2. Hacker Tools Linux
  3. Wifi Hacker Tools For Windows
  4. New Hacker Tools
  5. Hacking App
  6. Pentest Tools For Android
  7. Termux Hacking Tools 2019
  8. New Hack Tools
  9. Android Hack Tools Github
  10. Pentest Tools Bluekeep
  11. Hacker Tools Mac
  12. Hack Apps
  13. Hack Tools Download
  14. Pentest Tools Free
  15. Hackrf Tools
  16. Hack Tools For Ubuntu
  17. Hacking Tools And Software
  18. Hacker Tools Linux
  19. Hacking Tools Name
  20. Hacking Tools 2020
  21. Pentest Tools Bluekeep
  22. Hacker Tools Github
  23. Hacker Tools Github
  24. Pentest Tools Nmap
  25. Hacker Tools Free
  26. Pentest Tools Framework
  27. Pentest Tools Apk
  28. Hack Tools For Mac
  29. Pentest Tools For Windows
  30. Hacker Tools For Windows
  31. Hacking Apps
  32. Android Hack Tools Github
  33. Best Hacking Tools 2020
  34. Hack Tools For Windows
  35. Best Pentesting Tools 2018
  36. Pentest Tools For Ubuntu
  37. Pentest Tools Kali Linux
  38. Hack Apps
  39. Tools For Hacker
  40. Hak5 Tools
  41. Pentest Tools Tcp Port Scanner
  42. Hack Website Online Tool
  43. Pentest Tools Bluekeep
  44. Hak5 Tools
  45. Hack Tools Pc
  46. Hacker Tools Apk Download
  47. New Hack Tools
  48. Best Hacking Tools 2020
  49. Hacking Tools Kit
  50. Hacking Tools Free Download
  51. Pentest Tools For Mac
  52. Hacker Tools
  53. Pentest Tools Open Source
  54. Hacking Tools 2019
  55. Pentest Tools For Windows
  56. Termux Hacking Tools 2019
  57. Hack Tools For Mac
  58. Black Hat Hacker Tools
  59. Hack Tools
  60. Hackrf Tools
  61. Hacking Tools Mac
  62. Hacker Tools Windows
  63. Nsa Hack Tools
  64. Hacker
  65. Tools Used For Hacking
  66. Hacking Tools And Software
  67. Hacker Hardware Tools
  68. How To Hack
  69. Tools 4 Hack
  70. Pentest Tools Alternative
  71. Hacker Tools For Ios
  72. Pentest Tools Alternative
  73. Hacking Tools Pc
  74. Hacking Tools Hardware
  75. Pentest Tools Find Subdomains
  76. Tools 4 Hack
  77. Hack Tools For Games
  78. Hacking Tools For Windows 7
  79. Pentest Tools Alternative
  80. Hacking Tools For Beginners
  81. Top Pentest Tools
  82. Hackrf Tools
  83. Pentest Tools Find Subdomains
  84. Pentest Box Tools Download
  85. Hacker
  86. Hacker Tools Free
  87. Pentest Tools Linux
  88. Hacking Tools For Pc
  89. Hacking Tools For Windows Free Download
  90. Hacker Tools Free Download
  91. Pentest Tools Online
  92. Pentest Tools Tcp Port Scanner
  93. Black Hat Hacker Tools
  94. Pentest Tools Url Fuzzer
  95. Pentest Tools For Ubuntu
  96. Pentest Automation Tools
  97. Hack And Tools
  98. Hack Tool Apk No Root
  99. How To Install Pentest Tools In Ubuntu
  100. New Hacker Tools
  101. Hack And Tools
  102. Pentest Tools Android
  103. Pentest Reporting Tools
  104. Hacker Tools Free
  105. Hacking Tools For Windows
  106. New Hack Tools
  107. Hacking Tools 2019
  108. Hacker Tools Github
  109. Nsa Hacker Tools
  110. Hacking Tools 2020
  111. New Hack Tools
  112. Usb Pentest Tools
  113. Hacker Tools Apk
  114. How To Hack
  115. Hacking Tools 2019
  116. Hacks And Tools
  117. Termux Hacking Tools 2019
  118. Hacker Tools List
  119. Pentest Tools Website Vulnerability
  120. Wifi Hacker Tools For Windows
  121. Hacking Tools For Beginners
  122. Hacker Tools Linux
  123. Hacking Tools And Software
  124. Hackrf Tools
  125. Hack Rom Tools
  126. Hacking App
  127. Hacker Tools Github
  128. Hacker Tools For Ios
  129. Game Hacking
  130. Pentest Tools Online
  131. New Hack Tools
  132. Pentest Reporting Tools
  133. Tools Used For Hacking
  134. Best Hacking Tools 2019
  135. Free Pentest Tools For Windows
  136. Hack Apps
  137. Hacker Tools 2019
  138. Hacking Tools Pc
  139. Pentest Tools Framework
  140. Pentest Tools Review
  141. Pentest Tools Website Vulnerability
  142. Hacking Tools Windows 10
  143. Pentest Tools Subdomain
  144. Hacking Tools For Beginners
  145. Hack And Tools
  146. Hack App
  147. Hacking Tools Pc
  148. Nsa Hack Tools
  149. Usb Pentest Tools
  150. Install Pentest Tools Ubuntu
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)