Friday, June 2, 2023

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















Related word
  1. Hacking Tools Usb
  2. Hacker Tools Software
  3. Hack Apps
  4. Hacking Tools Pc
  5. Usb Pentest Tools
  6. Pentest Tools For Mac
  7. Hacking Tools Mac
  8. Wifi Hacker Tools For Windows
  9. Tools Used For Hacking
  10. Pentest Tools Website
  11. Hack Tools For Windows
  12. Best Hacking Tools 2019
  13. Hack Website Online Tool
  14. Hacker Tools Apk Download
  15. Hacker Tools Software
  16. Best Hacking Tools 2020
  17. Hacking Tools Pc
  18. Nsa Hacker Tools
  19. Hacking Tools Usb
  20. Pentest Box Tools Download
  21. Underground Hacker Sites
  22. Underground Hacker Sites
  23. Nsa Hack Tools Download
  24. Beginner Hacker Tools
  25. Github Hacking Tools
  26. Hacking Tools Mac
  27. Best Pentesting Tools 2018
  28. Hacking Tools For Windows
  29. Best Pentesting Tools 2018
  30. Hacking Tools Github
  31. Computer Hacker
  32. Hack Tools For Games
  33. Android Hack Tools Github
  34. Hacking Tools Windows
  35. Android Hack Tools Github
  36. Usb Pentest Tools
  37. Hack Tools For Pc
  38. Pentest Tools Github
  39. Hacker Security Tools
  40. Hacker Tools For Mac
  41. Tools Used For Hacking
  42. What Is Hacking Tools
  43. New Hacker Tools
  44. Pentest Tools Port Scanner
  45. Hackers Toolbox
  46. Hacker Tools Apk
  47. Hacking Tools Windows 10
  48. Pentest Tools Apk
  49. Pentest Automation Tools
  50. Hacking Tools For Beginners
  51. Hacker Tools Free Download
  52. Pentest Tools Website
  53. Tools 4 Hack
  54. Hacker Tools Free Download
  55. Hacker Tools For Mac
  56. Hacker Tools For Pc
  57. Pentest Tools Download
  58. Kik Hack Tools
  59. Hacker Security Tools
  60. Tools For Hacker
  61. Hacking Tools 2020
  62. Hack Tools For Pc
  63. Best Hacking Tools 2020
  64. Hack Tools Github
  65. Hacker Tools Hardware
  66. Pentest Tools Find Subdomains
  67. Pentest Tools List
  68. Pentest Tools Subdomain
  69. Ethical Hacker Tools
  70. Hacking Tools For Beginners
  71. Pentest Tools Github
  72. Hacker Tools Online
  73. New Hacker Tools
  74. Hacker Tools Windows
  75. Hackrf Tools
  76. Hacks And Tools
  77. How To Make Hacking Tools
  78. Hacking Tools Github
  79. Hacking Tools Usb
  80. Pentest Tools Apk
  81. Hacking Tools For Pc
  82. Hacking Tools And Software
  83. Pentest Recon Tools
  84. World No 1 Hacker Software
  85. Pentest Tools For Ubuntu
  86. Hacking Tools Windows
  87. Hack Tools For Mac
  88. What Are Hacking Tools
  89. Hacking Tools And Software
  90. Hacking Tools Download
  91. Nsa Hacker Tools
  92. Hack Apps
  93. Nsa Hacker Tools
  94. Best Hacking Tools 2020
  95. How To Hack
  96. Hacker Tools Apk Download
  97. Underground Hacker Sites
  98. Pentest Tools Alternative
  99. Hack Rom Tools
  100. Hack Tools For Windows
  101. Hacker Tools Apk Download
  102. Hacker Tools For Windows
  103. Hacker Tools Free
  104. Hacking Tools Pc
  105. Hacker Tools Mac
  106. Hack Tool Apk No Root
  107. Hak5 Tools
  108. What Are Hacking Tools
  109. Hacker Tools 2020
  110. Hacking Tools
  111. Free Pentest Tools For Windows
  112. Pentest Tools Review
  113. Pentest Tools For Ubuntu
  114. Hacker Tools Free Download
  115. Hack Website Online Tool
  116. Pentest Tools Kali Linux
  117. Pentest Tools Tcp Port Scanner
  118. Pentest Tools Android
  119. Pentest Reporting Tools
  120. Hacking Tools Software
  121. Top Pentest Tools
  122. Pentest Tools Free
  123. Install Pentest Tools Ubuntu
  124. Hacks And Tools
  125. Hack Tools For Ubuntu
  126. Pentest Tools For Ubuntu
  127. Install Pentest Tools Ubuntu
  128. Tools For Hacker
  129. Hacker Tools Free
  130. Hack Tool Apk No Root
  131. Hack Tools Online
  132. Hacking Tools Download
  133. Hack Tools Online
  134. Pentest Tools Github
  135. Hack Tools Download
  136. How To Make Hacking Tools
  137. Best Hacking Tools 2020
  138. Pentest Tools Windows
  139. Hacker Tools List
  140. Pentest Tools List
  141. Termux Hacking Tools 2019
  142. Pentest Tools Alternative
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)