TIME

NEPAL QATAR BELFAST, UK MALAYSIA DUBAI

Wednesday, January 24, 2024

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















Related articles


  1. New Hacker Tools
  2. Pentest Tools Windows
  3. Pentest Tools For Windows
  4. Pentest Tools Nmap
  5. Usb Pentest Tools
  6. Hack Tools For Games
  7. Pentest Tools Nmap
  8. Hack Tools For Pc
  9. Pentest Box Tools Download
  10. Hacking Tools For Windows Free Download
  11. Hacking Tools For Beginners
  12. Hacking Tools Hardware
  13. Pentest Reporting Tools
  14. Pentest Box Tools Download
  15. Hacking Tools Hardware
  16. Hack And Tools
  17. Wifi Hacker Tools For Windows
  18. Github Hacking Tools
  19. Blackhat Hacker Tools
  20. Pentest Tools List
  21. How To Make Hacking Tools
  22. Pentest Reporting Tools
  23. Pentest Recon Tools
  24. Hack Rom Tools
  25. Hack Tools
  26. Hacking Tools 2019
  27. Github Hacking Tools
  28. Hacking Tools Software
  29. Hacker Tools For Mac
  30. Android Hack Tools Github
  31. Hack Tools Mac
  32. Hacking Tools Free Download
  33. Hacking Tools Windows 10
  34. Wifi Hacker Tools For Windows
  35. Hacker Tools
  36. Pentest Tools Download
  37. Pentest Tools Website Vulnerability
  38. Hacking Tools Download
  39. Usb Pentest Tools
  40. Hacker Tools For Windows
  41. Hacker Techniques Tools And Incident Handling
  42. Install Pentest Tools Ubuntu
  43. Nsa Hack Tools
  44. Wifi Hacker Tools For Windows
  45. Hacking Tools For Pc
  46. Usb Pentest Tools
  47. Pentest Tools Tcp Port Scanner
  48. Best Hacking Tools 2020
  49. Hacking Tools Mac
  50. Pentest Tools Website Vulnerability
  51. Hacker Tools For Windows
  52. Pentest Automation Tools
  53. Hacking Tools For Games
  54. Hacker Tools For Windows
  55. Hack And Tools
  56. Hacker Tools Hardware
  57. Hacker Security Tools
  58. New Hack Tools
  59. Nsa Hack Tools Download
  60. Hacking Tools Kit
  61. Pentest Tools Port Scanner
  62. Hack Tools
  63. Hacking Tools For Pc
  64. Hacker Tools Hardware
  65. Hacker Tools Github
  66. How To Install Pentest Tools In Ubuntu
  67. Hack Tools Github
  68. Hacking Tools Name
  69. Pentest Tools Tcp Port Scanner
  70. Hacking Tools For Windows Free Download
  71. Android Hack Tools Github
  72. Hacking Tools Mac
  73. Best Hacking Tools 2020
  74. Hack Tools For Windows
  75. Hacking Tools
  76. Hack Rom Tools
  77. Best Hacking Tools 2019
  78. Hack Tools Pc
  79. Hacking Tools Windows 10
  80. Pentest Tools Windows
  81. Hacker Tools For Mac
  82. Hacking Tools Free Download
  83. How To Make Hacking Tools
  84. Nsa Hack Tools
  85. Hacking App
  86. Hack Tools Github
  87. Hacking Tools For Games
  88. Hacking Tools 2019
  89. Hacking Tools Kit
  90. Hak5 Tools
  91. Hack Tools Online
  92. Pentest Tools Nmap
  93. Hacking Tools For Windows 7
  94. Hacking Tools For Beginners
  95. Hacking Tools For Games
  96. Tools For Hacker
  97. Game Hacking
  98. Pentest Tools Framework
  99. Nsa Hack Tools
  100. Install Pentest Tools Ubuntu
  101. Pentest Tools Alternative
  102. Hacker Tools List
  103. Hacking Tools For Windows
  104. Hacker Hardware Tools
  105. Pentest Tools
  106. Hacker Tools 2019
  107. Hacker Tools Apk
  108. Hacking Tools Software
  109. Pentest Tools Alternative
  110. Top Pentest Tools
  111. Pentest Tools For Android
  112. Beginner Hacker Tools
  113. Hacking Tools Windows 10
  114. Hack Tools For Pc
  115. Hack Tools Pc
  116. Hack Rom Tools
  117. Hack Tool Apk No Root
  118. Hacking Tools For Windows 7
  119. Hacker Tools Apk Download
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)