Tuesday, January 23, 2024

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















Related links


  1. How To Hack
  2. Hack Tools For Games
  3. Pentest Automation Tools
  4. Pentest Tools Github
  5. Hack Tool Apk
  6. Hack Tools For Ubuntu
  7. Pentest Box Tools Download
  8. Wifi Hacker Tools For Windows
  9. Hack Tools
  10. Pentest Tools For Android
  11. Pentest Tools Port Scanner
  12. Hack Tools For Windows
  13. Hacking App
  14. Easy Hack Tools
  15. Hacking Tools Mac
  16. Tools For Hacker
  17. Hacker Search Tools
  18. Hacker Tools 2019
  19. Pentest Tools
  20. Physical Pentest Tools
  21. Pentest Tools Website Vulnerability
  22. What Are Hacking Tools
  23. Hack Website Online Tool
  24. Hack Tools For Pc
  25. Computer Hacker
  26. Hacker Tools For Pc
  27. Hacker Tools Free
  28. Tools For Hacker
  29. Hacker Tools For Pc
  30. Ethical Hacker Tools
  31. Hacker Tools Mac
  32. Blackhat Hacker Tools
  33. Hacking Tools Mac
  34. Pentest Tools Apk
  35. Pentest Tools Windows
  36. Top Pentest Tools
  37. Growth Hacker Tools
  38. Nsa Hack Tools Download
  39. Hack Tools Online
  40. Hacking Tools Name
  41. Hacking Tools For Pc
  42. Hacker Tools For Ios
  43. Hacker Security Tools
  44. What Are Hacking Tools
  45. Pentest Tools Review
  46. Hack Rom Tools
  47. Pentest Tools Url Fuzzer
  48. Hacking Tools Windows 10
  49. Hacker Tools Github
  50. Hackrf Tools
  51. Hack Tools Online
  52. Hacker Tools 2019
  53. Hacking Tools For Kali Linux
  54. Termux Hacking Tools 2019
  55. Hacking Apps
  56. Hacker Techniques Tools And Incident Handling
  57. Hacker Tools For Mac
  58. Hack Tool Apk No Root
  59. Hacker Hardware Tools
  60. Install Pentest Tools Ubuntu
  61. Install Pentest Tools Ubuntu
  62. Game Hacking
  63. Hack Tools Mac
  64. Hack Tools 2019
  65. Pentest Tools Open Source
  66. Hacker Tools
  67. Hacking Tools For Pc
  68. Best Hacking Tools 2019
  69. Hack Tools For Mac
  70. Hacking Tools Github
  71. Hacking Tools For Windows Free Download
  72. Top Pentest Tools
  73. Pentest Tools Website Vulnerability
  74. Pentest Tools Android
  75. Hacker Tools Github
  76. Pentest Tools List
  77. Nsa Hacker Tools
  78. Hacker Tools For Windows
  79. Hacking Tools Pc
  80. Hacking Tools Software
  81. Hacker Tools Apk Download
  82. Free Pentest Tools For Windows
  83. What Are Hacking Tools
  84. Hack Tools Mac
  85. Hack Tools Pc
  86. Hack Tools For Mac
  87. Hacker Tools Software
  88. Pentest Tools Review
  89. Hack Tool Apk No Root
  90. Hacking Tools Usb
  91. Hacking Tools Kit
  92. Hacker Tools Windows
  93. Best Hacking Tools 2020
  94. Tools Used For Hacking
  95. Hack Tools For Pc
  96. Hack Tools For Mac
  97. Pentest Tools List
  98. Termux Hacking Tools 2019
  99. Pentest Tools
  100. Android Hack Tools Github
  101. Hacker Security Tools
  102. Hack Tools For Mac
  103. Physical Pentest Tools
  104. World No 1 Hacker Software
  105. Physical Pentest Tools
  106. Android Hack Tools Github
  107. Pentest Tools Apk
  108. Hacker Tools Windows
  109. Hack Rom Tools
  110. Hacking Tools For Beginners
  111. Pentest Tools Url Fuzzer
  112. Hacking App
  113. Computer Hacker
  114. Pentest Tools For Mac
  115. Usb Pentest Tools
  116. Hacking Tools Mac
  117. Hacking Tools Kit
  118. Ethical Hacker Tools
  119. How To Install Pentest Tools In Ubuntu
  120. Hacking Tools Windows
  121. Pentest Tools Open Source
  122. Pentest Tools For Android
  123. Hack Tools For Mac
  124. Pentest Tools Linux
  125. Pentest Tools Alternative
  126. Pentest Tools Tcp Port Scanner
  127. Hacker Hardware Tools
  128. New Hacker Tools
  129. Hack Tools For Games
  130. Hack Tool Apk No Root
  131. Hack App
  132. Game Hacking
  133. Pentest Tools For Ubuntu
  134. Hack Tools 2019
  135. Hacking Tools For Pc
  136. Hak5 Tools
  137. Pentest Tools For Mac
  138. Pentest Tools Online
  139. Install Pentest Tools Ubuntu
  140. Hack Tools Mac
  141. Hack App
  142. Nsa Hack Tools Download
  143. Hack And Tools
  144. Hack Tools For Ubuntu
  145. Tools For Hacker
  146. Blackhat Hacker Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)