Saturday, January 27, 2024

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















Related articles


  1. Hacking Tools Kit
  2. Github Hacking Tools
  3. Pentest Tools Github
  4. Hack Tools For Pc
  5. Hack Tools
  6. Hacker Tools Windows
  7. Hack Tools Mac
  8. World No 1 Hacker Software
  9. Hack Tools For Mac
  10. Hack Tools For Pc
  11. Hacker Tools Apk
  12. Hack Tools Github
  13. Kik Hack Tools
  14. Hacking Tools And Software
  15. Hacking Tools Usb
  16. Pentest Tools Review
  17. Nsa Hack Tools
  18. Hack Rom Tools
  19. Hacker Tools Windows
  20. Hacker Tools Software
  21. What Is Hacking Tools
  22. Hack Apps
  23. Top Pentest Tools
  24. Pentest Tools Nmap
  25. Pentest Tools Website
  26. Hacker Tools Hardware
  27. Hacker Tools Hardware
  28. Tools Used For Hacking
  29. Pentest Tools Nmap
  30. Hacking Tools
  31. Tools 4 Hack
  32. Ethical Hacker Tools
  33. Pentest Tools Apk
  34. Hacking Tools Online
  35. Hack App
  36. Pentest Tools Open Source
  37. Hack Tools For Pc
  38. Pentest Tools For Mac
  39. Hack Tool Apk
  40. Wifi Hacker Tools For Windows
  41. Hacking Tools Usb
  42. Tools 4 Hack
  43. Hack Website Online Tool
  44. Pentest Tools Website Vulnerability
  45. Hack Tools Pc
  46. New Hacker Tools
  47. Hacking Tools Online
  48. Termux Hacking Tools 2019
  49. Hack Website Online Tool
  50. Tools For Hacker
  51. Termux Hacking Tools 2019
  52. Hacker Tools Linux
  53. Kik Hack Tools
  54. Best Pentesting Tools 2018
  55. Hacking Tools For Games
  56. Pentest Tools Apk
  57. Android Hack Tools Github
  58. Android Hack Tools Github
  59. Hacker Tools 2020
  60. Hacker Tools For Ios
  61. Blackhat Hacker Tools
  62. Hacker Tools Software
  63. Hacker
  64. Hacking Tools Software
  65. Pentest Tools Github
  66. Hacking Tools Free Download
  67. Pentest Tools Website
  68. Pentest Tools Free
  69. Hacker
  70. Wifi Hacker Tools For Windows
  71. Hacking Tools For Windows 7
  72. Best Hacking Tools 2019
  73. Easy Hack Tools
  74. Hacking Tools Name
  75. Pentest Box Tools Download
  76. Hackers Toolbox
  77. Hacker Tools Apk Download
  78. Hacking Tools Download
  79. Pentest Tools Framework
  80. Hacker Tools For Mac
  81. Hacker Tools Windows
  82. Nsa Hack Tools Download
  83. Hack Tools For Games
  84. Hacking Tools For Kali Linux
  85. Hacking Tools For Pc
  86. Hacker Techniques Tools And Incident Handling
  87. Pentest Tools Free
  88. Pentest Tools Nmap
  89. Pentest Tools For Mac
  90. Hacker Tools
  91. Hack Rom Tools
  92. Tools 4 Hack
  93. Hack Tools For Windows
  94. Hacker Tools Free
  95. Pentest Box Tools Download
  96. Pentest Tools Review
  97. Hack Tools
  98. Hack App
  99. Hacker Tools Apk Download
  100. Tools For Hacker
  101. Hack Tools Online
  102. Hacking Tools For Mac
  103. Black Hat Hacker Tools
  104. Android Hack Tools Github
  105. Hack Tools For Mac
  106. Hacking Tools Mac
  107. Hack Tools For Mac
  108. Hacking App
  109. Hack Tool Apk
  110. Hacking Tools Name
  111. Hack Tools For Mac
  112. Pentest Tools
  113. Underground Hacker Sites
  114. Hack Tools Github
  115. Wifi Hacker Tools For Windows
  116. Hacker Tools Windows
  117. Hacking Tools For Beginners
  118. Top Pentest Tools
  119. Tools For Hacker
  120. Hacking Tools For Games
  121. How To Install Pentest Tools In Ubuntu
  122. Top Pentest Tools
  123. Hacking Tools For Windows 7
  124. Hacking Tools 2019
  125. World No 1 Hacker Software
  126. Blackhat Hacker Tools
  127. Pentest Tools For Windows
  128. Hacking Tools For Beginners
  129. Hacking Tools Online
  130. How To Hack
  131. Pentest Tools Free
  132. Hacker Tools Apk
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)