Sunday, January 28, 2024

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction

The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()

If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:

The seed buffer:

So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:

We tried to predict the random and aply the gpu divisions without luck :(

There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:

The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.

The macro:

Related links

  1. Hacks And Tools
  2. Hack Tools
  3. Hacking Tools Windows
  4. Wifi Hacker Tools For Windows
  5. Hacking Tools Pc
  6. Pentest Automation Tools
  7. Hacking Tools Online
  8. Easy Hack Tools
  9. Hacking Tools Github
  10. Hacker Tools For Pc
  11. Pentest Tools Find Subdomains
  12. Hackrf Tools
  13. Pentest Tools Subdomain
  14. Hacking Tools For Beginners
  15. Hacker Tools For Pc
  16. Hack Tools 2019
  17. Pentest Box Tools Download
  18. Hacker Tools Online
  19. Hacking Tools Online
  20. Hacker Tools Hardware
  21. Hack And Tools
  22. Hacking Tools For Windows Free Download
  23. Hacker Tools Mac
  24. Hacker Search Tools
  25. Pentest Tools Framework
  26. Best Pentesting Tools 2018
  27. Pentest Tools Android
  28. Pentest Tools Find Subdomains
  29. Hack Tool Apk
  30. Best Hacking Tools 2019
  31. What Is Hacking Tools
  32. Hacker Tools Hardware
  33. Beginner Hacker Tools
  34. Hacking Tools Hardware
  35. How To Hack
  36. Hacking Tools 2020
  37. Pentest Tools Bluekeep
  38. Best Hacking Tools 2019
  39. How To Install Pentest Tools In Ubuntu
  40. World No 1 Hacker Software
  41. Pentest Tools Framework
  42. Pentest Tools Website
  43. Hacker Tools Software
  44. New Hacker Tools
  45. Hack Tools 2019
  46. Pentest Tools Url Fuzzer
  47. Hacking Tools Github
  48. Pentest Tools Website
  49. Hacks And Tools
  50. Hacking Tools For Pc
  51. Pentest Tools Bluekeep
  52. Pentest Tools Tcp Port Scanner
  53. Hackrf Tools
  54. Hack App
  55. Hack Tools For Pc
  56. Top Pentest Tools
  57. Hack Tools For Pc
  58. Hacker Tools 2019
  59. Hacker Tools For Pc
  60. Hacking Tools For Windows
  61. Hacker Tools
  62. Hackrf Tools
  63. Hacker Tools Software
  64. Pentest Tools Android
  65. Hacking Tools Windows
  66. Hacker Hardware Tools
  67. Black Hat Hacker Tools
  68. Pentest Reporting Tools
  69. Hacking App
  70. How To Install Pentest Tools In Ubuntu
  71. Pentest Automation Tools
  72. Hackrf Tools
  73. Hacking Tools 2019
  74. Pentest Tools Android
  75. Pentest Tools Android
  76. Nsa Hack Tools
  77. Hacking Tools For Games
  78. Pentest Tools For Ubuntu
  79. Tools Used For Hacking
  80. Hacker Tools Apk Download
  81. Pentest Tools Nmap
  82. Growth Hacker Tools
  83. Hacking Tools
  84. Hack Website Online Tool
  85. Hacker Tools Mac
  86. Hacker Tools Apk
  87. Hacker Techniques Tools And Incident Handling
  88. Pentest Tools Find Subdomains
  89. Pentest Reporting Tools
  90. Pentest Tools Download
  91. Hacking Tools Free Download
  92. Hacker Tools For Pc
  93. What Are Hacking Tools
  94. Wifi Hacker Tools For Windows
  95. Pentest Tools Find Subdomains
  96. Pentest Tools Kali Linux
  97. Pentest Tools Open Source
  98. Pentest Tools Website
  99. Hacker Tools Online
  100. Hack Tools Github
  101. Hacker Techniques Tools And Incident Handling
  102. Computer Hacker
  103. Best Hacking Tools 2019
  104. Hacking Tools Github
  105. Hacker Tool Kit
  106. Pentest Tools For Mac
  107. Hack Tools 2019
  108. Hack Rom Tools
  109. Hacking Tools Mac
  110. Pentest Tools Linux
  111. Hack Rom Tools
  112. Hacking Tools Windows 10
  113. Hacking Apps
  114. Pentest Tools Bluekeep
  115. Hacking Tools For Kali Linux