۱۴۰۲ خرداد ۷, یکشنبه

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















More articles
  1. Hack Tools Pc
  2. Pentest Box Tools Download
  3. Pentest Tools Website
  4. Hack Tools For Mac
  5. Hack Tools Download
  6. Hacker
  7. Install Pentest Tools Ubuntu
  8. Hacker Techniques Tools And Incident Handling
  9. Hacking Tools Download
  10. Wifi Hacker Tools For Windows
  11. Hack Tools Online
  12. Hacker Tools For Mac
  13. Hacker Tools 2020
  14. Pentest Tools Kali Linux
  15. Hacker Tools 2020
  16. Hacking Tools For Windows
  17. Hack Tool Apk
  18. Black Hat Hacker Tools
  19. Hack App
  20. Tools Used For Hacking
  21. Free Pentest Tools For Windows
  22. Nsa Hacker Tools
  23. Pentest Tools Github
  24. Pentest Tools Url Fuzzer
  25. Pentest Tools Framework
  26. Hacker Techniques Tools And Incident Handling
  27. Hacking Tools Windows
  28. Pentest Tools Bluekeep
  29. Hack Tools Github
  30. Hack Tools Download
  31. Bluetooth Hacking Tools Kali
  32. Pentest Tools Kali Linux
  33. Pentest Tools Port Scanner
  34. Pentest Tools Apk
  35. Top Pentest Tools
  36. Pentest Tools For Windows
  37. Hacker Tools Free Download
  38. Hacker Tools For Pc
  39. Pentest Tools Android
  40. Best Hacking Tools 2020
  41. Hacker Tools 2020
  42. Hack Website Online Tool
  43. What Is Hacking Tools
  44. Hacker Tools Linux
  45. Hacker Tools Free Download
  46. Hacker Tools Github
  47. Nsa Hack Tools Download
  48. Hacker Tools 2019
  49. Hacker Tools For Windows
  50. Hacker Tools For Windows
  51. Pentest Tools For Android
  52. Pentest Tools Framework
  53. Hacking Apps
  54. Termux Hacking Tools 2019
  55. Hacker Tools Apk
  56. Hacking Tools For Pc
  57. Hackers Toolbox
  58. Hacking Tools Name
  59. Hack App
  60. Hacker Tools Mac
  61. Pentest Tools Github
  62. Hack Tools Online
  63. Install Pentest Tools Ubuntu
  64. Hacking Tools Download
  65. Nsa Hacker Tools
  66. Android Hack Tools Github
  67. Pentest Tools Website
  68. Hack Tools For Ubuntu
  69. Pentest Tools Subdomain
  70. Pentest Tools For Windows
  71. Hacking Tools Usb
  72. Hack Tools Online
  73. Tools Used For Hacking
  74. Underground Hacker Sites
  75. Pentest Tools Review
  76. Tools 4 Hack
  77. Termux Hacking Tools 2019
  78. Hacking Tools For Beginners
  79. What Is Hacking Tools
  80. Hacking Tools Windows
  81. What Are Hacking Tools
  82. Hack Tools
  83. Hack Tools
  84. Tools Used For Hacking
  85. Pentest Tools Tcp Port Scanner
  86. Hack Tool Apk
  87. Ethical Hacker Tools
  88. Hacking Tools For Pc
  89. Beginner Hacker Tools
  90. Physical Pentest Tools
  91. Pentest Tools Website
  92. Hacking Tools For Beginners
  93. Hacker Tools 2019
  94. Pentest Tools Github
  95. Hacker Tools For Mac
  96. Hack Tool Apk No Root
  97. Hacker Tools For Mac
  98. Hacker Tools Hardware
  99. New Hacker Tools
  100. Hacker Tools For Mac
  101. Hacking Tools For Windows
  102. Hacking Tools And Software
  103. Hacking Tools Download
  104. Hacking Tools For Windows
  105. Pentest Tools Framework
  106. Hack Tools
  107. Hacker Search Tools
  108. How To Make Hacking Tools
  109. Computer Hacker
  110. Hacking Tools Kit
  111. Top Pentest Tools
  112. Hack Tools For Mac
  113. Pentest Tools Nmap
  114. Pentest Tools Alternative
  115. Hacker Tools Online
  116. Hack Tools Download
  117. How To Install Pentest Tools In Ubuntu
  118. Hacking Tools Windows
  119. Pentest Tools Apk
  120. Black Hat Hacker Tools
  121. Hack Tools
  122. Pentest Tools List
  123. Hacking Tools 2019
  124. Hack Tools For Pc
  125. Install Pentest Tools Ubuntu
  126. Nsa Hacker Tools
  127. Pentest Tools Linux
  128. Hackrf Tools

هیچ نظری موجود نیست:

ارسال یک نظر

اشتراک در: نظرات پیام (Atom)