PENGUMUMAN...!!!


SOLAT HAJAT DI TUNDA KE 24HB OGOS 2008 - UST SALLEH MAN

Wednesday, May 31, 2023

ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















More info


  1. Hack Tools For Mac
  2. Pentest Tools Port Scanner
  3. Pentest Tools Nmap
  4. Hacking Tools
  5. Pentest Tools Website Vulnerability
  6. Hack Rom Tools
  7. Hacker Hardware Tools
  8. Hack And Tools
  9. Nsa Hacker Tools
  10. Pentest Automation Tools
  11. Hacker Tools For Ios
  12. Android Hack Tools Github
  13. Physical Pentest Tools
  14. Best Hacking Tools 2020
  15. Pentest Tools Android
  16. Pentest Tools List
  17. Hackers Toolbox
  18. Hacker Tools
  19. Hack Tool Apk No Root
  20. Pentest Tools
  21. Hacking Tools Free Download
  22. Hacking Tools Github
  23. Hack Tools For Mac
  24. Hack Apps
  25. Pentest Tools List
  26. Tools Used For Hacking
  27. Hacker Tools 2019
  28. Pentest Tools Open Source
  29. Hak5 Tools
  30. Best Hacking Tools 2020
  31. Hacker Tools Online
  32. Computer Hacker
  33. Hacking Tools Windows
  34. Hacking App
  35. Hacker Tools For Mac
  36. Hacking Tools For Games
  37. Hack Rom Tools
  38. Hack Tools For Games
  39. Pentest Box Tools Download
  40. Hack Tool Apk
  41. Pentest Tools Review
  42. Hack Tool Apk
  43. Pentest Tools For Ubuntu
  44. Hacking Tools Download
  45. Hacker Tools Github
  46. What Is Hacking Tools
  47. Hacker Hardware Tools
  48. Pentest Tools Tcp Port Scanner
  49. Hack Rom Tools
  50. Hack Tools Online
  51. Pentest Tools Website Vulnerability
  52. Hacker Tools
  53. Pentest Tools List
  54. Pentest Tools Android
  55. Hack Tools For Games
  56. Pentest Tools Apk
  57. Hacker Tools Free
  58. Pentest Tools Nmap
  59. Blackhat Hacker Tools
  60. Growth Hacker Tools
  61. Termux Hacking Tools 2019
  62. Hack Rom Tools
  63. Hacker Tool Kit
  64. Tools For Hacker
  65. Hacking Tools
  66. Pentest Tools Tcp Port Scanner
  67. Hacking Tools For Pc
  68. New Hack Tools
  69. Pentest Tools Download
  70. Hacker Tools For Windows
  71. Hacker Tools Mac
  72. Pentest Tools Find Subdomains
  73. Hack Website Online Tool
  74. Hack Tools Online
  75. Hack Tools 2019
  76. Pentest Tools Free
  77. Pentest Tools Review
  78. World No 1 Hacker Software
  79. Hacker Tools Linux
  80. Hack Tools Pc
  81. Hack Tools For Windows
  82. Bluetooth Hacking Tools Kali
  83. Hacker Tools Software
  84. Hack Apps
  85. Tools For Hacker
  86. Hack And Tools
  87. Hacking Tools For Games
  88. How To Install Pentest Tools In Ubuntu
  89. Hacking Tools Hardware
  90. Hacking Tools 2020
  91. Hacking Tools Github
  92. Underground Hacker Sites
  93. Hack Tools For Windows
  94. Pentest Tools Apk
  95. Hackers Toolbox
  96. Hacker Tool Kit
  97. Hack Tools Mac
  98. Easy Hack Tools
  99. Pentest Tools For Android
  100. Hack Apps
  101. Hack App
  102. Hack Tools
  103. Nsa Hack Tools
  104. Hackers Toolbox
  105. Hackrf Tools
  106. Hack Rom Tools
  107. Hacker Tools
  108. Hacker Tools Windows
  109. Hack Tools Github
  110. Hacking Tools 2019
  111. Hacking Tools For Games
  112. Pentest Tools Framework
  113. Hacking Tools Download
  114. Hacking Tools Windows
  115. Pentest Tools Free
  116. How To Make Hacking Tools
  117. Hack Tools Github
  118. What Are Hacking Tools
  119. Best Hacking Tools 2019
  120. Pentest Tools Nmap
  121. Tools Used For Hacking
  122. Pentest Tools Review
  123. Hacking Tools For Pc
  124. Top Pentest Tools
  125. New Hacker Tools
  126. Hack Rom Tools
  127. Termux Hacking Tools 2019
  128. World No 1 Hacker Software
  129. Hacking Tools Online
  130. Hacker Search Tools
  131. Hack Tools
  132. Hacker Tools For Ios
  133. Physical Pentest Tools
  134. Hack And Tools
  135. Hack Tools Pc
  136. Pentest Tools For Ubuntu
  137. Pentest Tools Online
  138. Hack And Tools
  139. Pentest Tools Framework
  140. Pentest Tools
  141. Hacker Tools Github
  142. Hacker Tools For Windows
  143. Pentest Tools Android
  144. Github Hacking Tools
  145. Blackhat Hacker Tools
  146. Github Hacking Tools
  147. Hacking Tools For Windows Free Download
  148. Hacking Tools Online
  149. Pentest Tools Linux
  150. Pentest Tools For Android
  151. Pentest Tools Url Fuzzer
  152. Hack Tool Apk
  153. Pentest Tools For Windows
  154. Best Hacking Tools 2020
  155. Hacker Techniques Tools And Incident Handling
  156. Pentest Tools Windows
  157. Hacker Hardware Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)