ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction

The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()

If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.

The macro:

Read more

1. Pentest Tools Linux
2. Pentest Tools Apk
3. Underground Hacker Sites
4. What Is Hacking Tools
5. Nsa Hack Tools Download
6. Hack Tools Pc
7. Pentest Box Tools Download
8. Hacking App
9. Hacking Tools Kit
10. Android Hack Tools Github
11. Blackhat Hacker Tools
12. Hack Tools Online
13. Install Pentest Tools Ubuntu
14. Computer Hacker
15. Pentest Tools Online
16. Hacker Tools Apk Download
17. Pentest Tools Port Scanner
18. Hacker Tools Free Download
19. New Hacker Tools
20. Hacker Tools Software
21. Hacker Tools Mac
22. Hacker Tools For Pc
23. Hacker Tools For Windows
24. Hack Tools Download
25. Hack Tools
26. Hack Tool Apk No Root
27. Beginner Hacker Tools
28. What Are Hacking Tools
29. Hak5 Tools
30. Pentest Tools Open Source
31. Install Pentest Tools Ubuntu
32. Hacker
33. Hacker Tool Kit
34. Hacking App
35. Hacker Tools For Pc
36. Hack Tools For Games
37. How To Install Pentest Tools In Ubuntu
38. Hacking App
39. Hack Website Online Tool
40. Best Hacking Tools 2020
41. Hackrf Tools
42. New Hacker Tools
43. Hacker Tools Github
44. Hack Tools
45. Easy Hack Tools
46. Hack Tools 2019
47. Hacker Techniques Tools And Incident Handling
48. Hacker
49. Pentest Recon Tools
50. Hack Tools For Pc
51. Hacking Tools 2019
52. Wifi Hacker Tools For Windows
53. Hacks And Tools
54. Best Pentesting Tools 2018
55. Hacking Tools
56. Hacking App
57. Pentest Tools Apk
58. Blackhat Hacker Tools
59. Pentest Tools Android
60. How To Make Hacking Tools
61. Pentest Tools Url Fuzzer
62. Pentest Tools Subdomain
63. Nsa Hacker Tools
64. Hacking Tools For Windows 7
65. Pentest Tools For Android
66. Pentest Tools For Windows
67. Pentest Tools Framework
68. Hacker Tools Hardware
69. Pentest Tools Open Source
70. Hack App
71. Hacking Apps
72. Pentest Tools Free
73. Hacker Tools For Windows
74. New Hack Tools
75. Termux Hacking Tools 2019
76. Hacker Search Tools
77. Kik Hack Tools
78. Pentest Tools For Windows
79. Hacker Tools Apk Download
80. Kik Hack Tools
81. Pentest Tools For Windows
82. Pentest Tools Website Vulnerability
83. Hack Apps
84. Tools Used For Hacking
85. Pentest Tools Alternative
86. Hak5 Tools
87. Tools For Hacker
88. Pentest Tools Url Fuzzer
89. Hack Tool Apk
90. Hackrf Tools
91. Best Pentesting Tools 2018
92. Hack Tools 2019
93. Pentest Tools Linux
94. Hack App
95. Hack And Tools
96. Hack Tools For Windows
97. Hacker Tools Windows
98. Best Hacking Tools 2020
99. Hacker
100. Hacking Tools For Pc
101. Hacking Tools For Kali Linux
102. Pentest Reporting Tools
103. Hacking Tools Free Download