ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction

The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()

If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.

The macro:

Related news

1. Hacking Tools Windows
2. Top Pentest Tools
3. Hacking Tools Free Download
4. What Is Hacking Tools
5. Pentest Tools Github
6. Hacking Tools Windows
7. Tools For Hacker
8. Hacking Tools For Windows 7
9. How To Install Pentest Tools In Ubuntu
10. Easy Hack Tools
11. Hack Tools For Pc
12. Hacker Tools Linux
13. Hacking Tools 2019
14. Hacking Tools Kit
15. Hack Tools For Games
16. Wifi Hacker Tools For Windows
17. What Are Hacking Tools
18. Pentest Tools Port Scanner
19. Pentest Tools Website
20. Install Pentest Tools Ubuntu
21. Termux Hacking Tools 2019
22. Pentest Box Tools Download
23. Pentest Tools Alternative
24. Hacking Tools Download
25. Pentest Tools Apk
26. Hacker Tools Apk Download
27. Pentest Recon Tools
28. Tools 4 Hack
29. Pentest Tools Download
30. Hacking Tools Download
31. Hacking Tools For Windows
32. Pentest Tools For Ubuntu
33. Hack Tools 2019
34. Ethical Hacker Tools
35. What Are Hacking Tools
36. Hacking Tools For Windows Free Download
37. Hacker Tools List
38. Wifi Hacker Tools For Windows
39. Hack Tools Pc
40. Nsa Hack Tools
41. Pentest Tools For Ubuntu
42. Android Hack Tools Github
43. Hacker Tools List
44. Pentest Automation Tools
45. Hacker Tools Mac
46. Hacking Apps
47. Hacking Tools Pc
48. Hacker Tools Apk Download
49. Hacker Security Tools
50. Hacker Techniques Tools And Incident Handling
51. Hacker Tools For Windows
52. Install Pentest Tools Ubuntu
53. Hacker Techniques Tools And Incident Handling
54. Hacker Tools 2020
55. Pentest Tools List
56. Hacker Tools For Windows
57. Hacking Tools Usb
58. Hacker Tools
59. Nsa Hack Tools Download
60. Hacker Tools 2019
61. Hacking Tools
62. Hack Tools For Windows
63. Hack Tool Apk
64. Hack Tool Apk No Root
65. Hacking Tools For Windows 7
66. How To Hack
67. Hacker Tools For Pc
68. Pentest Tools Subdomain
69. Hack And Tools
70. Hacker Tools For Windows
71. Best Pentesting Tools 2018
72. Hacking Tools For Windows
73. Hacker Search Tools
74. Hacker Tools
75. Android Hack Tools Github
76. Termux Hacking Tools 2019
77. Pentest Tools List
78. Hacker Security Tools
79. Hacking App
80. Pentest Tools Tcp Port Scanner
81. Hacker Tools List
82. Nsa Hack Tools Download
83. Hacking Tools Kit
84. Hacking Tools Pc
85. Easy Hack Tools
86. Hacker Tools Online
87. Pentest Tools Alternative
88. Hack Tools For Games
89. Hacking Tools Download
90. Github Hacking Tools
91. Hacking Tools For Windows Free Download
92. New Hacker Tools
93. Hacker Tools List
94. Android Hack Tools Github
95. Android Hack Tools Github
96. Growth Hacker Tools
97. Nsa Hack Tools
98. Hacking Tools Windows 10
99. Hacker Tools 2020
100. Hacking Tools For Windows 7
101. Hack Tools For Windows
102. Hacker Tools List
103. Pentest Tools For Mac
104. Nsa Hack Tools
105. Hack Tool Apk No Root
106. Hacker Tools Free Download
107. Hackrf Tools
108. Hack Tool Apk No Root
109. Pentest Tools Download
110. Hacking Tools Online
111. Hack Tools
112. Termux Hacking Tools 2019
113. Pentest Tools Website Vulnerability
114. New Hack Tools
115. Tools 4 Hack
116. Hack Rom Tools
117. How To Make Hacking Tools
118. Hacking Tools For Beginners
119. Pentest Tools Android
120. Pentest Tools
121. Hacker Tools Apk Download
122. Hacker
123. Hacking Tools For Pc
124. Hack Tools For Ubuntu
125. Best Hacking Tools 2019
126. Hacker Search Tools
127. Hacking Tools For Windows
128. Hacker Search Tools
129. Wifi Hacker Tools For Windows
130. Hacking Tools For Windows Free Download
131. Pentest Tools Review
132. Hacker Tools 2020
133. Github Hacking Tools
134. Pentest Recon Tools
135. Pentest Recon Tools
136. Hacker Tools 2020
137. Hacker Tool Kit
138. Hacker Tools List
139. Pentest Reporting Tools
140. Pentest Tools Url Fuzzer
141. Hacking Tools Windows
142. Pentest Tools Open Source
143. Hacker Tools Github
144. Hacker Tools For Windows
145. Free Pentest Tools For Windows
146. Hacker Tools For Mac
147. Hacking Tools 2019
148. Hack Tools
149. Hacking Tools For Mac
150. Hack Tools For Mac
151. Hack Tools
152. Termux Hacking Tools 2019
153. Pentest Tools Nmap
154. Black Hat Hacker Tools
155. Best Hacking Tools 2019
156. Hacking Tools Online
157. Pentest Reporting Tools
158. Hacking Tools Name
159. Hacking Tools
160. Hacking Tools For Windows
161. Tools Used For Hacking
162. Hacker Search Tools
163. Hack Tools Mac
164. Hack Tools For Games
165. Pentest Tools Android
166. Hak5 Tools
167. Hacker Tools Hardware
168. Hacker Search Tools
169. Pentest Reporting Tools
170. Hacker Tools Free Download
171. Pentest Tools Apk
172. Pentest Tools For Mac
173. How To Install Pentest Tools In Ubuntu
174. Hacker Tools List
175. Hacking Tools Online
176. Usb Pentest Tools