ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction

The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()

If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.

The macro:

Related articles

• Android Hack Tools Github
• Hack Apps
• Hack Tools Mac
• Pentest Tools Url Fuzzer
• How To Hack
• Pentest Tools Alternative
• Hacker Security Tools
• Hack Tools Github
• Top Pentest Tools
• Pentest Recon Tools
• Hacking Tools Software
• Wifi Hacker Tools For Windows
• Hacker Tools For Pc
• Pentest Tools Nmap
• Hacking Tools For Windows
• Hack Tools For Mac
• Pentest Tools Website
• Hacking Tools For Beginners
• Android Hack Tools Github
• Bluetooth Hacking Tools Kali
• Hacker Tools Linux
• Pentest Tools Linux
• Pentest Tools Url Fuzzer
• Hacking Tools Windows
• Hack Rom Tools
• Hacking Tools For Beginners
• Pentest Tools Online
• Best Hacking Tools 2020
• Pentest Tools Android
• Pentest Tools Github
• Bluetooth Hacking Tools Kali
• Pentest Tools Port Scanner
• Hacker Tools Software
• Hacker Tools For Mac
• Ethical Hacker Tools
• Hacking Tools Windows
• Hacker Hardware Tools
• Hacker Tools Free
• Hacker Security Tools
• Computer Hacker
• Hack Tool Apk
• Pentest Tools Tcp Port Scanner
• Hackers Toolbox
• Hacking Tools 2020
• Hacker Tool Kit
• Hacking Tools 2019
• Hacking Tools Online
• Pentest Reporting Tools
• Hack Tools 2019
• Hacker Tools Linux
• Termux Hacking Tools 2019
• Hacking Tools Usb
• Hacking Tools For Pc
• Best Pentesting Tools 2018
• What Are Hacking Tools
• Hack Tool Apk No Root
• Hack Rom Tools
• Pentest Automation Tools
• Hack Apps
• Hacker Security Tools
• Best Hacking Tools 2019
• Hacker Tools Windows
• Hacker
• Hack Tools
• Hacker Tools Hardware
• Hacking Tools Github
• Growth Hacker Tools
• World No 1 Hacker Software
• New Hack Tools
• Pentest Tools For Mac
• Hacking Tools Software
• Hack App
• Hack And Tools
• Pentest Tools Nmap
• Hacker Search Tools
• World No 1 Hacker Software
• Hacking Tools Usb