ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction

The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()

If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.

The macro:

More info

• Pentest Tools Nmap
• Nsa Hack Tools Download
• Tools 4 Hack
• Kik Hack Tools
• Pentest Tools Tcp Port Scanner
• Hacking Tools And Software
• Pentest Tools Url Fuzzer
• Hacker Tools Github
• Hacker Tools Github
• Kik Hack Tools
• Hacking Tools 2020
• Hacker Tools Apk Download
• Termux Hacking Tools 2019
• Hacking Tools Hardware
• Pentest Recon Tools
• Pentest Tools For Ubuntu
• Pentest Tools For Android
• Hack Rom Tools
• Pentest Tools For Ubuntu
• Pentest Tools For Mac
• Pentest Tools For Android
• Pentest Tools Port Scanner
• Hacker Search Tools
• Black Hat Hacker Tools
• Hacker Tools Apk
• Hacking Tools Windows 10
• Pentest Tools Framework
• Pentest Tools Tcp Port Scanner
• Hacking Tools 2020
• Hacker Tools Free Download
• Termux Hacking Tools 2019
• Hacking App
• Ethical Hacker Tools
• Hack Tools For Pc
• Hacker Tools For Pc
• Hacker
• Bluetooth Hacking Tools Kali
• Pentest Tools List
• Hacking Tools Download
• Pentest Tools Online
• Pentest Tools Android
• What Is Hacking Tools
• Hacking Tools 2019
• Hack Tools For Pc
• Hacking Tools For Pc
• Hacker Tools List
• Growth Hacker Tools
• Hack And Tools
• Hacking Tools For Kali Linux
• Pentest Tools For Mac
• Pentest Tools Tcp Port Scanner
• Hack Tools For Mac
• Hacking Tools Usb
• Android Hack Tools Github
• Hacking Tools Pc
• Hacker Tools 2020
• Hackers Toolbox
• Pentest Tools Open Source
• Game Hacking
• Pentest Tools Alternative
• Hacker Tools Free Download
• Pentest Tools Bluekeep
• Best Hacking Tools 2020
• Pentest Tools Alternative
• Hacks And Tools
• Game Hacking
• Underground Hacker Sites
• Hack And Tools
• Hacking Tools Github
• Hacker Tools Apk Download
• Hacking Tools Windows
• New Hacker Tools
• Hacker Tools List
• Hacking Tools For Windows Free Download
• Hack Tools For Games
• Underground Hacker Sites
• Pentest Tools Website Vulnerability
• Termux Hacking Tools 2019
• Pentest Tools List
• Hacker Tools Online
• Hacker Tools Free Download
• Hacker Tools Github
• Hacking Tools Github
• Hak5 Tools
• Hacking Tools For Kali Linux
• Free Pentest Tools For Windows
• Blackhat Hacker Tools
• Hacking Tools Windows 10
• Pentest Tools Kali Linux
• Usb Pentest Tools
• Hacker Hardware Tools
• Hacker Tools Online
• Pentest Tools Alternative
• Hack Tool Apk No Root
• Computer Hacker
• Hacking Tools Kit
• Growth Hacker Tools
• Hacker Tools Online
• Pentest Tools Linux
• Pentest Tools Website Vulnerability
• Tools For Hacker
• Hacker Hardware Tools
• Growth Hacker Tools
• Pentest Tools Bluekeep
• Github Hacking Tools
• Hack Tools For Mac
• Hacking Tools For Windows Free Download
• Hacker Tools Mac
• Hacker Tools Free
• Hacking Tools Download
• Pentest Tools Find Subdomains
• Pentest Tools Free
• Hack Tool Apk
• Hacking Tools Hardware
• Hacker Tools Apk
• What Is Hacking Tools
• How To Make Hacking Tools
• Tools Used For Hacking
• How To Make Hacking Tools
• Tools 4 Hack