Monday, August 31, 2020


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















Related posts

  1. Pentest Tools
  2. Hack Tools Mac
  3. Pentest Tools Subdomain
  4. Hack Tools Download
  5. Pentest Tools Review
  6. Hacking Tools And Software
  7. Hacker Tools Online
  8. Wifi Hacker Tools For Windows
  9. Hacking Tools For Games
  10. Hacking Tools For Windows Free Download
  11. Pentest Tools List
  12. Hacker Tools Windows
  13. Hacking Tools 2020
  14. Tools 4 Hack
  15. Hacking Tools Windows
  16. Computer Hacker
  17. Android Hack Tools Github
  18. Hacker Tools Free Download
  19. Pentest Tools Linux
  20. Pentest Tools
  21. Underground Hacker Sites
  22. Kik Hack Tools
  23. How To Hack
  24. Hacking Tools Name
  25. Hacker Tools 2020
  26. Top Pentest Tools
  27. Pentest Tools Url Fuzzer
  28. Hacks And Tools
  29. Hacking Tools For Windows 7
  30. Hacker Search Tools
  31. Easy Hack Tools
  32. Pentest Box Tools Download
  33. Hacking Tools Kit
  34. Hack Tools Download
  35. Pentest Tools Review
  36. Pentest Automation Tools
  37. Hacker Tools Mac
  38. Hacker Tools For Ios
  39. Pentest Tools Website Vulnerability
  40. Hack Tools For Pc
  41. Hack Tools 2019
  42. Hack Tools For Pc
  43. Pentest Tools Website Vulnerability
  44. Hack App
  45. Pentest Tools Github
  46. Hacking Tools For Windows 7
  47. Hack Website Online Tool
  48. Hacking Apps
  49. Hak5 Tools
  50. Hacking Tools 2019
  51. Github Hacking Tools
  52. Nsa Hack Tools Download
  53. Hacker Techniques Tools And Incident Handling
  54. Hack Tool Apk No Root
  55. Pentest Tools Alternative
  56. Hacking Tools Free Download
  57. Pentest Tools Bluekeep
  58. Pentest Tools Github
  59. Growth Hacker Tools
  60. Beginner Hacker Tools
  61. Hacker Tools Apk Download
  62. Pentest Tools For Ubuntu
  63. World No 1 Hacker Software
  64. Growth Hacker Tools
  65. Hacking Tools For Windows Free Download
  66. World No 1 Hacker Software
  67. Usb Pentest Tools
  68. Hacking Tools Online
  69. Hacker Security Tools
  70. Android Hack Tools Github
  71. Hacker Tools For Ios
  72. Pentest Tools For Ubuntu
  73. Hack Tools For Windows
  74. Easy Hack Tools
  75. Hacking Tools Windows
  76. Hack Website Online Tool
  77. Pentest Tools Subdomain
  78. Hacker Tools Mac
  79. Pentest Tools Framework
  80. Hacker Tools Linux
  81. Pentest Tools Port Scanner
  82. Pentest Tools Website

1 comments:

  1. CONTACT: onlineghosthacker247 @gmail. com
    -Find Out If Your Husband/Wife or Boyfriend/Girlfriend Is Cheating On You
    -Let them Help You Hack Any Website Or Database
    -Hack Into Any University Portal; To Change Your Grades Or Upgrade Any Personal Information/Examination Questions
    -Hack Email; Mobile Phones; Whatsapp; Text Messages; Call Logs; Facebook And Other Social Media Accounts
    -And All Related Services
    - let them help you in recovery any lost fund scam from you
    onlineghosthacker Will Get The Job Done For You
    onlineghosthacker247 @gmail. com
    TESTED AND TRUSTED!

    ReplyDelete