Рет қаралды 2,459
Video walkthrough for "Badseed" challenge from the K3RN3L Capture The Flag (CTF) competition 2021. In this challenge we reverse an ELF binary with Ghidra and GDB-PwnDbg to identify a predictable Pseudo-Random Number Generator (PRNG) seed. Next, we use PwnTools to patch the original binary and automate the "bad seed" exploitation. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂
↢Social Media↣
Twitter: / _cryptocat
GitHub: github.com/Crypto-Cat
HackTheBox: app.hackthebox.eu/profile/11897
LinkedIn: / cryptocat
Reddit: / _cryptocat23
KZfaq: / cryptocat23
Twitch: / cryptocat23
↢K3RN3L CTF↣
github.com/Kasimir123/K3RN3LC...
ctf.k3rn3l4rmy.com
/ kernelarmy
/ discord
↢Resources↣
Ghidra: ghidra.re/CheatSheet.html
Volatility: github.com/volatilityfoundati...
PwnTools: github.com/Gallopsled/pwntool...
CyberChef: gchq.github.io/CyberChef/
DCode: www.dcode.fr/en
HackTricks: book.hacktricks.xyz/pentestin...
CTF Tools: github.com/apsdehal/awesome-ctf
Forensics: cugu.github.io/awesome-forens...
Decompile Code: www.decompiler.com/
Run Code: tio.run/
Start: 0:00
Basic file checks - 0:22
Analyse binary in Ghidra - 2:10
Debug with GDB-PwnDbg - 4:10
PRNG (srand/rand) using time() - 8:14
Patch alarm() call with PwnTools - 10:20
Manipulate Q2 values with debugger - 12:50
Debug Q3 with Ghidra/GDB - 15:00
How do we approach remote? - 18:20
Automate with PwnTools script - 19:52
End: 25:00