Binary Exploitation [pwnable.kr] - (Level 6) random

#Challange Description

Name	random
Points	1
Solves	9870 times
Category	Exploitation
Description	Daddy, teach me how to use random value in programming!

The challenge binary is on ssh random@pwnable.kr -p2222 (pw:guest)

As you would have guessed this challenge is about exploiting the random value generation. Let look at the file random.c which you will find on the server once you log-in.

#include <stdio.h>

int main(){
    unsigned int random;
    random = rand();    // random value!

    unsigned int key=0;
    scanf("%d", &key);

    if( (key ^ random) == 0xdeadbeef ){
        printf("Good!\n");
        system("/bin/cat flag");
        return 0;
    }

    printf("Wrong, maybe you should try 2^32 cases.\n");
    return 0;
}

#Hint

The program is very simple it accepts integer input and xor it with the random value generated by rand() function and compares it with 0xdeadbeef and if the value matched you have to flag printed.

In the above program key ^ random = 0xdeadbeef condition can be revered and the equation is equivalent to random ^ 0xdeadbeef = key, so to solve this challenge we have to figure a way to predict the random value generated by rand() function, then we can reverse the operation by XORing the rand value with 0xdeadbeef get the input we need to get the flag.

#Random Number Generator

Every time you call the rand() function it returns a random number. This function is usually used to generate a sequence of random number. But this often gets inconvenient if you want to reproduce the same sequence, for that we set the seed-value before calling rand() function. So essentially you can reset the random sequence generator by setting the seed-value and called the rand function again it will reproduce the same sequence. You can set the seed value using srand() function.

Let look at rand() function docs, it states that if we don’t set the seed value with srand() function the default seed value to 1. Aahaa… there you go, so we can reproduce the random value. Write a sample program that prints random value on server and that will be the number you have to xor with 0xdeadbeef to get the input.

#Solution

Here is the sample program you need to execute on the server that simply prints the random value.

#include <stdio.h>

void main() {
    printf("%d\n", rand());
}

But there is a catch you cannot write anything on the home, but you can go to tmp directory and create a folder there and paste the above code in a new file and compile and run the program.

random@pwnable:/tmp$ mkdir r_t
random@pwnable:/tmp$ cd r_t
random@pwnable:/tmp/r_t$ ls
random@pwnable:/tmp/r_t$ nano hi.c
Unable to create directory /home/random/.nano: Permission denied
It is required for saving/loading search history or cursor positions.

Press Enter to continue

random@pwnable:/tmp/r_t$ gcc hi.c
hi.c: In function 'main':
hi.c:4:18: warning: implicit declaration of function 'rand' [-Wimplicit-function-declaration]
         random = rand();                  ^
random@pwnable:/tmp/r_t$ ls
a.out  hi.c
random@pwnable:/tmp/r_t$ ./a.out
1804289383
random@pwnable:/tmp/r_t$ ./a.out
1804289383

As you can see the program above processes the same random value every time, so will you random.c program.

Now you can xor this value with 0xdeadbeef to get the result, the command is a follows python -c 'print(1804289383^0xdeadbeef)' return value 3039230856 in my case. Once you give the integer to the program it will print the flag.

random@pwnable:/tmp/r_t$ cd ~
random@pwnable:~$ ls
flag random  random.c
random@pwnable:~$ ./random
3039230856
Good!
Mommy, I thought libc random is unpredictable...

#Conclusion

In this challenge, we learn how to exploit the weakness in random value generator, although it may look silly but if this kind of weakness can compromise the entire cryptographic process, which is a very serious problem. Nonetheless a crafty little challenge for a beginner.