App 17!

Learn to reverse engineer through some common application security methods.
Forum rules
DO NOT POST ANSWERS OR SPOILERS! [IE: Mission Links, Mission File Names/Pages, Scripts/Code, etc.]

Posting these will result in warnings/bans!

Re: App 17!

Post by -Ninjex- on Wed Sep 10, 2014 8:43 am
([msg=83515]see Re: App 17![/msg])

Svekke2k13 wrote:I found the password and I was able to get the confirmation of app17win but it does not seem to pass on HTS.
Can I just PM someone to make sure this is correct?

I'm thinking of NightQuest??
Thanks in advance


Read my old post right above the one you made, it should still be the best method to get your points.
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: App 17!

Post by jurriaanpijpers on Wed Sep 24, 2014 11:19 am
([msg=83819]see Re: App 17![/msg])

Hi there,

For some reason the online check for app 17 is still not working properly.
Could someone check my code, and reward my points if my awnser is correct ?
As there is a example result in the application, i dont think that this is a spoiler.
If the mods think otherwise, feel free to delete it:

Code: Select all
Username: jurriaanpijpers
My awnser: HTS-1530-2108-3018-2405-351A-2824-2009-35
jurriaanpijpers
New User
New User
 
Posts: 1
Joined: Wed Sep 24, 2014 10:59 am
Blog: View Blog (0)


Re: App 17!

Post by ilanman123 on Sat Nov 08, 2014 10:49 pm
([msg=84953]see Re: App 17![/msg])

Hi.
Like a number of people before me, the app says the password is correct but I can't submit it to HTS.
The password I got is HTS-142C-1A2A-2120-0118-0D13
ilanman123
New User
New User
 
Posts: 4
Joined: Sat Nov 08, 2014 10:45 pm
Blog: View Blog (0)


Re: App 17!

Post by QtDevl on Sun Nov 09, 2014 6:50 am
([msg=84958]see Re: App 17![/msg])

ilanman123 wrote:Hi.
Like a number of people before me, the app says the password is correct but I can't submit it to HTS.
The password I got is HTS-142C-1A2A-2120-0118-0D13


As with programming 9, you must remember the server handles all the binary calculations as 64 bit integers, not 32 bit.
For example, your code is correct for the app, but for the server your code would really be
HTS-142C-1A2A-2120-2705-160E

MODS: if this is a spoiler delete, but since he got a correct code, i presume this is ok.

LATE EDIT:
Since I was asked as to why this happens, I'll explain it here.
The application was compiled for 32 bit, and it uses 32bit integers, which means all bitwise operations are done ON 32 bits( NOTE that compiling for 64 bits does not guarantee 64bit integers or unless you specifically use them ).
As me and mzungudo have found out for programming 9, the server on the other hand is 64 bits, so all integers are 64 bits, which means bitwise operations can AND WILL overflow to 64 bits if necessary.
Now, this wouldn't be a problem normally, but NightQuest ( app17 creator ) made a small mistake.
The app does a LEFT SHIFT x positions ( x position varies, if you've done this you'll know which one it is ), sometimes x can be more than 32, which is a problem as in c a left shift of more than int size ( 32 in this case ) bits IS UNDEFINED BEHAVIOUR.
The server on the other hand has 64 bit integers and can do shifts up to and including 64 bits.
So if you've made a keygen for this and want to submit your code, you should use 64 bit integers and you should be fine, the easiest way would be if you know php to convert your code to php and use a 64 bit server.Obviously the app won't accept the code, but the site will.
Fixing this can be easy or hard depending on which road you take, the app could have some sanity checks so bitwise operations don't overflow, the server could force 32bit integers or cut out extra bits when they overflow.
About 2 years ago me and mzungudo have proposed a fix but apparently it wasn't put online.
If freedom is outlawed, only outlaws will have freedom...
QtDevl
New User
New User
 
Posts: 40
Joined: Sat May 17, 2008 3:50 pm
Location: my own world
Blog: View Blog (0)


Re: App 17!

Post by ilanman123 on Mon Nov 10, 2014 2:28 pm
([msg=84978]see Re: App 17![/msg])

QtDevl wrote:
ilanman123 wrote:Hi.
Like a number of people before me, the app says the password is correct but I can't submit it to HTS.
The password I got is HTS-142C-1A2A-2120-0118-0D13


As with programming 9, you must remember the server handles all the binary calculations as 64 bit integers, not 32 bit.
For example, your code is correct for the app, but for the server your code would really be
HTS-142C-1A2A-2120-2705-160E

MODS: if this is a spoiler delete, but since he got a correct code, i presume this is ok.

LATE EDIT:
Since I was asked as to why this happens, I'll explain it here.
The application was compiled for 32 bit, and it uses 32bit integers, which means all bitwise operations are done ON 32 bits( NOTE that compiling for 64 bits does not guarantee 64bit integers or unless you specifically use them ).
As me and mzungudo have found out for programming 9, the server on the other hand is 64 bits, so all integers are 64 bits, which means bitwise operations can AND WILL overflow to 64 bits if necessary.
Now, this wouldn't be a problem normally, but NightQuest ( app17 creator ) made a small mistake.
The app does a LEFT SHIFT x positions ( x position varies, if you've done this you'll know which one it is ), sometimes x can be more than 32, which is a problem as in c a left shift of more than int size ( 32 in this case ) bits IS UNDEFINED BEHAVIOUR.
The server on the other hand has 64 bit integers and can do shifts up to and including 64 bits.
So if you've made a keygen for this and want to submit your code, you should use 64 bit integers and you should be fine, the easiest way would be if you know php to convert your code to php and use a 64 bit server.Obviously the app won't accept the code, but the site will.
Fixing this can be easy or hard depending on which road you take, the app could have some sanity checks so bitwise operations don't overflow, the server could force 32bit integers or cut out extra bits when they overflow.
About 2 years ago me and mzungudo have proposed a fix but apparently it wasn't put online.

Thank you for explaining why this happens. This problem exists for more than 2 years, I wonder why they still haven't fixed it.
ilanman123
New User
New User
 
Posts: 4
Joined: Sat Nov 08, 2014 10:45 pm
Blog: View Blog (0)


Re: App 17!

Post by QtDevl on Mon Nov 10, 2014 4:07 pm
([msg=84980]see Re: App 17![/msg])

ilanman123 wrote:Thank you for explaining why this happens. This problem exists for more than 2 years, I wonder why they still haven't fixed it.


No problem...
If I'm not mistaken Nightquest (the app creator) is retired, and no one knows/is able to fix the applications.
The server side on the other hand I think it hasn't been fixed because no one knows/knew what the problem was ( even tough me and mzungudo told the devs that the main problem is the 64bit integers, and even proposed a fix ).
So there's that!
If freedom is outlawed, only outlaws will have freedom...
QtDevl
New User
New User
 
Posts: 40
Joined: Sat May 17, 2008 3:50 pm
Location: my own world
Blog: View Blog (0)


Re: App 17!

Post by ilanman123 on Mon Nov 10, 2014 9:08 pm
([msg=84982]see Re: App 17![/msg])

QtDevl wrote:
ilanman123 wrote:Thank you for explaining why this happens. This problem exists for more than 2 years, I wonder why they still haven't fixed it.


No problem...
If I'm not mistaken Nightquest (the app creator) is retired, and no one knows/is able to fix the applications.
The server side on the other hand I think it hasn't been fixed because no one knows/knew what the problem was ( even tough me and mzungudo told the devs that the main problem is the 64bit integers, and even proposed a fix ).
So there's that!

That's too bad. I guess it'll stay bugged for now :(
By the way, does app 18 have the same problem? I'm having trouble submitting that as well...
ilanman123
New User
New User
 
Posts: 4
Joined: Sat Nov 08, 2014 10:45 pm
Blog: View Blog (0)


Re: App 17!

Post by QtDevl on Tue Nov 11, 2014 3:46 am
([msg=84985]see Re: App 17![/msg])

ilanman123 wrote:That's too bad. I guess it'll stay bugged for now :(
By the way, does app 18 have the same problem? I'm having trouble submitting that as well...


Not quite, THERE IS a problem with app18, but I think it may be about the server side implementation, since as far as I know, app18 used to have a cgi interface to c++ code, so it shouldn't be about integer size.
For app18 you'll have to either PM a mod, or do as -Ninjex- said and hop on IRC.
If freedom is outlawed, only outlaws will have freedom...
QtDevl
New User
New User
 
Posts: 40
Joined: Sat May 17, 2008 3:50 pm
Location: my own world
Blog: View Blog (0)


Re: App 17!

Post by cyberdrain on Mon Nov 17, 2014 7:45 am
([msg=85069]see Re: App 17![/msg])

QtDevl, if you have the time, could you dev up some binary exploitation missions? Sounds like you know what you're talking about and HTS could use some binary exploitation missions imho. :)
Free your mind / Think clearly
User avatar
cyberdrain
Expert
Expert
 
Posts: 2160
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: App 17!

Post by QtDevl on Tue Nov 18, 2014 6:06 am
([msg=85130]see Re: App 17![/msg])

cyberdrain wrote:QtDevl, if you have the time, could you dev up some binary exploitation missions? Sounds like you know what you're talking about and HTS could use some binary exploitation missions imho. :)

I'm sorry but unfortunately I don't have the imagination to write a challenge :P
I'm more intrigued to solve them
If freedom is outlawed, only outlaws will have freedom...
QtDevl
New User
New User
 
Posts: 40
Joined: Sat May 17, 2008 3:50 pm
Location: my own world
Blog: View Blog (0)


PreviousNext

Return to Application

Who is online

Users browsing this forum: No registered users and 0 guests

cron