add small writeup for infiltration

2021-12-03 17:02:10 +01:00
parent 41dd116e10
commit 6d35d9bc1d
1 changed files with 35 additions and 0 deletions
--- a/reversing/infiltration/README.md
+++ b/reversing/infiltration/README.md
@@ -0,0 +1,35 @@
+# Infiltration
+
+## Flag
+
+HTB{n0t_qu1t3_s0_0p4qu3}
+
+## How to solve
+
+- The client software connects to a server and tries to authenticate
+- Dont even bother to disassemble the binary or capture the traffic
+- The flag can be obtained using `strace`
+
+```bash
+strace /.client $server $port
+
+... snip ...
+
+recvfrom(3,
+"\330|a?\7\212j\321\256C\37\33:\31\215x\325\327p\3528\202N\361V:\207\r\275\255+=",
+32, 0, NULL, NULL) = 32
+sendto(3,
+"\205'u\25~\240<\301`\274\6\2075Dj\230\374\300\314\243%\1\202#\374\350K\216P\250\373\302",
+32, 0, NULL, 0) = 32
+recvfrom(3, "\0", 1, 0, NULL, NULL)     = 1
+recvfrom(3, "HTB{n0t_qu1t3_s0_0p4qu3}", 1024, 0, NULL, NULL) = 24
+newfstatat(1, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...},
+AT_EMPTY_PATH) = 0
+brk(NULL)                               = 0x55ce61a03000
+brk(0x55ce61a24000)                     = 0x55ce61a24000
+write(1, "[!] Untrusted Client Location - "..., 53[!] Untrusted Client Location
+- Enabling Opaque Mode
+) = 53
+exit_group(0)                           = ?
+++ exited with 0 +++
+```