36 lines
1.0 KiB
Markdown
36 lines
1.0 KiB
Markdown
# Infiltration
|
|
|
|
## Flag
|
|
|
|
HTB{n0t_qu1t3_s0_0p4qu3}
|
|
|
|
## How to solve
|
|
|
|
- The client software connects to a server and tries to authenticate
|
|
- Dont even bother to disassemble the binary or capture the traffic
|
|
- The flag can be obtained using `strace`
|
|
|
|
```bash
|
|
strace /.client $server $port
|
|
|
|
... snip ...
|
|
|
|
recvfrom(3,
|
|
"\330|a?\7\212j\321\256C\37\33:\31\215x\325\327p\3528\202N\361V:\207\r\275\255+=",
|
|
32, 0, NULL, NULL) = 32
|
|
sendto(3,
|
|
"\205'u\25~\240<\301`\274\6\2075Dj\230\374\300\314\243%\1\202#\374\350K\216P\250\373\302",
|
|
32, 0, NULL, 0) = 32
|
|
recvfrom(3, "\0", 1, 0, NULL, NULL) = 1
|
|
recvfrom(3, "HTB{n0t_qu1t3_s0_0p4qu3}", 1024, 0, NULL, NULL) = 24
|
|
newfstatat(1, "", {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0), ...},
|
|
AT_EMPTY_PATH) = 0
|
|
brk(NULL) = 0x55ce61a03000
|
|
brk(0x55ce61a24000) = 0x55ce61a24000
|
|
write(1, "[!] Untrusted Client Location - "..., 53[!] Untrusted Client Location
|
|
- Enabling Opaque Mode
|
|
) = 53
|
|
exit_group(0) = ?
|
|
+++ exited with 0 +++
|
|
```
|