Skip to content

Blakley/Binary-Exploitation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Binary Exploitation

A tutorial on using Python to test various input in an executable Run the executable and try to solve it yourself.
Complete the solver to finish levels 2 through 5!

solver.gif

Included

  • Blakley's Game: The binary game that you can download and try to beat
  • A custom python solver for level 1 of the game

Dependencies

Have both GDB and Python installed then install the following

$ pip install gdb

Working with the custom Python Solver

  • Navigate to the /src directory
  • run the following:
  • gdb ./game
  • source solver.py
  • start

Understanding the Python Solver

The purpose of the solver is to show you how you can use the gdb module in Python, to brute force input within an executable. However, there are more effective ways to complete each level in the game. Namely, you can simply use gdb, set breakpoints, and step through the assembly to understand the code and retrieve the input that's expected.

Nonetheless, there exists some situations where testing multiple values is the best method. This is shown in level 3 of the game. Level 3: Password Guessing, asks you to input my "not so secure" secure password to continue. The best approach here would be to use a password list and feed the program each password until you've solved the level.

Let's take a look at how this is achieved:

  • To start, we need to register our custom gdb command. In our Python script, we've created a command start that will run our Level_1 function solver.

  • Next, Let's take a look at the Level_1 Solver. We first set a few breakpoints to know if we've successfully found the answer.

    • (line 14 of solver.py) gdb.execute('b failed') Here we set a breakpoint at a point where we know our input has failed
    • (line 15 of solver.py) gdb.execute(b level_2) Here we set a breakpoint at where we know our input was correct and we are moving to the next level.

With our breakpoints set, we can now feed the binary answers until a breakpoint is hit.

  • Next we can move to pass input to the binary.
    • We will use a file that we'll call answers.txt. This will contain our answers, separated by a newline, for each level.
    • We open the file in python and loop through the list of inputs we are testing. Then, we append and run the program with each input.
    • After testing single input, we call a function test() that will execute the command `gdb.execute("info b 2", False, True) This command determines if the breakpoint we set for a successful input was hit. If it is, then we know we've found the answer.

Deployment

To run the game, open up a unix shell and run the following

$ chmod +x game
$ ./game

About

Binary Game & Tutorial on how to use Python to brute force and exploit input in a binary.

Topics

c gdb python3 binary-exploitation ctf-challenges python-gdb

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

Binary Game Latest
Aug 14, 2021

Languages