Successfully reported this slideshow.

Battle Underground NullCon 2011 Walkthrough

4,392 views

Published on

walkthrough of Nullcon CTF BattleUnderground 2011.

 • Be the first to comment

Battle Underground NullCon 2011 Walkthrough

 1. 1. @@D-D- J@D fn,Jf @–
 2. 2. f°f°f¾ff€-
 3. 3. S``WZVW^Y^[aZV S^[aY[Z`WZ`_9 °n° @¾f°@n°¾D¾ fn,Jf @–
 4. 4. f°f°f¾ff€-
 5. 5. ^WaVW€
 6. 6. ¯½°–fn, f¾¾½n½fn½f°-
 7. 7. °f°fD°–°f°f¾¯f–°¯€°€°¾¯f°–½f¾ –f°f°-–½f°-
 8. 8. °–f°°–n¯¯f°¾½nff°–°@f¯€–f°°–f°½°–¾nf°n½f€¯½½¾¾¾ ¾ff¾¾½nff°–¾f°f ffJff f¾¯f°Jff fff¯f Jff¯–n¯½f–f°¾fn°f Z`^[VaU`[Zf¯½¾°°–ff–€f¾€fn, f¾–°f–°½°¾€fn ¾n½°f°°¾€ %½°f% n°¾¾f¾ %€½¾¾% ½¾fnnfn 9€f¾$¾°½°¾ ½fn¾nnf°¾fn€¯fnf¾° - f°°°f°½½f¾¾€fn fn,Jf @–
 9. 9. f°f°f¾ff€-
 10. 10. WbW ¾n½° f° ½
 11. 11. Z[[ZYS``WSYWX^_``ZYZWWVWV`[TWV[ZWS_ScS _[[S``W_[a^UW [cWbW^`W`_SV_S[Z`WZ`U[ ScWUSZ_WWZ`W^W_SV _a[XZaW^
 12. 12. _[cS`_`_ZaW^ `WZ_[Z`W_a_`_SX^WX[ W `WZ_[Z[cWUSZSVV`ZX^WX[ [[cWbW^TWX[^WSVVZY`W`_SZS W`_XW _S^WW__WZ`S XW__[cWUSZ[WZ`Wc`SZ ZY_[X`cS^W fn,Jf @–
 13. 13. f°f°f¾ff€-
 14. 14. Z_VWU^[WX[VW^cWSbWSZaW^S^cU SbWSYSZW `^SU`WVSZV`WZ_`WVSXW_ X [a[[S`S`WXW_[ZW`ZY`S`_[aV^ZY_[WTW_ZaW^[YYW^_
 15. 15. _[W`_SZS W`WU[VW[Z[^SW W_ZaW^[YYW^_[[_ZZ[UWZ`WZ[aY_[W`_UWU`W[`W^XW
 16. 16. bW^S _`_U[Z`SZ__[WZ`W^W_`ZYU[VW_WU`[ZcUcWZWWV`[aZVW^_`SZV __WU`[Z[XU[VWSbW`c[`ZY_ [aUSZ_WWUa_`[WSVW^YW``ZYVWXZWV [WbS^STW_c`ÙWYX[^S`SY[ZY`[[YZa^_[XbS^[a__`W_
 17. 17. Z[c`WZ_`^aU`[Z_S^WZ`c[cS _ X [aV[Z`cSZ``[Z_`S XW`WZ [aUSZ_WWS`WU[VW_V[ZY_SVVZYSWSVW^ ZSWVS``WTS [c`bSaW[a^ X [aV[Z_`S SZVSU`bS`W`ZWWV`[WWZZV`[Z[`[YZ`[SZ [X`W_`W__`WV U[ `__cS`US`a^W_`W[YZU^WVWZ`S_Z`SZVaZW__ [aS_[cSZ``[TWS^`[X TS^SS [cWbW^WbWZSX`W^Z_`SZY`W S [ac_WW_
 18. 18. SZV cWZWWV`[a`_[a^aTUZSUW[X
 19. 19. fn,Jf @–
 20. 20. f°f°f¾ff€-
 21. 21. [c [aZWWV`[XZV[ZW[^W`ZY_cS`_`WVSZ [W^W_`WTW_`Z`cWZcW_`S^`S__c[^VYaW__ZYcS`_`WX^_`S__c[^V`S`W[Wc[aV`^ W_W_`S__c[^V
 22. 22. [_S^ cS`c[aVTW`W_W_` [aY[``XSYZVW^W [aY[
 23. 23. [`S`UWS^_WbW WbW
 24. 24. `_WbW_bW^ ]aU`[c[^[Za_`SbWS[[S``W_[a^UWU[VW fn,Jf @–
 25. 25. f°f°f¾ff€-
 26. 26. WUSZ_W_WW`WS__c[^VZ`[cWbW^c`[ZW_W`^U`Wa^_S_[YW``ZY^WSUWV[ScWZWWV_`WZSW[X`WWbW
 27. 27. a_`a_WZ[_U^`[^SZ _U^`V_STW^SZV_WZVZS__c[^VS__`WVZ_[a^UWU[VW
 28. 28. XXcW[bW`[WbW WbW _WbWSYSZYSbWS_WZ`SZV`cS_`a^ZZY[a``[TW`[[WS_ cWZWWVWVcS_`[[[S``WU[[WZVcS`cWXZV`W^W_ZaU[Z [S a_W^ SV Sa` Z[ XSY ZSW_USZ`SVS TZ_ SXVZ% b] W VY[ % V[ZYS_Wa^VWU[WVWcWYW`ZaU[Z [S a_W^SVSa`Z[XSY ZSW_USZ`SVS TZ_ SXVZ% b] W VY[ %
 29. 29. _ ZX^WX[ `SW^VS`S[^X^WU[[W
 30. 30. ^a_WS^[ _W^bW^WTa^[^S^[_[^[`ZY[^W`[_S
 31. 31. XXcW[bW`[WbW fn,Jf @–
 32. 32. f°f°f¾ff€-
 33. 33. WbW [c`__cW^W`WSU`aSTS``W_`S^`_cWSbWW^W_`c[bW^_[Z_[XS`W`^_YSWScZV[c_SZVSZa bW^_[Z[a^UWU[VWZ` %U[^W [c`c[cS _[X[bZY[a`[X`_WbW S^VcS [^^S`W^_WcS X[^WS SZV^WSUWbW%_U[^W W[`W^cS ^[aZVZUS_W [aS`WS ZY`W`^_`S^` [a^VWTaYYZYÈYSWUWS`ZY WZYZWSZV[VX WbWSZV_U[^W__ SZ[Y[[VSVWTaYYW^ _WX_[ ^W_[^`WV`[S ZYYSW %SZV_U[^WV [`WVaW`[_aTaY[ZWbW^_[Z[XYSWYSbW[a`XSY_[WcW^WU[_W`[ [Z _WZV_`WcWT[^`[Z[X`WS``WZVW^Y^[aZVZ[c_`S^`WVSU`aS ScZZYSZV[cZZYYSWWZWWVWV`[_WZVSU^[__`WW `[[a^TW[bWVU[^^a`X[^Xa^`W^Z_`^aU`[Z WbW %W^W_[Z_WX^[U[^^a`_`S^`WV`WTS^[ZYV
 34. 34. ` T [ V
 35. 35. a ZcUWTWX[^W`SZYSSXWS[XXS`
 36. 36. _[cWSbWS`^[aTWW^W[W`_`^ _[WTS_UWZU^ `[Z fn,Jf @–
 37. 37. f°f°f¾ff€-
 38. 38. `S^`c`
 39. 39. SZVTS_W `c[XSb[a^`W_S_W VWU[VWU[W_[a``[TWaUaa VV V c V UZ UX[[WVUS^WXa SYSZ[[_WSTS_W W^W [aS_[ZWWV`[^WSV`WZ`ZSZ`cUW[SZ[`W^TS_W % bS_bSbYZ^` ^^
 40. 40. _[cWSbWSZ SVV^W__W^WZ[ccS`[[_W_[Wa_W^ZSWSZVS__c[^VU[TZS`[Z^Y`W`_UWU`WZ`SYSZ [XXS`[[[_Wa_W^ZSWSZVS__c[^VS^WSbWVW
 41. 41. W^Wa_W^ZSWU[W_[a``[TWU`XZXZ` SZVS__c[^VYSWY ^WW [cWbW^`_S_[V[W_Z`YbW_cS `[`W_W[c`S`W`a__`aUX[^SS^YWS[aZ`[X`WSZV`WZcW^WS WV`WUS`S S`[Z[_W^ZSWcS_ ZXZ` SZV_S^ S__c[^V[c`WXaZTWYZ___ ZXZ` % [`W`WTW_`
 42. 42. U[ZbW^_[Z`S`W_``ÈÈccca^WWU[ÈUYTZÈ^VVW_È^[`WS^WY^WW`WVc`SXSS^[[ZYTa`_US^W_U^WWZ S^W_WZ`ZY_[W_U^WWZ_[cWbW^`W_U^WWZS^WZ[`X^[SU`aS_[a^UWTa`S^W[X_aS`WV_ _`W[Z [US fn,Jf @–
 43. 43. f°f°f¾ff€-
 44. 44. [c`[SZ Za a_W^`_[[_bS^ XSW^SZV W_ [aYaW__`c^`WcWS^WZ_VWbZVcWZWWV`[XZV[a^cS `[cS`WbW^_`W^[W`_YW``_`S^`WV[_[WTS_UUWU__cS`cWUSZ`^ [Z`_WbW aU c^[`WZUWT[Y[_`XWS`a^ZYSVbSZUW`__[W WS^_TSU``ÈÈT[YSZSZ`_^ZX[Èc[^ZYWXXUWZ` c`bbÈ_cS cS_STW`[^WSVbS^[a_XW_cW^W VVSVc^`WSUUW__SZVcWS_[USW`[^WS W`W^W_SXWZ[WX[VW^ZSWVS_X[^S`W [cWbW^cWcW^W_`Z[`STW`[YW``W_WSUUW__cUcS_[^W[^`SZ` [cWbW^`W^W_S`^U`[^aZU[SZV_X^[Z_VWbWa_ZY_[__[aV_`SXW_[cWbW^`WW^^[^`S`cWWWYW``ZYcS_ % [`SZWV`[^U[SZVTS_[c`S`WVW`[UWU`W_WcU_Ua^^WZ` _W`_W`_W fn,Jf @–
 45. 45. f°f°f¾ff€-
 46. 46. Èa_^ÈTZÈb[cWX[aZV`WUa^`[cUSZYW`W_W fn,Jf @–
 47. 47. f°f°f¾ff€-
 48. 48. _W`_WÈTZÈTS_ ZVTS_ [aY[``W_W fn,Jf @–
 49. 49. f°f°f¾ff€-
 50. 50. [c[Z_WcWUSZ_WW[ZWXWX[^S`WSZVSZ[ZZY`[SXWZ`cW^WcWcW^WSTW`[^WSVXWU[Z`WZ`[cWbW^`WSU`aSXWcS_[cZWVT ^[[`ZVW^WX[^S`WcS_SYSZ[cZWVT ^[[`[V[ZY_[WSZS __[ZZWcWX[aZV`_aZW^ST` ``_ÈÈ_`_aTaZ`aU[ÈS^UbW_ÈaTaZ`a_WUa^` SZZ[aZUWÈ a È ```_ÈÈ`c``W^U[È È[Z[TW^WVWÈ_`S`a_È % % % %TS_WV[Z`_cWY[`SUUW__`[X[^S`W[ccWUSZWS_ V[cZ[SV`WXW`[[USSUZWX[^Xa^`W^SZS __Ua_W^ [_`ÈS`È[ccWSbWX[^S`W[Z`W[USSUZW W`_UWU`W_U^` [^S`WcS_TS_US S_ZYX[^_`^ZYX[^S`S``SUX`W^[`_[XUWUSZV`^SX[[cZYS``SUVVc[^WVÈX[^S`W% _WY[`[a`a`S_ SUW^_S^SV WÒ__`WXSYX[^`_WbWZ[`W^cS [XXZVZY`cS_V^WU`W Z_WU`[Z [cWbW^`W_WSVZY[Z`cS_`S``_cS_Z[`S^WVS_XSYcUU^WS`WVSU[ZXa_[ZX[^S`WS_` [a^_aT``ZY``[U[^^a`[bWVa_`[ZW `WbW WbW% ZV [a^cS `[`WZW `WbW UU U U% V US UX V UX UV UW V U U U %W %% %T %% %W %% %X UX U %W UV % UW % UV %X UW %% U% %W % %W %% %% %T %T `WcS U^[_[X`^WW__ W T[S^V_S^WZ[`bW^ U[[
 51. 51. _[[[ZYS``_S^`UaS^`W `SZVZ`SZVST`È[`[XY[[YZYcWX[aZV`_ fn,Jf @–
 52. 52. f°f°f¾ff€-
 53. 53. ``ÈÈSUSVS U[È È È Èc^WW__W T[S^V_WS_ U^SUWVÈ_YSbWa_SZVWS_[TS_US cS`cWS^WVWSZYc`W^W_ WS^WVWSZYc`U^[_[X`c^WW__W T[S^VU[VW_ ZXXWVVS`S_
 54. 54. WVc`SW VW^bWVXX^[a_W^SVV^W__ W _[ZWT `W[Z W[Z [ZWZaTW^ [cS`cWZWWV__[WZV[XSVWU^ `W^`[YW`[a^c[^V[ZW
 55. 55. _[ c[^WV[ZS_U^`VWU^ `[^ SbWS`W^[ZWZSZUWV`X[^]aUc[^XaZU`[ZU[ZbÕ bS^` UU U U% V US UX V UX UV UW V U U U %W %% %T %% %W %% %X UX U %W UV % UW % UV %X UW %% U% %W % %W %% %% %T %T bS^ZS^` _` SW^` WZY` ZS^WZY` X[^ ZS^WZY` Õ V[UaWZ`c^`WZS^ Ò_aT_`^ZY ZT_ ÈÈ^W[bZY X^[Sc[^V_ ZS^ ÒZS^ Ò_aT_`^ZY Ö V[UaWZ`c^`W T^ÈT^È X[^S S S Õ Z[
 56. 56. a`a`S ZT_ X[^ ZS^WZY` Õ XZ[ Õ U[Z`ZaW Ö U[ZbS^_W Z`ZS^ Ò S XU[Zb ÉÉU[Zb Õ Z[ Ö W_W Õ Z[ U`^ZYX^[S^[VWU[ZbÈÈ V[UaWZ`c^`WZS^ Ò U[Zb S^_W Z`ZS^ Ò U ZT_
 57. 57. a`a`U Ö fn,Jf @–
 58. 58. f°f°f¾ff€-
 59. 59. Ö ÈÈ_`ZY[a`[Z bSVU[VW_WU`[Z XZ[ Õ V[UaWZ`c^`W
 60. 60. a`a`
 61. 61. a`a` V[UaWZ`c^`W T^È Ö ÖÖ_c[Z YbW[a`a`cUS^Wc`ZS_U^SZYWW UaVZY_WUSW _ZVcWX[aZV`WVS`ScS_X[aZVS`_WU[ZV`[S_`WZ`bSaW S^Zb ^Wc[^WV[ZS_W^W^_U^` Èa_^ÈTZÈW^ _`^ UU U U% V US UX V UX UV UW V U U U %W %% %T %% %W %% %X UX U %W UV % UW % UV %X UW %% U% %W % %W %% %% %T %T X[^ ÕX[^ Õ S^^S VWU[^V _`^ Ò bS^ S^^S VWU ^Z` bS^ bS^U^ bS^^Z` bS^ Ö ^Z` Z Ö^Z` Z cUSYSZVV`W_SW`S_[cWbW^`__U^`cYbWS[a`a`[`a_``WS_U^Z`STW__ZY`W_W_U^`_cWY[``W[YZVW`S_[X`WZWc_W^bW^[YYZY[Z`[`W_W^bW^cS_bW^ WS_ Z[`^UZ[`ZYV[ZY [aS^WZ_VW_W^bW^[c`WSU`aS`^UTWYZcWUSZ_WW`S``W^WcS_[ZWXWZSWVS W a_`_U`WXWTSU`[ c[^_`S`[ZX[^SZS__[c[cV[ [aUWUSXWST[a`cS``_`S^`c` _W_`^ZY_U[SZV`[W `^SU`SYWZW^S_`^ZY_X^[_[a^UW
 62. 62. WZXWZW WV`[^X[^SZaSZ_WU`[Z fn,Jf @–
 63. 63. f°f°f¾ff€-
 64. 64. [SW Va[TVa ZS S_`W`[V`S`U[W_ZZV_^aZZZYSUS`[ZZ_`^SUW[VW`[_WW`W VWWZVWZUW_[cWX[aZV`WSZ_cW^Z W`[V`WSZ_cW^cS_SYSZSUaW`[ZW `WbW ` W`È^[[`ÈXSY[c`_XSYcS_SU`aS VVWZa_ZYSZWS``^U Z [a^[WV^WU`[^ [aUSZ_WWSZ`[XWZÈ`SZV`S`XWU[Z`SZWVW[c[^V fn,Jf @–
 65. 65. f°f°f¾ff€-
 66. 66. _XWU[Z`SZWV[Z W[c[^VW`ZY`[Z[`UWcS_`W_ W[X`WXWcS_U[Z_`SZ` ZU^WS_ZYS`SW^[VU^S`WSZV_[_`WU[aZ`[XW[c[^V_[ S__aWV`S`_[WW WUa`STWÈ_U^`_c^`ZY`[XW WcS_c^`STWT ^[[`_[ ZWWV`[XZV_[W_U^`cUUSZ^aZS_^[[` [[ZYS`SYWZW^S[US`[Z X[aZV[ZWZ[`_[VXXW^WZ`[[ZYXWS`Èa_^È[USÈTZÈ^ `__cS_S_WXWcUcS_SUWVZU^[Z`STaZVW^^[[`a_W^SZVcS_c[^Vc^`STW[S_WS`È^[[`ÈXSYÈ`È ZSWZVcWSbW`WXSYaT``WXSY`[U[^^a`[[_SZVWUZ]aW__WV TaZ`a Za [cW^WVW`aV[ S`[ `^SUWW Va[TVa_`^ZY_X[^TZS^ ^WX[ c``SW^VS`Sa_W^SYWZ`_c`UW^Z[_U^`X^WTaYcWTVWbW[W^ __U`[`W^W_UaW S__U^`ZYSZV `[ZÈW^U[VZY fn,Jf @–
 67. 67. f°f°f¾ff€-

×