Nullcon Jailbreak CTF 2012,Walkthrough by Team Loosers
2 likes2,711 views
The document describes a jailbreaking challenge undertaken by a team, which included 15 tasks divided into sections: exploitation, development, and antivirus bypass. The team created a PHP de-obfuscator to analyze scrambled code, which they developed over two days despite facing various challenges. By the end of the challenge, they successfully produced a working de-obfuscator and emphasized the learning and physical benefits from the experience.
Nullcon Jailbreak CTF 2012,Walkthrough by Team Loosers
- 1. Nullcon JailBreak 2012 Team Loosers Ajith (r3dsm0k3) Himanshu Das
- 2. Jailbreak Challenges 15 Challenges, 3 sections 1.Exploitation
- 3. Jailbreak Challenges 15 Challenges, 3 sections 2.Development
- 4. Jailbreak Challenges 15 Challenges, 3 sections 3.Antivirus Bypass
- 5. Jailbreak Challenges 15 Challenges, 3 sections ! Exploitation ! Development ! Antivirus Bypass
- 6. PHP De-obfuscator For http://fopo.com.ar WHAT? ! Used on free online PHP source obfuscator. ! Impossible for naked eye to analyze the source. ! Variables, functions are scrambled. ! Uses base64 encoding, rot13 transformation etc. for obfuscation.
- 7. Fopo PHP Obfuscator Input/Output
- 8. Fopo PHP Obfuscator We were like..
- 9. WHY? Why did we choose this task. ! No such de-obfuscators available. ! Useful, can be used to analyze the malicious code, bug fixing etc. ! Felt quite achievable within 36 hours. ! And yes, for clearing CTFs like HackIM,ClubhackCTF etc. J
- 10. HOW? Our Approach 1st Day in Jail. ! Analyzed the obfuscated code. ! Manually decoded the code (echo instead of eval + Burp for encoding/decoding + Find and Replace ) ! Started coding to convert the code line by line.
- 11. HOW? 1st Day in Jail. Hacking our health. ! 100 Push-Ups ! Several Sit-Ups, Duck-walk and many unknown exercises to man.
- 12. HOW? 1st Day in Jail. End of 1st Day. Line by line conversion found not feasible.
- 13. HOW? 1st Day in Jail. End of 1st Day. We Got Stuck..!!
- 14. HOW? Our Approach 2nd Day in Jail. ! Started analyzing the obfuscated code. ! Found string patterns and the functions used to obfuscate. ! Found the pattern to decode in an eval function gzinflate(base64_decode(str_rot13(“Obfuscated Code Goes Here”))); ! Coding…
- 15. HOW? Our Approach 2nd Day in Jail. ! Coding done, Testing done.. ! Shown the code to Superintendent. ! And…….
- 16. OUT OF JAIL..! :D ! After hours of stress/lack of food, water/physical torture (yes, it was torture J ) we managed to get out of Jail as the first one to do so. ! Beeeeeeerrrrrrrr…..!! J
- 17. DEMO
- 18. This is how my script looks like now It Works.. J
- 19. Something awesome is cooking. This is the future,well..I dream.. J
- 20. Future Development ! Support for different levels of obfuscation. ! Make the script command line. ! Optimization of existing code to decrease the time, complexity, and make the algorithm more simple.
- 21. How JailBreak Benefited Us. ! Time management (poo,pee,eat everything in 15 minutes). ! Built muscles, Could go for Army Recruitment. ! Better understanding of code obfuscation techniques.
- 22. Thank you all for bearing me. J Any Koschans..?