Windows Internals CTF

With @sambowne, @djhardb, @KaitlynGuru, and @infosecirvin.

Scoreboard · Submit Flags

Livestream: https://twitch.tv/sambowne

Final Scores from CircleCityCon on June 13, 2021

       

Archived Scores

GRIMMCON 0x04
Scores from June 10, 2021

Archived Videos

GRIMMCON 0x04

                                                       

Prepare a Windows VM

Recommended
    PMA 41: Windows 10 with Analysis Tools
20
Not Recommended
    PMA 40: FLARE-VM
20
Alternative Local System
    H 2: Windows 2016 Server Virtual Machine
15
Best Cloud System
    PMA 60: Windows 10 on Azure Cloud
15
Alternate Cloud System
    PMA 30: Windows 2016 Server on Google Cloud
15

PE Files and DLLs

PMA 105: Process Explorer10
PMA 102: Unpacking25
PMA 121: Unpacking with OllyDbg and pestudio50
PMA 122: PE Headers50
PMA 123: Importing DLLs45
PMA 124: DLL Hijacking15
PMA 125: Installing Visual Studio 201910
PMA 126: DLL Proxying20
PMA 403: API Monitor15

Debugging

PMA 301: x86 Assembler with Jasmin30
PMA 401. Simple EXE Hacking with Ollydbg120
PMA 402: Hacking Minesweeper with Ollydbg45

Kernel Debugging

PMA 410c: Kernel Debugging with LiveKD15
PMA 430: WinDbg Preview15
PMA 431: WinDbg Preview: Source-Level Debugging10
PMA 432: WinDbg Preview: Kernel Debugging35
PMA 433: Kernel Debugging with Breakpoints30
PMA 434: Debugging a Driver30

Exploit Development

ED 308: Exploiting "Vulnerable Server" (Local VM) · (Cloud)25
ED 309: Defeating DEP with ROP20
ED 318: Exploiting Easy RM to MP3 Converter30
ED 319: SEH-Based Stack Overflow Exploit (Win 2016) · (Win 10) 65

Bootkits

PMA 420: Bootkit Analysis with Bochs15
PMA 421: Understanding the MBR70

DOT NET

PMA 132: Reversing a .NET Executable40
ED 330: Using C# DOT NET20
ED 331: Dot Net Reflector45

PowerShell

U-Cen and U-Cyb: PowerShell75

Rust

R 10: Rust Basics, Overflows, & Injection35
R 20: Dangling Pointers & Memory Leaks in Rust35

Disassembly

PMA 303: IDA Pro40
PMA 304: C Constructs in Assembly15
PMA 510: Starting with Ghidra10
PMA 511: Ghidra Data Displays40

Windows Memory Protections

ED 301: Windows Stack Protection I: Assembly Code15
ED 302: Windows Stack Protection II: Exploit Without ASLR15
ED 303: Windows Stack Protection III: Limitations of ASLR15
ED 310: Windows Mitigations10

Malware Analysis

PMA 101: Basic Static Techniques50
PMA 110: capa15
PMA 131: Custom UPX25
PMA 221: Basic Dynamic Analysis60
PMA 222: Making a Windows Keylogger10

Assembly Language

Prepare a Linux VM

ED 30: Linux Virtual Machine  30
H 201: Google Cloud Linux Server  10
ASM 100: Basics  69
ASM 104: Bases & Printing  40
ASM 105: ASCII  20
ASM 110: Gdb  30
ASM 120: Files  55
ASM 200: Caesar Cipher  35
ASM 210: XOR  20

Virtual Machine Resources

Download Textbook Labs Here

Hypervisors

VMware Player (for Windows hosts, free)
VMware Fusion (for Mac hosts, 30-day trial)
VirtualBox (free for all platforms)

   

Zoom: https://zoom.us/j/4108472927 Password: student1