Windows Internals CTF

With @sambowne, @djhardb, @KaitlynGuru, and @infosecirvin.

Scoreboard · Submit Flags

Final Scores from GRIMMCON 0X4

       

                                                       

Prepare a Windows VM

Recommended

PMA 40: FLARE-VM (20 extra)

Alternative Systems

PMA 60: Cloud Server on Azure (15 extra)
PMA 30: Windows 2016 Cloud Machine (15 pts)

Debugging

PMA 301: x86 Assembler with Jasmin30
PMA 401. Simple EXE Hacking with Ollydbg120
PMA 402: Hacking Minesweeper with Ollydbg45
PMA 403: API Monitor15
PMA 410c: Kernel Debugging with LiveKD15
PMA 420: Bootkit Analysis with Bochs15
PMA 421: Understanding the MBR70
PMA 303: IDA Pro40
PMA 304: C Constructs in Assembly15

PE Files and DLLs

PMA 121: Unpacking with OllyDbg and pestudio50
PMA 122: PE Headers50
PMA 123: Importing DLLs45
PMA 124: DLL Hijacking15
PMA 125: Installing Visual Studio 201910
PMA 126: DLL Proxying20

WinDbg Preview and Real Kernel Debugging

PMA 430: WinDbg Preview15
PMA 431: WinDbg Preview: Source-Level Debugging10
PMA 432: WinDbg Preview: Kernel Debugging35
PMA 433: Kernel Debugging with Breakpoints30
PMA 434: Debugging a Driver30

Ghidra

PMA 510: Starting with Ghidra (10 extra)
PMA 511: Ghidra Data Displays (40 extra)

Malware Analysis

PMA 101: Basic Static Techniques (Cloud)(20 pts + 30 pts extra)
PMA 102: Unpacking (Cloud) (15 pts + 10 extra)
PMA 110: capa (15)
PMA 131: Custom UPX (25 pts extra)

PMA 221: Basic Dynamic Analysis (30 pts + 30 extra)
PMA 222: Making a Windows Keylogger (10 pts extra)

Assembly Language

Prepare a Linux VM

ED 30: Linux Virtual Machine  30
H 201: Google Cloud Linux Server  10
ASM 100: Basics  69
ASM 104: Bases & Printing  40
ASM 105: ASCII  20
ASM 110: Gdb  30
ASM 120: Files  55
ASM 200: Caesar Cipher  35
ASM 210: XOR  20

Virtual Machine Resources

Download Textbook Labs Here

Hypervisors

VMware Player (for Windows hosts, free)
VMware Fusion (for Mac hosts, 30-day trial)
VirtualBox (free for all platforms)

   

New for GRIMMCON 0x4 3-13-21
PMA 123 link updated 3-17-21