Court of Analysis and Testing

This is the second write up of windows exploit challenge Examenes from https://github.com/naivenom/exploiting in this post we will finish the last two remaining challenge I put the payload at my GitHub feel free to copy it: https://github.com/sleepyowl-beep/exploit_development/tree/master/EXAMENES-Challenge Without further ado! Let's Do This! Challenge 6:   Just like the previous challenge the program open the file named "example.txt" using fopen() function, read the first 20 bytes of the content and move it again to a different variable using strcpy to be used as parameter for function EXAMEN_L.009A10D0. Let's try to generate a new example.txt file that contains 200 characters and follow the program flow as we follow the called function, it turns out the function itself called another function named EXAMEN_L.009A1000 Inside the function, we can see there are a bunch of checks that we need to analyze. The first two red boxes show that our inpu...

It's been three months since my last post on windows exploit and RE, TBH I'm quite rusty so to keep up with the pace we will try to solve some challenges from https://github.com/naivenom/exploiting there is a section called "Windows Exploit Development - Exercises from CLS Exploits" this contains a handful of windows Exploit challenge that fit with my current skills(not too easy but difficult enough to force me to read the assembly code) Prerequisite: I run the challenge in windows 10 VirtualBox from https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ I suggest to download this VM since it's free and maintain by windows itself . Furthermore, throughout this challenge, I will use immunity debugger as the primary tool for analysis Challenge 1: Open the first challenge file with immunity debugger and you will see a ton of code inside such a small program. We can start the analysis by doing string analysis on the binary this would list all of ...