[Write-up] BetterDoorThanAnNT - RedPwnCTF 2019

Aug 20, 2019

I made a write-up about the challenge BetterDoorThanAnNT from RedPwnCTF. This is my first look at Windows Internals, PEB and TEB. This write-up features some anti-disassembly techniques, dynamically resolved imports and some bonus about fixing a PE header.

This challenge was meant to be a static analysis challenge, as the PE was not executable due to a too big allocation on the stack asked from headers at startup, throwing a generic error that gives us no particular information about what was going on.

As this was solved during a CTF with my team SentryWhale, the write-up is hosted on its website, here.

writeup

WinInternals

anti-disassembly