Corelan Team » 001_Security » Malware and Reversing » HITB 2011 CTF – Reversing Vectored Exception Handling (VEH)
HITB 2011 CTF – Reversing Vectored Exception Handling (VEH)
Today we will have a look at a CTF binary from HITB pre qualifications CTF 2011:
This is an interesting binary to reverse because Vectored Exception Handling (VEH) was used in the challenge. As this was new to me, I documented how it works and wanted to share a short reversing write-up of the binary.
You can download the binary (windows_challenge.exe) here
Thanks to skier_ and the HITB crew for generating such an awesome CTF binary.
Come along………..and enjoy!
Note: I used windows XP SP3 so maybe the addresses here in this video may differ from the addresses on your box.
© 2011, Corelan Team (fancy). All rights reserved.