5,305 views
HITB 2011 CTF – Reversing Vectored Exception Handling (VEH)
Introduction
Today we will have a look at a CTF binary from HITB pre qualifications CTF 2011:
http://conference.hackinthebox.org/hitbsecconf2011ams/?p=1333
This is an interesting binary to reverse because Vectored Exception Handling (VEH) was used in the challenge. As this was new to me, I documented how it works and wanted to share a short reversing write-up of the binary.
You can download the binary (windows_challenge.exe) here
Thanks to skier_ and the HITB crew for generating such an awesome CTF binary.
Come along………..and enjoy!
Fancy
Note: I used windows XP SP3 so maybe the addresses here in this video may differ from the addresses on your box.
Video
You can watch a full screen version here or download the video here
Interesting links:
http://msdn.microsoft.com/en-us/magazine/cc301714.aspx
http://msdn.microsoft.com/en-us/library/ms681420%28v=vs.85%29.aspx
http://msdn.microsoft.com/en-us/library/ms679274%28v=vs.85%29.aspx
© 2011 – 2021, Corelan Team (fancy). All rights reserved.