Windows Crash Course


Windows Warzone

Learning to work in a new operating system is like learning to walk for the first time again. Start your journey by revisiting early concepts in a new guise.

Note: This dojo is slowly being developed, including iterating on infrastructure support. Functionality is subject to change!


Lectures and Reading

To get started:

  • Launch the challenge and enter the normal linux environment.
  • The windows VM should autostart, this may take a moment
  • You can manually control the windows vm with the windows command, ex: start, stop, or connect similar to the linux vm command
  • The Windows desktop gui is accessible over the web at https://pwn.college/workspace/desktop-windows. Other details:
  • Starting the VM from a practice environment will grant you administrator privileges on the windows machine. You may need to "log out" and "log in" again before the windows environment acknowledges this.
  • The flag is located at C:\flag.
  • Your linux home directory is accessible via the Windows Z drive .
  • The challenge binary is located on the Y drive in Windows and /challenge in Linux.

Use the windows VM in practice mode to leverage the installed tools and develop your exploit.

In order to obtain the flag, run your exploit FROM THE LINUX ENVIRONMENT targeting tcp port 4001. There is a proxy service running inside the windows VM with elevated permissions.


Challenges

Smoke Test - start windows VM - Connect to port 4001

Straightforward Buffer Overflow

BOF with ASLR enabled

What if win is in a DLL?

Call a WriteFile in shellcode

Find and call WriteFile

Now get the flag yourself.


30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

Rank Hacker Badges Score