During the last year of my studies in cybersecurity, I had to create a CTF challenge. I focused on a Windows Kernel environment with a programming aspect (shellcoding part).
- Abstract -
This paper shows the different steps for the creation of a Windows kernel challenge. The building of the challenge is divided into the creation of the architecture, the client application set-up to communicate with the vulnerable driver and the conditions for the shellcode development. The player receives the details connection to start the challenge and tries to interact with the client application and create a shellcode that requires specific conditions. The core of the challenge is to develop a perfect shellcode to perform a privilege escalation and capture the flag. This challenge is to push people to learn more about how the Windows kernel works and how the communications operate between the userland and the kerneland through drivers.
- Keywords -
Windows; Kernel; Kerneland; Userland; Driver; Token; Shellcoding; Permissions; IOCTLS
🔗 You will find more details about this challenge here