Category Archives: Reverse Engineering

Pwnium CTF – Kernel land write-up

So.. My first CTF writeup! I participated with a few others in the Pwnium capture-the-flag. One of the challenges I looked at was the Reverse Engineering challenge “Kernel Land”. The challenge gave a link to a binary with the tip: “The third Tick gives you the answer ;)”. After a first peek it appeared to be a linux binary:

root@kalipwn:~/Downloads# file kernel
kernel: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, not stripped
Continue reading

The Undocumented IsTopLevelWindow API

Once again I am astounded that such a simple, yet important API exists but is undocumented. I am talking about the IsTopLevelWindow function which is exported from user32.dll. As the name suggests it determines if a given window is a top-level window. I inspected User32.dll on Windows 7 and Windows 8.1 where it was present. Other Operating Systems may be supported. Continue reading