mirror of
https://github.com/ashemery/exploitation-course
synced 2024-06-28 09:53:44 +00:00
Lab_01 fileS
This commit is contained in:
parent
36fc5be022
commit
6d13f9378e
27
labs/lab_01/Lab_01.txt
Normal file
27
labs/lab_01/Lab_01.txt
Normal file
@ -0,0 +1,27 @@
|
||||
Analyze Windows PE File using CFF Explorer
|
||||
|
||||
01. What is the magic no. (DOS header) and signature (PE header) of the file?
|
||||
|
||||
02. For what architecture was this file built for and which entry gave you the answer?
|
||||
|
||||
03. What is the base address of the code section?
|
||||
|
||||
04. How many sections does this file have?
|
||||
|
||||
05. What is each section used for?
|
||||
https://www.hexacorn.com/blog/2016/12/15/pe-section-names-re-visited/
|
||||
|
||||
06. Can you change a section’s flag? How?
|
||||
|
||||
07. How many libraries is this file importing?
|
||||
|
||||
08. Do you know what functions are being imported?
|
||||
|
||||
09. Did you find any export table? Why do you think, no table was found?
|
||||
|
||||
10. What is the address of the entry point, and to what section it points?
|
||||
|
||||
Resources:
|
||||
https://www.asciitohex.com/
|
||||
Life of Binaries, opensecuritytraining.info
|
||||
https://docs.microsoft.com/en-us/windows/win32/debug/pe-format
|
BIN
labs/lab_01/putty.exe.7z
Normal file
BIN
labs/lab_01/putty.exe.7z
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user