Prajwal's Blog

So I had this little idea of building an entire custom CPU instruction set architecture called Rune ISA from scratch - 42-bit instructions, 24-bit registers, a full VM in Python, an assembler, and a text-based RPG called Unknown Runes as a reversing challenge for ISSessions CTF 2026. It felt like the ISA needed more, so I uh made something.

So I was doing my internship at Trend Micro, and during my free time I was looking around at CTF challenges for ideas cause I was also a CTF Dev for ISSessions CTF 2026. One day, I asked a colleague of mine if he had any cool ideas and he showed me an article about a DEFCON challenge that had participants reversing a completely custom instruction set. I can't for the life of me find the link or even remember the challenge name (believe me I've tried finding it since), but the concept stuck with me like glue. A fully custom ISA, no documentation, just raw bytes and vibes, a true nightmare for the players ^w^.

So I was selected in one of the teams Sheridan is sending for cybersci and that meant I gotta prepare myself for the challenge, and what better way to do it than try a hard lab (I should have started with something easier, but atleast the pain was a learning experience). This is my writeup for BrainPan 1, or as I like to call it Brain Pain.

So my previous escapades into windows shellcoding led to me choosing to be more ambitious and thus deciding to try and make a Null byte free, Position Independent shellcode and embed that into an windows utility and having the shellcode to be executed by hijacking a ret call.

Basic Facts Components -         PASTA_MENTOR_PROMO_DEAL_agreement.docx.scr       (Initial Stage) [Program1.exe]      sha256 8d204db953fd7d637f8718f56fbecfbf93ebcc8e7402ce71d5c52b01689777a2       Program1.main.exe        (Second Stage) [Runs under InstallUtil.exe]      sha256 c7ce154d0ab5aec517829623f7b3b30a4e0ea6dc981fdf13134a8f263a062a9a   Malware Type: Injector/Info-Stealer  Windows PE | C# (stage 1) | Nim (stage 2)   --*--*--

In light of my previous success with handling windows API inside shellcode, I wanted to experiment more with what I had learnt.

I was busy making some mini hells for challenges for ISSessions CTF 2025, when I stumbled upon the idea of incorporating shellcode into it while learning about how to create malware (nothing illegal, promise). 

My first challenge as a part of the PMAT course, I have been provided a binary and been asked to analyse it, employing basic static and dynamic analysis methodologies I've learnt.