Stumbled into this post after many years of not logging on to lowyat forum (and I was crazy bored from work). Just a couple of comments based on what I remember (and forgive me if you already know this). I used to do this as a hobby. But these days job and family have taken priority.

1. Nice to know ODA exists. In the past we usually used IDA (from Hex Rays). It might be an overkill for what you're doing, but since they have a free version now, it could be something you'd like to explore as part of your RE tools. It have very neat features especially the FLIRT libraries for compiler identification.
2. If you're reversing an EXE compiled from HLL, compilers usually add a stub. So the entry point you see from the PE header is not the one that points to your actual main(), or WinMain() for Windows apps. But if you're reversing an EXE built in assembly then of course the compiler stub doesn't exist.
3. PUSH adds the value to stack, POP removes it from stack to the selected register. PUSHing it's a typical Microsoft way of passing function arguments. And within the function, the arguments are accessed using reference to ESP. I think Borland (if it still exists) used a different method, but I don't remember the details now.

I saw the Sambal compiler thread. Very nice effort! PE stuff takes a bit of time to learn. I'm super rusty with that already. The way I learned PE was to reverse engineer how exe packers/cryptors worked though. Not sure if such things exist anymore. I believe those tools have a tendency to trigger AVs too nowadays.

IDA is very easy to use. I highly recommend to try it and compile some simple exe.

Interesting! I barely have time to do challenges, but I don't mind trying it offline if time permits. Do you happen to have the binaries for the 2020 challenge? The link is dead.

I did visit the site earlier and tried to download, and was still getting an error. But now it's working. Thanks!

The challenges are… quite challenging. There’s a lot more than just reversing exe/dll files. I’m quite new to non-exe type of malware analysis so I needed a lot of Googling to figure out and compare my findings to the solutions to understand where my gaps are if I’m stuck. At least I’m glad I’m still able to solve some of it without looking at the solutions.

But anyway, Ghidra is a pretty good disassembler, and totally free! Quite similar to IDA. And it even comes with a decompiler. The hex-rays decompiler that comes with IDA is not free.

I am interested, but not right now Something new at work just came up and I suspect this will take up most of my time for the next few months. I rarely use Linux so it's going to be rather steep learning curve for me. Have fun exploring the syscalls though I only learned about it while going through the 2014 Flare-on Challenge 6 about 1+ week ago.

The deadline for this work task is mid-November, *IF* there are no further delays. So yes, fingers crossed I'd be able to try You have a Github available for the project?

Yes I am! Still working on Challenge #7 though. But taking a break to sort out stuff at work.

Wah, Pascal. Never used it before. I had a brief look. The parsing of the syntax is quite primitive. I'm no expert with compilers but I remember stuff like tokenization of the syntax and lexicon (I think) parsers. With that said, you could explore using regex to parse the syntax?

Anyway, should we have a new thread to discuss this? We already hijack this kau kau already