[HN Gopher] Overthewire.org ___________________________________________________________________ Overthewire.org Author : ghostfoxgod Score : 247 points Date : 2023-08-27 11:53 UTC (11 hours ago) (HTM) web link (overthewire.org) (TXT) w3m dump (overthewire.org) | nickysielicki wrote: | It's cool to go through how much these challenges are | _irrelevant_ in 2023 due to things like ASLR, better compiler | warnings, etc. | LordShredda wrote: | They're irrelevant until you find a hospital cutting IT funding | and the devs don't know what they're doing. | jedimastert wrote: | Also adding an absolute classic (at least in my mind): | | https://www.hackthissite.org/ | d1str0 wrote: | I used to be a dev for them. HTS is how i got started with | computer science. | em-bee wrote: | i hate it when sites are posted with out any descriptive title | ;-) then i am curious, and end up getting drawn in. | | now i want to run: ssh level0 command to read | pw1 | sshpass ssh level1 command to read pw2 | sshpass ssh level | 2 ... | ghostfoxgod wrote: | Hahaha hop aboard, I am currently ssh-ing as well ;) | rgovostes wrote: | Coincidentally I just found the lost sources to a binary reverse | engineering challenge I wrote in 2010. Compile it without peeking | (use the "modern" branch, follow README instructions for patching | bomb.c). | | https://github.com/RPISEC/csci-4971-bomb | asicsp wrote: | See also: | | * https://linuxsurvival.com/ | | * https://old.reddit.com/r/linuxupskillchallenge/ | | * https://github.com/learnbyexample/TUI-apps (written by me, | interactive exercises for grep, sed, awk, etc) | ghostfoxgod wrote: | Thanks for sharing these. | ghostfoxgod wrote: | I'm also planning to jot down the approach and strategy into | short form blogs as and when I keep solving them and publish it | on my blogging site [1]. This will help me keep coming back to it | and revise it more easily. | | [1]: https://akashrajpurohit.com/ | natrys wrote: | Some more: https://pwnable.kr/play.php | dijit wrote: | I've been sort-of adjacent to a lot of these groups when they | were in their infancy (hackr.org darkdevelopments.com ssgroup.org | etc;) and it's really cool how the majority of the kids who were | running those sites in the 2000's are now so keen to create | _better_ environments for others to learn. | | Hackthissite and websec.fr are other excellent resources from the | same pedigree of people | jpfr wrote: | Nice. I recall there were .txt files in the filesystem where you | could leave your name and a shoutout after completing a level. | Mostly ,,Kilroy was here" equivalents. But it felt oh so 1337 | hacker to add yourself. Quite the motivation boost for a | teenager. :-) | | Also see https://microcorruption.com. You don't need Linux- | specific knowledge. It directly goes to MSP430 assembly. A nice | and compact introduction to exploiting binaries and embedded | systems. | dang wrote: | Related: | | _Wargames can help you to learn and practice security concepts | through games_ - https://news.ycombinator.com/item?id=29724594 - | Dec 2021 (26 comments) | | _The Bandit Wargame_ - | https://news.ycombinator.com/item?id=29708304 - Dec 2021 (1 | comment) | | _OverTheWire: Wargames to learn and practice security concepts_ | - https://news.ycombinator.com/item?id=16252873 - Jan 2018 (23 | comments) | | _Wargames_ - https://news.ycombinator.com/item?id=9878302 - July | 2015 (17 comments) | mrmincent wrote: | I recently completed a grad Cert in cyber security, and a large | initial part of the practicals were to just go through otw and | complete some of the lessons. It's a great resource, and had I | known about it before hand I probably wouldn't have bothered | paying so much for the course and just completed the otw | exercises instead :/ | ghostfoxgod wrote: | Asking out of curiosity, have you completed otw completely? How | much of it do you feel it helped you in your course? | | I'm already learning so much from the bandit exercises itself | (which I believe are for entry level folks) So completing all | of it would be so fascinating. | mrmincent wrote: | Nice! I certainly haven't completed all of them, just bandit, | the web based one, and one of the mediumish ones, and maybe | not even all of it, I can't remember which one tbh. | Definitely a fantastic learning resource, once my brain has | had a bit of downtime from the course I'm planning on going | back and doing more otw. | junkypuppet wrote: | Something similar for PowerShell: | | https://underthewire.tech/wargames | eqmvii wrote: | happy to see this every time it comes around | throw1234651234 wrote: | I treat overthewire as a practical bash refresher, rather than | learning how to hack. I can't get past the easiest set of | problems without spending a ton of time on it, but it's good to | remember the basics now and again. | mettamage wrote: | I trained a lot at hackthebox.eu | dancosta0601 wrote: | I have played it some years ago, it's very good to start learning | about wargames and hacking competitions | beardedwizard wrote: | You can't talk about OTW without talking about smash the stack. | The best part of all of these communities was the accompanying | irc channels, which are mostly dead now. Jduck, spender, many | other known names hung out and you could really learn from the | best if you could handle the abuse. The scene exists in kind of a | zombie state now, the games are mostly up to date but ... | lilboiluvr69 wrote: | Know of any modern communities with a similar spirit and ethos | in the same scene? | archgoon wrote: | The ctf community is fairly active. | | Http://ctftime.org | _def wrote: | > you could really learn from the best if you could handle the | abuse | | Care to elaborate? I assume there was cliche rough tone and | elitism going on, but I don't know | beardedwizard wrote: | The price for saying something ignorant was usually pretty | high in the form of verbal abuse, and you had to be willing | to cater to that elitist attitude in many cases. Infosec had, | and continues to have a gate keeping problem. The strange | thing to me is that the scene pretty much died, but these | zombies live on, half alive but without a strong community | talking about them. | | Btw not talking about spender or jduck here, just the scene | overall. | pooloo wrote: | That was pretty much any IRC community | psychphysic wrote: | There were always elitist channels but they'd be invite | only. | | The rest you could lurk in however much you wanted. | stevehawk wrote: | lol, been in #linux in the last.. say.. twenty years? | ghostfoxgod wrote: | Came across this site which was suggested by a friend of mine. | After solving few of the problems, I have reached the moment of | "wow I did not know about this at all" and it's exciting to learn | more about Linux ecosystem in general. | | Would highly recommend anyone who is keen to learn and explore | Linux. | | Shoot me a DM [1] if you wish to form a small group to solve and | discuss these questions together once in a while. | | [1] https://twitter.com/akashwhocodes | runnerup wrote: | I don't use X but I'd be interested nonetheless. Can email me | at HNrunnerup@protonmail.com | rs_rs_rs_rs_rs wrote: | Very good wargames! Learned a lot from them. | | My suggestion for those wanting more is | | https://exploit.education/ ___________________________________________________________________ (page generated 2023-08-27 23:00 UTC)