[HN Gopher] Overthewire.org
___________________________________________________________________
Overthewire.org
Author : ghostfoxgod
Score : 247 points
Date : 2023-08-27 11:53 UTC (11 hours ago)
(HTM) web link (overthewire.org)
(TXT) w3m dump (overthewire.org)
| nickysielicki wrote:
| It's cool to go through how much these challenges are
| _irrelevant_ in 2023 due to things like ASLR, better compiler
| warnings, etc.
| LordShredda wrote:
| They're irrelevant until you find a hospital cutting IT funding
| and the devs don't know what they're doing.
| jedimastert wrote:
| Also adding an absolute classic (at least in my mind):
|
| https://www.hackthissite.org/
| d1str0 wrote:
| I used to be a dev for them. HTS is how i got started with
| computer science.
| em-bee wrote:
| i hate it when sites are posted with out any descriptive title
| ;-) then i am curious, and end up getting drawn in.
|
| now i want to run: ssh level0 command to read
| pw1 | sshpass ssh level1 command to read pw2 | sshpass ssh level
| 2 ...
| ghostfoxgod wrote:
| Hahaha hop aboard, I am currently ssh-ing as well ;)
| rgovostes wrote:
| Coincidentally I just found the lost sources to a binary reverse
| engineering challenge I wrote in 2010. Compile it without peeking
| (use the "modern" branch, follow README instructions for patching
| bomb.c).
|
| https://github.com/RPISEC/csci-4971-bomb
| asicsp wrote:
| See also:
|
| * https://linuxsurvival.com/
|
| * https://old.reddit.com/r/linuxupskillchallenge/
|
| * https://github.com/learnbyexample/TUI-apps (written by me,
| interactive exercises for grep, sed, awk, etc)
| ghostfoxgod wrote:
| Thanks for sharing these.
| ghostfoxgod wrote:
| I'm also planning to jot down the approach and strategy into
| short form blogs as and when I keep solving them and publish it
| on my blogging site [1]. This will help me keep coming back to it
| and revise it more easily.
|
| [1]: https://akashrajpurohit.com/
| natrys wrote:
| Some more: https://pwnable.kr/play.php
| dijit wrote:
| I've been sort-of adjacent to a lot of these groups when they
| were in their infancy (hackr.org darkdevelopments.com ssgroup.org
| etc;) and it's really cool how the majority of the kids who were
| running those sites in the 2000's are now so keen to create
| _better_ environments for others to learn.
|
| Hackthissite and websec.fr are other excellent resources from the
| same pedigree of people
| jpfr wrote:
| Nice. I recall there were .txt files in the filesystem where you
| could leave your name and a shoutout after completing a level.
| Mostly ,,Kilroy was here" equivalents. But it felt oh so 1337
| hacker to add yourself. Quite the motivation boost for a
| teenager. :-)
|
| Also see https://microcorruption.com. You don't need Linux-
| specific knowledge. It directly goes to MSP430 assembly. A nice
| and compact introduction to exploiting binaries and embedded
| systems.
| dang wrote:
| Related:
|
| _Wargames can help you to learn and practice security concepts
| through games_ - https://news.ycombinator.com/item?id=29724594 -
| Dec 2021 (26 comments)
|
| _The Bandit Wargame_ -
| https://news.ycombinator.com/item?id=29708304 - Dec 2021 (1
| comment)
|
| _OverTheWire: Wargames to learn and practice security concepts_
| - https://news.ycombinator.com/item?id=16252873 - Jan 2018 (23
| comments)
|
| _Wargames_ - https://news.ycombinator.com/item?id=9878302 - July
| 2015 (17 comments)
| mrmincent wrote:
| I recently completed a grad Cert in cyber security, and a large
| initial part of the practicals were to just go through otw and
| complete some of the lessons. It's a great resource, and had I
| known about it before hand I probably wouldn't have bothered
| paying so much for the course and just completed the otw
| exercises instead :/
| ghostfoxgod wrote:
| Asking out of curiosity, have you completed otw completely? How
| much of it do you feel it helped you in your course?
|
| I'm already learning so much from the bandit exercises itself
| (which I believe are for entry level folks) So completing all
| of it would be so fascinating.
| mrmincent wrote:
| Nice! I certainly haven't completed all of them, just bandit,
| the web based one, and one of the mediumish ones, and maybe
| not even all of it, I can't remember which one tbh.
| Definitely a fantastic learning resource, once my brain has
| had a bit of downtime from the course I'm planning on going
| back and doing more otw.
| junkypuppet wrote:
| Something similar for PowerShell:
|
| https://underthewire.tech/wargames
| eqmvii wrote:
| happy to see this every time it comes around
| throw1234651234 wrote:
| I treat overthewire as a practical bash refresher, rather than
| learning how to hack. I can't get past the easiest set of
| problems without spending a ton of time on it, but it's good to
| remember the basics now and again.
| mettamage wrote:
| I trained a lot at hackthebox.eu
| dancosta0601 wrote:
| I have played it some years ago, it's very good to start learning
| about wargames and hacking competitions
| beardedwizard wrote:
| You can't talk about OTW without talking about smash the stack.
| The best part of all of these communities was the accompanying
| irc channels, which are mostly dead now. Jduck, spender, many
| other known names hung out and you could really learn from the
| best if you could handle the abuse. The scene exists in kind of a
| zombie state now, the games are mostly up to date but ...
| lilboiluvr69 wrote:
| Know of any modern communities with a similar spirit and ethos
| in the same scene?
| archgoon wrote:
| The ctf community is fairly active.
|
| Http://ctftime.org
| _def wrote:
| > you could really learn from the best if you could handle the
| abuse
|
| Care to elaborate? I assume there was cliche rough tone and
| elitism going on, but I don't know
| beardedwizard wrote:
| The price for saying something ignorant was usually pretty
| high in the form of verbal abuse, and you had to be willing
| to cater to that elitist attitude in many cases. Infosec had,
| and continues to have a gate keeping problem. The strange
| thing to me is that the scene pretty much died, but these
| zombies live on, half alive but without a strong community
| talking about them.
|
| Btw not talking about spender or jduck here, just the scene
| overall.
| pooloo wrote:
| That was pretty much any IRC community
| psychphysic wrote:
| There were always elitist channels but they'd be invite
| only.
|
| The rest you could lurk in however much you wanted.
| stevehawk wrote:
| lol, been in #linux in the last.. say.. twenty years?
| ghostfoxgod wrote:
| Came across this site which was suggested by a friend of mine.
| After solving few of the problems, I have reached the moment of
| "wow I did not know about this at all" and it's exciting to learn
| more about Linux ecosystem in general.
|
| Would highly recommend anyone who is keen to learn and explore
| Linux.
|
| Shoot me a DM [1] if you wish to form a small group to solve and
| discuss these questions together once in a while.
|
| [1] https://twitter.com/akashwhocodes
| runnerup wrote:
| I don't use X but I'd be interested nonetheless. Can email me
| at HNrunnerup@protonmail.com
| rs_rs_rs_rs_rs wrote:
| Very good wargames! Learned a lot from them.
|
| My suggestion for those wanting more is
|
| https://exploit.education/
___________________________________________________________________
(page generated 2023-08-27 23:00 UTC)