You can't talk about OTW without talking about smash the stack. The best part of all of these communities was the accompanying irc channels, which are mostly dead now. Jduck, spender, many other known names hung out and you could really learn from the best if you could handle the abuse. The scene exists in kind of a zombie state now, the games are mostly up to date but ...
The price for saying something ignorant was usually pretty high in the form of verbal abuse, and you had to be willing to cater to that elitist attitude in many cases. Infosec had, and continues to have a gate keeping problem. The strange thing to me is that the scene pretty much died, but these zombies live on, half alive but without a strong community talking about them.
Btw not talking about spender or jduck here, just the scene overall.
Community infosec does have an asshole problem, but not a gatekeeping problem.
Every single infosec community I grew up in was more than willing to share knowledge and the only requirements were a willingness to learn and ask questions. And skin thick enough to tolerate rudeness if there was any disagreement.
Unless I misunderstood what you meant by gatekeeping?
For sure, and still is in many cases. I'm used to it tbh, but the HN community has plenty of folks who don't understand and have no need to tolerate or adapt to that kind of stimulus.
I recently completed a grad Cert in cyber security, and a large initial part of the practicals were to just go through otw and complete some of the lessons. It’s a great resource, and had I known about it before hand I probably wouldn’t have bothered paying so much for the course and just completed the otw exercises instead :/
Asking out of curiosity, have you completed otw completely? How much of it do you feel it helped you in your course?
I'm already learning so much from the bandit exercises itself (which I believe are for entry level folks)
So completing all of it would be so fascinating.
Nice! I certainly haven’t completed all of them, just bandit, the web based one, and one of the mediumish ones, and maybe not even all of it, I can’t remember which one tbh. Definitely a fantastic learning resource, once my brain has had a bit of downtime from the course I’m planning on going back and doing more otw.
I've been sort-of adjacent to a lot of these groups when they were in their infancy (hackr.org darkdevelopments.com ssgroup.org etc;) and it's really cool how the majority of the kids who were running those sites in the 2000's are now so keen to create better environments for others to learn.
Hackthissite and websec.fr are other excellent resources from the same pedigree of people
Nice. I recall there were .txt files in the filesystem where you could leave your name and a shoutout after completing a level. Mostly „Kilroy was here“ equivalents. But it felt oh so 1337 hacker to add yourself. Quite the motivation boost for a teenager. :-)
Also see https://microcorruption.com.
You don’t need Linux-specific knowledge. It directly goes to MSP430 assembly. A nice and compact introduction to exploiting binaries and embedded systems.
Coincidentally I just found the lost sources to a binary reverse engineering challenge I wrote in 2010. Compile it without peeking (use the “modern” branch, follow README instructions for patching bomb.c).
Came across this site which was suggested by a friend of mine. After solving few of the problems, I have reached the moment of "wow I did not know about this at all" and it's exciting to learn more about Linux ecosystem in general.
Would highly recommend anyone who is keen to learn and explore Linux.
Shoot me a DM [1] if you wish to form a small group to solve and discuss these questions together once in a while.
I treat overthewire as a practical bash refresher, rather than learning how to hack. I can't get past the easiest set of problems without spending a ton of time on it, but it's good to remember the basics now and again.
This criticism is largely irrelevant. Mitigations like ASLR are not a silver bullet, they are one layer of a defense-in-depth.
You can't hope to exploit an ASLR'd executable without first understanding how to exploit a non-ASLR'd executable. If you want to exploit modern systems, you need to peel back those mitigations one by one (if you're lucky you can jump over multiple layers at once, but not always).
Further, just because mitigations exist, it doesn't mean they're widely deployed. As a recent and prominent example, the Nintendo Switch bootrom was pwned through a classic stack-smash with shellcode-on-stack in ~2018 (or 2017, for those in-the-know).
That said, there are more modern resources available these days, I'm also a fan of https://github.com/RPISEC/MBE, which kinda speedruns you up to the state-of-the-art (although it too is getting kinda old at this point - but things haven't changed that radically since 2015)
I'm not sure I would consider any of these to be relevant... just because the exploits don't work doesn't mean the skills learned to complete them don't transfer. by that argument HTML is irrelevant because everyone uses [JavaScript-Framework] now.
Do the skills actually transfer? If your goal is to learn assembly and/or how a computer executes code, you can probably learn that more directly by spending an afternoon on godbolt. If your goal is to learn computer security, I'm not sure there's really much transfer to be had here. Most of the interesting computer security things to know are at a much higher elevation now.
Many of these will simply not compile without explicitly disabling a compiler warning, and except in rare cases, the rop challenges are impossible.
I'm just commenting on what a huge win I feel it is for the software industry that in the past 15 years these went from "copy the binary to your local machine and it works exactly the same, gcc doesn't even warn about this" to "it doesn't realistically have this vulnerability when run on your machine, nor will it build from source on your machine."
edit: wikipedia is claiming linux has had ASLR since 2005 so maybe I'm wrong.
I'm also planning to jot down the approach and strategy into short form blogs as and when I keep solving them and publish it on my blogging site [1]. This will help me keep coming back to it and revise it more easily.
* https://linuxsurvival.com/
* https://old.reddit.com/r/linuxupskillchallenge/
* https://github.com/learnbyexample/TUI-apps (written by me, interactive exercises for grep, sed, awk, etc)