Post Sun Dec 28, 2008 11:52 pm

www.smashthestack.org hacking wargame server

Starting mid-last year, I've been working on learning more about exploits, and in the process I found a neat site I wanted to tell folks about.  http://www.smashthestack.org has a number of different wargame servers.  The wargame servers host a progression of challenges where each challenge is dependent on the completion of the previous challenge. 

The challenges are *nix based, and range from very entry level to fairly complex.  The machines aren't truly a real world experience, as many of the features which protect servers from buffer and heap overflows in modern operating systems have been disabled, so if you are just learning about exploit creation then this is a great site.  In many of the challenges, the source code is provided, so in most challenges it should be fairly straightforward why the application is vulnerable.  Once you've figured out how to exploit the application and complete the challenge, there's the opportunity to add your name to "the wall", a web page for each level where folks can append their pseudonym or tag in order to let everyone else know they have completed the challenge.

In most cases, getting started is as simple as  sshing into one of the wargame servers.  From there, you should be presented with a message letting you know how to get started.  Many of the traditional tools needed to discover and create exploits are already present on the box, so you shouldn't need anything extra to get started.  All of the action happens on the servers. With the exception of potentially looking up shellcode through a tool like metasploit, a little bit of Google searching should be all that is required.

There is also a forum where questions can be asked, but unfortunately it isn't very active. There is an IRC channel for each server and a general social channel.  If you aren't familiar with IRC, there is a web based version linked off the front page of the site. 

If you need additional help with these challenges there are 2 books which served me well, and I used metasploit to generate the shellcode for the exploits.  The two books were "Hacking: The Art of Exploitation 2nd Edition", which I recently reviewed at http://www.ethicalhacker.net/content/view/224/2/,  and "The Shellcoder's Handbook".  I primarily used HTAoE, however for format string exploits, I used Shellcoder's Handbook as the explanation seemed to make more sense.

The challenges on this site should help solidify your understanding of some types of exploits as well as point out areas that require more work.  If you are interested in how exploits work and exploit development, then I recommend visiting the site and trying your hand at the challenges.  If nothing else, you should have a basic idea of where you stand, and you will probably have fun along the way.   
Last edited by apollo on Mon Dec 29, 2008 11:14 am, edited 1 time in total.
CISSP, CSSLP, MCSE+Security, MCTS, CCSP, GPEN, GWAPT, GCWN, NOP, OSCP, Security+