Thursday, September 25, 2014

Wargames

Since high school I've enjoyed playing online wargames. I can't remember which ones I started with, but the earliest web-based wargames I can remember were a good ten years ago on the Digital Evolution website. At the time I wasn't smart enough for the wargames you had to ssh into, especially when it came to levels involving buffer overflows and that weird shellcode stuff that I just copy+pasted from aleph one's famous phrack article, an article I would read through and pretend like I understood, but really didn't. But that changed over the years. I'm still no expert, but I know enough to know roughly what I need to do... just perhaps not how to do it. Yet.

Last year some time, a friend sent me a link to io.smashthestack.org. I worked my way through the first half-dozen levels before getting stuck and deciding there were way too many knowledge gaps for me to grind my way through.

I checked my ego at the door and went back to the basics of basics and treated myself like a rank beginner (since I am); I learnt some x86 assembly and played around a lot with nasm. This eventually led to writing my own shellcodes and testing them out. Now I needed to use the shellcode to make sure it was gonna work. So it's back to wargames...

I've ended up at blackbox.smashthestack.org and am working my way through. There are ten levels and I'm working on level six at the moment when I've got the spare time.

The Shellcoder's Handbook has been a great help.

After I finish this, I'll head back to io.smashthestack.org and continue working through its plethora of problems.