Exploit Exercises is magnificent: nice pre-packed virtual machines with a set of known vulnerabilities to learn various classes of security problem from. Fuzzing you own machines is never any fun, because the likelyhood of finding anything good is infinitesimal, and exploiting is usually harder than fixing, but learning the techniques against a host where you know the exploit will work is really interesting. It even has a nice little flag system where the objective in levelNN is to run /bin/getflag as user flagNN, so you know you have done it correctly.
I am having a terrible time doing the exercises, the second one in the first set took me like half an hour to figure out – and there are 20, but it is fun and so good for my brain.
As a useful aside for VirtualBox users, you likely need to switch the virtual machine’s settings from Bridge to NAT networking after importing the OVA, unless you happen to be set up for bridged networking. It complained at me until I did.
Web Presence
Page Navigation
Meta
-
Recent Posts
Random Quote
Religious mysticism is intellectual garbage. It’s a vestige of the old superstitious Dark Ages when nobody knew anything and the whole world was sinking deeper and deeper into filth and disease and poverty and ignorance. It is one of those delusions that isn’t called insane only because there are so many people involved.
— Robert M. PirsigCategories
License
Unless otherwise noted, this work is licensed under a Creative Commons Attribution-ShareAlike 3.0 United States License.