Exploit Exercises

Exploit Exercises is magnificent: nice pre-packed virtual machines with a set of known vulnerabilities to learn various classes of security problem from. Fuzzing you own machines is never any fun, because the likelyhood of finding anything good is infinitesimal, and exploiting is usually harder than fixing, but learning the techniques against a host where you know the exploit will work is really interesting. It even has a nice little flag system where the objective in levelNN is to run /bin/getflag as user flagNN, so you know you have done it correctly.
I am having a terrible time doing the exercises, the second one in the first set took me like half an hour to figure out – and there are 20, but it is fun and so good for my brain.
As a useful aside for VirtualBox users, you likely need to switch the virtual machine’s settings from Bridge to NAT networking after importing the OVA, unless you happen to be set up for bridged networking. It complained at me until I did.

This entry was posted in Computers, Entertainment, General, School. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *