Capture the flag events are competitions where participants face off to compete in different domains of computer securrity, such as finding and exploiting vulnerabilities. In contrast, a wargame allows you to try the same tasks on a dedicated, ongoing server. I suppose the latter is analogous to playing against an NPC.

Over the last week or so, I completed the Bandit wargame set up by OverTheWire. It’s the first in their recommended, ordered list of their wargames. The Bandit level is meant to be the most basic introduction.

I think it’s an introduction especially for those unfamiliar with using Linux. It’ll bring you up to speed in using some specific tools in Linux as well as teach you to do that for yourself. It involves mostly local-level things and a few levels which require tasks over the network (i.e. nc and ssh). There are a couple at the end that require “hacking,” but they’re otherwise directed tasks. I think what you get out of it will depend on your background, though if it’s too basic you will simply breeze through it anyway (no menial tasks here).

There’s one challenge I want to go back to optimize (and will teach me something important about how something in Linux works) and a command I want to look at because it caused a segmentation fault, but I think I will move on to the other levels. This is the SHA1 hash of the conatenation of the password for level 26 of Bandit and nyoshimizu (in that order): 2ac69396fc273902987a7f695e2f839158ea543a.