Thursday, May 14, 2009

Learn the Art of Exploitation

Have you ever wanted to feel what it's really like to actually compromise a system?

Odds are you've wanted to sharpen your skills, learn to actually hack but just don't have the time, the knowledge or an exploitable target that won't land you in jail.  That's all behind you now... welcome to's Capture the Flag exercise #5.

LAMPSecurity's exercise
"...designed to educate system administrators and developers on some common dangers and mis-configurations facing Linux,Apache,MySQL, PHP (LAMP) applications."
The great news here is that this is all 100% documented with step-by-step instructions, including the tools you'll need and all the coaching you can stand, all in one handy package.  Justin Keane and the folks over at are doing a phenomenal job of bringing these special images to you- so by all means go and use them to your advantage!  The only thing you'll need is VMWare player, some time, and your creativity! Home:

A review of the latest CTP exercise is coming soon!  (as soon as I have a minute to actually play with it); but if you have time to do a review and would like to guest-blog, please let me know!

1 comment:

ekse said...

Just "finished" the game. I managed to get root in approximately 2 hours. The challenge is nice, with a lot of stuff to look at (web apps, windows file sharing, email etc.). It was a tad too easy but I think it represents well what you could find in real life in a SME where servers are managed by a single technician.

All in all, the guys at did a great job and I think this is definitely worth your time.