About this blog:
I created this page to follow my journey through the world of hacking. The term “hacking” is very broad, so to be more specific this blog will focus on hacking software.
That’s still a pretty large field, so let’s break it down a bit:
- Binary Exploitation
- Web App Exploitation
- Cryptography Cracking
My main method for learning will be participating in CTF challenges.
CTF (Capture the Flag) challenges are systems that are set up with the purpose of being exploited. The goal is to gain enough access to the system to retrieve a flag, which is often a text file in a specific place.
There are several CTFs available at various websites. The ones I will be working with mostly are:
- http://microcorruption.com
- http://hackthebox.eu
- http://overthewire.org
- http://cryptopals.com
- http://ctf.hacker101.com
Microcorruption is the most unique one here. It focuses purely on native exploitation, which is the act of exploiting a binary file in order to gain control of the code. This is quite different from other CTFs which require penetration test, and often web application exploitation. It uses the MSP430 architecture, which has very straighforward assembly.
Although other CTFs may require binary exploitation as part of the challenge, Microcorruption has created a custom interface and software stack which allows the players to focus purely on the native exploitation aspect.
In short: It’s awesome, and has taught me quite a lot about how computers work. Assembly used to be a scary, arcane thing to me. No longer!