Although I’ve long had some interest in penetration-testing (aka “white-hat hacking”), I’ve wondered if it was just something that ‘sounded cool’ or if it’s something that I would actually enjoy – or if I would have any aptitude for it. After mulling it over for a while, I’ve now started working on some of the online “war games” at Over the Wire. The description on the site states
The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.
For this particular site, the user connects (using SSH on a custom port) to an internet-accessible server & attempts to find a ‘key’ – this is a text file containing a hexadecimal string that is used as the password for the next level. So far it’s proven to be fairly challenging, but enjoyable. It’s interesting to be able to use the skills & knowledge that I’ve built up over the years in new ways.
On a related note, I’ve recently updated my ESXi virtualization server, & am in the process of loading the “usual suspects” (RHEL, CentOS, Kali & Windows) back onto it, along with some images that I’ve grabbed from VulnHub. If I’m going to develop red-teaming skills, might as well become as well-rounded as possible, right??