* I haven't played with exploit-exercises yet (definitely will when I get some downtime), but I've had a blast solving the challenges at http://io.smashthestack.org:84. They are hosted so no need to download VMs. They have a several more here that I haven't played with: http://smashthestack.org/
* I recently came across a computer security course which used CTF virtual machines for an assignment (you can download the VM and see how you do against Tufts University students): http://www.cs.tufts.edu/comp/116/assignments/a04.php
* Offensive Security's "Penetration Testing with BackTrack" (PWB) course uses a series of CTF challenges as the final exam.
* Any recommendations on any encryption challenges in this style?
We are seeing a return to the old guild system of masterpieces as proof of ability and learning aid. I couldn't be happier. I'd love to see a mash up between stackoverflow's gamification and Offensive Security certification/teaching process.
I've never really had much luck with stuff like this.
Whenever I have tried to write code in the C to be deliberately vulnerable and have tried to overwrite memory etc it never seems to work in the way I expect.
For example I will have two arrays that are contiguous in memory (checking this with gdb) and I will then write a big set of values into one array that should overflow into the other. Then try and do something like print the values that should have been overflowed into but I often find I either get a segfault or that the values that are printed are actually the correct values assigned the the array that should be overwritten.
I haven't tried these specific puzzles with the VMs though. I always do -fno-stack-protector when compiling but I don't know if there is some other security mechanism that could be stopping it from working?
-fno-stack-protector does a number of things that interfere with "standard" smashing of the stack, You'll learn a lot if you keep stack protections in place!
Also, be sure to turn off Write^Execute memory pages and ASLR as another commenter has suggested.
Alternatively, you could try your hand at defeating these protection mechanisms yourself with a number of (relatively) newfangled techniques.
One thing to note is that gdb screws with memory allocation. Just because it looked that way while running gdb does not mean it will look that way when run normally.
Linux 2.6.12 an up implements address space randomization (randomly varies the location of the stack over a 8MB range) which could explain what you're seeing.
This looks awesome. I've taken a large interest in security over the last couple years and am always looking for ways to increase my knowledge in this space (FWIW, the Stanford crypto course has been great so far). This will be a good follow-on to that.
I think the curricula you are talking about are surprisingly few. In fact I think this website offers more interesting things than my Security class did. :)
* I recently came across a computer security course which used CTF virtual machines for an assignment (you can download the VM and see how you do against Tufts University students): http://www.cs.tufts.edu/comp/116/assignments/a04.php
* Offensive Security's "Penetration Testing with BackTrack" (PWB) course uses a series of CTF challenges as the final exam.
* Any recommendations on any encryption challenges in this style?
We are seeing a return to the old guild system of masterpieces as proof of ability and learning aid. I couldn't be happier. I'd love to see a mash up between stackoverflow's gamification and Offensive Security certification/teaching process.