Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Would anyone be interested in "Hacking Games"?
21 points by TallGuyShort on July 26, 2009 | hide | past | favorite | 18 comments
It seems to me that most 'true' hackers are generally interested in what the rest of the world considers hacking (i.e. - breaking into computer systems) but think it is lame to do so maliciously. I couldn't agree more - and I had an idea. Maybe this is completely unoriginal, and maybe this is actually highly illegal or widely frowned upon - but that's why I'm throwing it out there for comment. I think it would be fun to set up a monthly competition where a server is set up, and contestants attempt to be the first to hack the box (and achieving a specific goal like replacing the home page, or something like that). I'd be willing to run the contests and provide all the hardware, etc... I was thinking a series of games could focus on various Linux distros, or various versions of Windows, etc...

So I'm posting this to see if there's much interest in running such a contest (say, once a month or so), and if there's comments as to the other implications of such a game. Obviously, DoS attacks would be strictly against the rules, so as not to cause any problems for my ISP. Any thoughts?



Those things existed since at least 1997. CyberArmy had their own contests like this and they promoted people into "ranks"; the whole place had a cheesy forum/bbs feel to it and it didn't take long before someone decided to put them out of their misery and rm -rf'ed them out of existence .. including the game server.

Anybody who is anybody probably will not like the patronizing student/teacher role and he would certainly despise the sanbox; it might not just be your vmware image, but also your webhost, their colocated box, and every other box in that datacenter, and perhaps a few more wifis within an earshot from there -- all might be sent to the abyss of server hell, and your good name immortalized in a lulzful lamer log.

Do not invite the curiousity of bored people with something to prove. Do something else with your time, instead.


I don't know - there was a site back then (died because of admins, not hackers) called, I think, Digital Evolution (dievo.org?) that hosted a lot of security-related games, covering web-based stuff like SQL injection and going on to shell-based games where your focus was to elevate your privileges, usually by exploiting a small program given to you - sometimes with the source, sometimes without it.

And as far as I can remember, they never got "really" hacked. Damn, I miss that place. There were riddles, math games, sigh...


Sure, why not, but he is probably nullifying a few TOSes and other service agreements. The reason we put inane disclaimers and "get off my lawn" type message in /etc/issue is to cover our asses. If anybody from his network/hosting provider sees this he will surely get his account yanked by them before the baddies.


Although I'd find it fun to have a sandbox, I have to agree with this. It's dangerous territory, and someone will think you need to be taken down for good.


Don't fear being rm'ed, fear "tutoring" people on hacking. Anyone who is even remotely affiliated with the scene knows how offensive that is. The lady who ran the Happy "Mostly Harmless" Hacking site recived death threats, not to mention volumes of scatalogical rape-fantasy "fan fic".


I would be interested if you count. Perhaps I should post this in a new thread but here it goes..

I have seen a few "hacking" (cracking) games back in 1999-2002 but most of them where too simple to be interesting. They always had one clear solution, to a beginner in cracking like me, and you never got that feeling of accomplishment. Althouth I am still interested in cracking nowdays I'm wathcing it from the opposite side, i.e. what are the most common security threats and how do I keep my code safe from them. I have bought/read a few security/cracking related books/articles that were recommended or written by experts on the field but as they were too specific they were of no interest, except from an academic perspective, to me. E.g. phrack.org articles. What I would really love to see is some free course in cracking that would combine theory and practice in some sort of sandboxed environment that would be level and field based but more free than just having an assignment, e.g. find a way to create an sql injection to delete all entries in a db.

If there are any willing crackers on HN I would really appreciate it if they could share how they started cracking and what would be their recommended way for a beginner to start now. If this is too off-topic and/or illegal just say it, if it's not against rules I'll start a new thread.


A really good wargames sites used to be pulltheplug.org, I had some fun playing around there 5 years or so ago.

They seem to have moved to http://www.overthewire.org/wargames/ .


There are "Capture the flag" contests at DEFCON and other hacker conferences where teams each need to defend a machine and attack those of other players: http://en.wikipedia.org/wiki/Capture_the_flag#Computer_secur...


Heading out to DC17 this week myself. CTF and aCTF qualifiers are over, but people prepare for this stuff for months.


Check out:

http://www.google.com/#hl=en&q=hacker+wargames

http://www.nationalccdc.org/ http://isis.poly.edu/csaw/

Or my own work on the subject:

http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA481288&Locati...


There's always Uplink: http://www.introversion.co.uk/uplink/2/

It's got UI and plot issues and could be improved upon. (For instance, it's sometimes quite hard to let the game know you did the mission.)


I've seen contests like this held before. As long as it's all your hardware, and the contest isn't causing the network to crash (like you said, rule out DoS attacks), I don't see why anyone would have a problem with it.


Another context where you can take part in sandboxed, organised hacking contests -- sort of -- is some ARGs (alternate reality games). I've not seen anything recent that involved true hacking skills, but sometimes there can be some wonderfully fun puzzles (you know, beyond guessing that a fictional character's password is the name of their fictional pet). Laying the trail for these is also fascinating work.


The old Dark Signs were a lot like that - you "hacked" into computers by, say, finding bugs in the scripts they ran. It was really fun.

You can still find the game by searching through http://web.archive.org/web/*/http://darksigns.com - amazingly enough, the files are still present on the present-day site, they're just not linked anymore.


I can remember this game, with this nice Soundtrack :) It was one of my favourites free-games.


It's not exactly what you're looking for, but a friend of mine made http://www.hacker.org/ which is a bunch of games that are related to hacking plus some games where you have to write programs to play them.

(The "challenges" game is pretty close to actually having to hack, with various difficulties.)


Personally, I'd love to see these sorts of things set up locally. To say you'll disallow things or implement rules is just silly. Now, if you're on a localized network with no outside lines, all bets can be off and everyone can have a safe, fun time blowing each others machines to bits.


I've seen other websites and organizations do this. I think it's a great idea and a great way to build skills.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: