smashthestack on Linux

Ahh! I can't believe I am finally writing a post today. I didn't think I would even stop guessing passwords and come to write a blog post. Yes, I was guessing passwords. No, I have not forgotten any passwords. Then? If I have not forgotten any password and I am still guessing it, it simply implies, I was trying to hack into something. And well, that's true to an extent. Wait, What?! Yes and what I was doing is called Wargaming.

A Wargame, in a geek context is an ethical hacking environment provided to the user that is the stimulation of the vulnerabilities in the real-world software. The software can be any application, network protocol or operating system.
Then why the title says what it says? Because, I did so on Smash The Stack Wargaming Network, which hosts many such Wargames. Sounds interesting, right? This method will help you (and even me) to pickup and refine the techniques required to defeat the level which means a lot of learning will take place.

What is to be done?

You just need to move from the first level to the current last level of the game. I am writing 'current' because people keep on contributing in the game to increase its level. Each level in the game is structured progressively. For all the wargames in Smash the Stack, once we have completed the first level- we will get the credentials (password) for the next level. Which is again applicable for the succeeding levels.

Okay, How do I play?

I am per-assuming that you might have installed a linux-based operating system like Ubuntu etc. (don't worry if you have not then too you can play the game on your very own windows os).
To connect to any of the wargames, you need to have an SSH client (preferably, PuTTY or openssh). Then, we need to do SSH Port Forwarding. To install PuTTY on Ubuntu (or Debian or such-based OSs):

• Press Ctrl+Alt+T, to open the terminal.
• Type in sudo-apt-get update
• It will ask you the system password, enter it and press enter.
• Now type in: sudo apt-get install -y putty
• Now putty is successfully installed in your system.

Now to do the port forwarding, follow the following steps:

• Again go to the terminal by pressing Ctrl+Alt+T.
•  Now type in ssh localhost and press enter.
• It will ask you the system password, provide it.
• Now type in: sudo service ssh status and press enter.
• In the text on the screen, somewhere you will see active (running) in green.
• Congratulation the port forwarding is complete.
• Now press q to quit.

Now finally we need to connect to the game. Each wargame in Smash the Stack, has its own connection details: including the initial username, port and the initial password.
There are several wargames on Smash the Stack (Visit this page for game details). Here I take the example of the blackbox game.

• To connect to the blackbox game, type in: ssh -l level1 blackbox.smashthestack.org -p2225
• Now it will ask for the password. The password for first level is: level1
• Congratulations! You are in the game now.
• Now using the basic shell commands explore the files and directories for the password to level2.

For your help:

• Now type ls -a to view the files and directories (even the hidden ones) in the current directory which you can see by pwd command.
• Now we can see a file named login2 which may take us to the level2.
• So we try to run it by typing: ./login2
• We need the access code for this.
• And this is what need to be guessed!

So go play around yourself and find out the next password and move forward to the next level.
Note: You will find the port & game details along with tags on this link.