Currently at Level 5 on NetWars continuous. I don't have much longer left on my subscription: I have a couple months left. They don't only do NetWars at SANS conferences; they are offered at other conferences from time to time. I got it for free by winning it in a raffle at the NetWars Tournament in one of the cyber security conferences. I lucked out because the NetWars Tournament at that conference just happened to be included with the price of the ticket at the conference that I had attended. I encourage people to look at the conferences offered near their area and attend if at all possible. Look for perks like this: where NetWars is included and take advantage of it. Some conferences offer scholarships to pay for the cost of a ticket if money is an issue. Some conferences allow tickets for people who speak and extra for family members as well. Speaking is good experience, so if you can come up with a good speaking topic, go ahead and do so. I haven't done so because I don't do well speaking in front of crowds. I plan to work on that. (It's odd because I used to sing solos in front of crowds-that feels like a lifetime ago. I haven't sang in front of a crowd for a while now. Someone should come up with some sort of topic: the musical. That would be different. :))
I can't give answers about NetWars Continuous, and I won't because it is unethical, and I happen to like the people at Counter Hack Challenges and appreciate the effort that they put into it. I can give tips though.
Don't think of it as a chance to prove that you are an elite hacker and that you can win. Competition is fierce, and chances are, someone will be better than you are.
Do Think of it as a chance to learn. If you need to take hints, don't berate yourself over it. The whole point is to learn something.
Don't take all three hints at once, chances are, the first hint will be enough. Just research whatever is mentioned in it, via Google, or another favorite search avenue.
If you see a service, website software, process, or something else you don't know, search those via Google as well, chances are, you'll find a vulnerability that way.
If you see source code, like php, look very carefully at it. Any methods/functions you don't understand, look them up.
Don't underestimate simple commands: Sometimes it isn't an exploit that gets the keys to the kingdom.
Don't underestimate low/informational vulnerabilities in vulnerability tools. Sure, the red, shiny major exploits look awesome, but how easy are they to exploit? Sometimes the informational ones give you what you need.
Visit the blogs of the people who work at Counter Hack and SANS Pen Testing blog. There are a lot of clues there to figure out how to solve stuff.
That's how I got to level 5. Good luck.
No comments:
Post a Comment