Games | Roothack.org

The Sirens have been designed to keep you learning.

You will be given access to a SSH shell on what we will refer to as "The Gateway" or "Hermes" from here on out. This is going to be your launching point and door into the rest of the games. Beyond here, nothing is safe and things may not be exactly as they appear. It is up to you to explore each new level you obtain and figure out the new vulnerability. As you progress in levels you will be tasked with various things that may or may not lead you to a new vulnerability.

### Points ###
If you login to http://roothack.org and you goto the 'Games' page, then the 'Sirens' section/tab, you should see a 'Redeem flag', and 'My Flags' tab. This is where your account management will happen for the Sirens.

You will want to create an account on roothack.org before you begin playing the game and check it throughout the games to see the live scoreboard and where you stand. Each time you discover a vulnerability within a level and move on to the next level, you will be rewarded with access to the "flag" for that level.

Sirens scoreboard:
http://roothack.org/games/sirens

These flags are stored in /flag/ on Erinys, and a custom program 'password' is used on Erebus, and you will want to pull the "token" out of each level's flag as you move along. This token will look similar to "sda@#$%gG". Once you obtain the token, go to http://roothack.org/games/sirens and click on 'Redeem flag'. Once again, this is important, as you will not get credit for completing the level unless you submit the token to the web portal.

### What to Hack ###
From your shell on this gateway, you have access to a few machines within the Roothack suite. Our intentions with this wargame were to step users through common tasks and methods a hacker will use to exploit a machine while teaching them. As you progress through the levels on the machines, you will find that you know more and more about how a hacker thinks, and what they are looking for.

Normally you would be required to figure out your network topology on your own as well as pick a target, however we are going to give it you to below. Please be advised that you ONLY have permission to exploit / compromise these machines.

From Hermes (the gateway):
192.168.155.100 erinys
192.168.155.101 erebus

### Hints ###
As you move forward in levels, you may feel you need a hint to help you along. We have created a directory called /hints/ on Erinys that contains a hint for each level. When you get stuck, look there first. If you are still unable to work out the process to the next level, grab a Roothack staff member in the IRC. If you are creative, you may be able to "social engineer" information from them or the others around you who have completed that level.

### The Process ###
Erinys is going to be where you want to start as it is our beginner machine and a great launching point to hit Erebus. We have designed Erinys to be a level based wargame that will take you through various vulnerabilities ranging from admin mistakes, to exploitable processes and on through vulnerable services. As you progress through Erinys, you will pick up skills and an understanding of what may await you on Erebus.

Erebus is going to be a more advanced system. You will find a need to understand services, the kernel, coding and networking in more depth. We have planted many things on Erebus for you to spend your time on, however be warned this is for more advanced players.

So here we stand, you with a shell and an IP. Let's see what you are made of...

Fire up your favorite SSH client, connect to sirens.roothack.org:8800 (ssh sirens.roothack.org -l wargames -p 8800
)
Username: wargames
Password: wargames