In this section I hope to include a number of write-ups on various hacking challenges. I’ll start by saying that I love hacking challenges. When done right, they are a great way to not only learn about computers and how they work, but also to cultivate a hacker’s mindset. By “hacker’s mindset,” I mean the ability to think creatively to solve problems, including —yes — making a computer program do something its creator likely did not intend for it to do.
On the flip side, producing write-ups for hacking challenges is also a great exercise. Not only do you have to solve the original problem, but you also have to explain your logic/reasoning and what led you to take the steps you took. It is one thing to break into a system, and quite another thing to document the process, particularly if that documentation is destined for someone who does not have a technical background.
That is what I would like to do here in this space. I want to break down hacking challenges for non-technical folks. A lot of people mistakenly think that you have to be a technical genius to be a hacker. Not true. It requires curiosity, tenacity, and a willingness to learn. Hacking requires you to be crafty…, and while an understanding of how computers work is part of solving a hacking challenge, you don’t have to know it all before you start. You can figure it out as you go along.
I hope to lead by example by “figuring it out as I go along” in the write-ups and explanations I provide here. I often find it frustrating to read a write-up where the author makes it seem as if they knew all along how to solve a challenge… and in the process make you feel silly for struggling. I will show you my process for problem-solving — mistakes, warts, and all — and hopefully it will help inform your own approach to solving problems and tackling some hacking challenges of your own.
Now, a lot of people are obsessed with getting the “right answer” when it comes to hacking challenges, and I want to stress that the point of a write-up is not to produce a copy of the right answer. Hacking challenges are for learning… getting the right answer (also known as “capturing the flag” in many hacking challenges) is just the cherry on top. For that reason, I won’t be providing the “flags” for write-ups I provide. Feel free to follow along for as many hints as you need to solve the challenge, but you’ll have to get to the answer on your own 😉
Lastly, thank you to daehee at Pwnable[.]kr for permitting posting of solutions for the challenges in the Toddler’s Bottle section on that website. Many challenge sites forbid posting solutions, saying that it ruins the fun for others. I personally have never had my fun ruined by someone putting solutions out on the internet… I would say if you don’t want the challenge ruined, don’t look up answers online. But I respect the time and energy these creators put into developing the challenges, and I will only post write-ups for challenges that permit it. If I inadvertently include a non-sanctioned write-up, please let me know so I can remove it.
And without further ado… on to the challenges!