Friday, September 2, 2016

The Complete Skr1pt Kiddie Guide to Elite Hacker Games

The learning curve for information security (aka hacking) can be pretty steep. In addition to understanding tools, exploits, coding, and attack vectors, there's also absorbing the subversive thinking it takes to be a hacker. Nature vs. Nurture: Perhaps people are born with these traits, or perhaps they can be taught. I'd argue that if you're curious enough to try to learn, you've got the proper nature. Now it's time to nurture.

Example of old school hacking,
From the true-to-life 1983 documentary, Hackerman.
Back in the day, we had to learn these concepts by word of mouth, by finding a mentor or have hacker friends, or by brute-force figuring it all out our own damned selves. Moreover, computer equipment was expensive, so experimentation was prohibitive for most of us. To learn, we had to crack live systems which were someone else's property, which was both unethical and illegal.

Today, in this magical virtual world built by us old school hackers, we have the luxury not only of wikis, videos, training programs (some at actual colleges!), cheap hardware, and virtual machines to learn on, but we also have a fine collection of hacker games.

There are three categories of hacker games:
  1. Technical games involve the practice of actual coding or cryptanalysis.
  2. Hacker logic games which teach hacker thinking processes, but the interface and skill bears little resemblance to real-life hacking. 
  3. Hacker-motif games full of green-on-black facades, but with little relation to real hacking.
This list includes games in the first two categories, that is, games of substance that teach something about real hacking.

Click to embiggen.
(Remember to say "Enhance!")
And a quick note about what I mean by "hacking". I define hacking as "any attempt to subvert the designed purpose for a technology, to use it in a way that was not originally intended." This stereotypically include infosec, that is, breaking and entering computers and networks (and defending against said breaking and entering), but it also includes all manner of opening things up, figuring out how they work, and changing them. If you've ever soldered tiny cargo bays to your quadcopter so you can glitterbomb tourists in downtown Seattle*, you're a hacker.

* No confirmed sightings have been reported, however, if someone were to happen to create such a thing, I am completely not responsible.

I've not played all of these, so my description and categorization of them might be off. A listing with a checkmark means I've played it for at least 5 hours.

And listing of the game does not mean I vouch for it.

One last point: If you want to get the full value from these games, don't resort to walkthroughs! Googling how to do something is useful, because you're learning a skill and applying it to a new problem. But looking up the answer in the back of the book teaches you nothing. If you're "stuck", you should spend at least a few days pondering it  then and only then should you go looking for a hint. And I said *hint*, not walkthrough. Looking up the answer should be a last resort.

Lower Tech, Hacking Themed Games:

Look like a hacker, without all the mess!
(Seriously, he's wearing a TIE?!)
Most of these require download and install, for various platforms, including Windows, Linux, Android, and iOS. Some are web-based.
  • ✔ Digital: A Love Story 
    http://scoutshonour.com/digital/
    Story-based adventure game that simulates a 1988 computer environment. Solved through email and dialing into BBSes. Loved this game.
  • ✔ Uplink 
    https://www.introversion.co.uk/uplink/
     Simulated hacking environment, which simplifies hacking tools but retains the logic. Awesome game.
  • ✔ The Secret World 
    http://www.thesecretworld.com/
    An MMORPG that requires a hacker brain. Set in a dark version of the modern world of conspiracies, werewolves, and Lovecraftian bliss, it's a regular MMO in many ways: You have a character, get gear, and level up. But to get through the story, you have to solve actual puzzles, including cracking passwords on real (staged) websites. There's Morse Code in the early game that you have to transcribe in order to progress. (Which is harder than it seems if you don't know Morse Code.) As with Telehack, if you want to really learn the hacker mentality, you should solve all puzzles yourself (even if you're stumped) rather than fall back to the wikis and walkthroughs.
  • ✔ Hacker Evolution 
    http://www.exosyphen.com/page_hackerevolutionuntold.html
    A story-based game which, like Digital: A Love Story, immerses you by placing you at a simulated computer console. The story unfolds as you receive emails and take on hacking tasks. Again, the tech is simplified, but you still have to explore and think like a hacker.
  • HackNet 
    http://www.hacknet-os.com/
    The description says it's a "terminal-based hacking simulator."
  • Hacker Experience 
    https://hackerexperience.com/
    Virtual simulated hackable world.
  • Hacker Project 
    http://www.hacker-project.com/
    Story-driven hacking simulator. Web-based.
  • Slavehack 
    http://www.slavehack.com/
    Web-based hacking simulator.
  • Hacker Forever 
    http://www.hackerforever.com/guest.php
    Text-based browser and mobile multiplayer hacking simulator.
  • Secret Republic 
    http://secretrepublic.net/
    Multiplayer hacking simulator.
  • Mainlining 
    https://www.kickstarter.com/projects/mainlining/mainlining/description
    This adventure-style hacker sim does not yet exist, and is still in Kickstarter. Consider supporting it! Hat Tip: @virtuity
  • Geek Typer 
    http://geektyper.com/
    Totally not even a game. But that doesn't matter. Fake it till you make it. Type like a geek!

Technical Hacking Games:

Typical scene from DEFCON. Learn the skillz to be legit.
Most of these technical games are web-based and require no installs. Most are free.

Bonus Category: Advanced

It's not stupid. It's advaaaanced!
These aren't technically games, but rather, hacking testbeds that you can set up on your own system and challenge yourself to complete them all.
  • SQLi-Labs 65 SQL Injection Labs 
    https://github.com/Audi-1/sqli-labs
    Mess around with SQL Injection to learn how Little Bobby Tables got his Master's Degree.
  • Metasploitable VMs 
    https://sourceforge.net/projects/metasploitable/
    Metasploit is a hacker tool that assembles an impressive number of scanners and exploits into one powerful machine. Metasploitables are downloadable virtual machines with known vulnerabilities, so you can practice using Metasploit without breaking any laws. The idea is you grab a VM of something like Backtrack or Kali Linux (which come pre-installed with Metasploit and other tools), and a Metasploitable, and pit the two machines against each other, all while learning both offense and defense. I've been thinking about doing this and live streaming my learning process on Twitch, but this is a project I will likely never get around to.

Want More? So do I.

If these aren't enough, there's a bunch more on this link which I haven't sorted yet: http://hiddenspider.net/links/hacker-games

And once, maybe 15 years ago, I stumbled upon a game where you have to solve various elements hidden within the static HTML, and other 4th-wall breaking puzzles, to advance. I think of it often, and I wish I could remember the name of it so I could find it again! If it still exists. If you know of this game, please tell me in the comments.

I'm highly interested in finding more, especially those teaching real technical skills. Please let me know in the comments, and I'll add them to the list.


5 comments:

  1. Awesome list of great games. Thank you for sharing. My son and I went to the Crypto Club website, and encoded and decoded messages. It was a lot of fun.

    ReplyDelete
    Replies
    1. Awesome! I hope you have fun playing some of the other games as well. :)

      Delete
  2. For some programmers a standout amongst the most enchanting features of the employment is figuring out how to make hindrances that even they can't penetrate. In the event that you've ever used a firewall, then you have procured the benefits of fruitful white hacking. check out here

    ReplyDelete
  3. If you are talking about the web based scavenger hunt from the late 90s early 2000s it was called Daemon. It is gone now. The sites necessary to complete the game are likely gone now.

    ReplyDelete
    Replies
    1. It might have been. That sounds a little familiar. And sad that it's gone. I always get sad about tech-related stuff that is now gone. :'(

      Delete