Welcome to Smash The Stack

About Us

The Smash the Stack Wargaming Network is an ethical hacking environment that simulates real-world software vulnerabilities using challenges, which we call wargames. Each wargame allows learners from various backgrounds to test their knowledge, skills, and abilities in reverse engineering, web app pen-testing, software exploitation, and much more.

We primarily operate on Internet Relay Chat (IRC) where we have formed a coalition with OverTheWire and IO at Netgarage. All challenges are currently accessed using a secure shell (SSH) or a web browser.

This network is funded and operated by volunteers that make up the staff. If you want to contribute monetarily or with your time, feel free to reach out using our email or contact form.

Contact Us

Wargames

wargame status skill level admin
Amateria online Intermediate p1ra
APFEL offline Beginner s0ttle
BLACKBOX online Advanced dusty
BLOWFISH online Beginner eltt0s
CTF offline Intermediate staff
LOGIC online Intermediate mh/level
TUX online Intermediate staff

IRC

You can find us on IRC at ircs.smashthestack.org 6667 or 6697 (tls)

#social is our lobby. All Wargames have been consolidated into the #sts channel

FAQ

Frequently Asked Questions

The Smash the Stack Wargaming Network hosts several Wargames. A Wargame in our context can be described as an ethical hacking environment that supports the simulation of real world software vulnerability theories or concepts and allows for the legal execution of exploitation techniques. Software can be an Operating System, network protocol, or any userland application.

To connect to any of the Wargames you need an ssh client (openssh, PuTTy, SecureCRT). Each game has it's own set of connection details. You need to pay attention to the port and initial username. If you are using a unix variant simply type the following at the shell prompt: user@box:$ ssh -l level1 blackbox.smashthestack.org -p2225 when you are prompted for the password enter "level1" without the quotes. This information is also provided on the `io' wargame page. Once you are logged in read the text (MOTD: Message of the day) that is displayed on your screen.

The password for each level is located in different places depending on the game, but it will be located in one of the following locations: ~/.pass
~/passwd
/pass/

the MOTD will specify exactly where it is located for each game. To view it simply use /bin/cat

user@box:$ cat ~/.pass
user@box:$ cat /pass/level1
user@box:$ cat ~/passwd

Celebrate! \o/

Any OS will do. Windows, Linux, BeOS, MacOS, BSD, or VMS.

The goal of the games is for you to get from the first level to the (current) last level. Along the way you should pickup or refine any techniques that were required to defeat the level. The levels for each game are structured progressively. You start at the first level. Once you have completed the first level you will have the credentials to view the password for the next level. This is the same for all the games. To view your current credentials or userid type the following at the shell prompt: user@box:$ idthe text that is returned is your current user level status.

If you need help with a topic not covered in this FAQ you can utilize one of the following resources:
IRC Email GOOGLE

blah

If you want to contribute a level to any of the StS games send the level and exploit to staff@smashthestack.org

The focus of the games is not to get root, but you are welcome to try, if you manage to escalate your privileges to the superuser, we ask that you do not wreak havoc, instead we would appreciate an an email to staff@smashthestack.org notifying us of the deficiency so we can correct it.

No internet connection mebe?

No. See How do I ask a question?

PuTTy is a terminal emulator application that can act as a client for various protocols including SSH. It can be download here

To connect to IRC you need an IRC client. We provide a web based IRC client that you can use or you can download mIRC. If you are using linux, but have limited experience you can use xchat. If you're an irc warrior and use irssi or bitchx, STOP READING THIS FAQ! :P

Each level has a sub directory called public_html under the respective home directory. Inside that public_html directory is a file called index.html or tags.html. To add your tag simply use redirection...

user@box:$ echo "stacksmasher3 was heRe" >> ~/public_html/index.html

No. Posting solutions to wargame levels defeats the purpose and takes the fun out of it for others.

In the good old days there were no protections in place for buffer overflows. Modern incarnations of compilers (gcc) and the linux kernel have implemented several protection techniques. Here are some things you can do to enjoy Stack Smashing at Home

Contact Us

Copyright © 2002-2022 SmashTheStack. All rights reserved.
hacker button