eWeek Openhack 4
Results 1 to 6 of 6

Thread: eWeek Openhack 4

  1. #1
    Senior Member
    Join Date
    Oct 2002
    Posts
    181

    Smile eWeek Openhack 4

    I found this today

    http://www.eweek.com/category2/1,3960,600431,00.asp

    It's a hacking challenge to hack a web application, with prizes. It look the real deal as it held with Microsoft and Oracle and this is the forth of such challenges.

    I think it start Tomorrow

    The challenge can be found at http://www.openhack.com/

    Looks like it could be a bit of legal fun. Anyone else going to give it a go?

    SittingDuck
    I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"

  2. #2
    Senior Member
    Join Date
    Jul 2002
    Posts
    167
    Not me, I am weary of these legal hacking challenges. I can't help but to image big brother on the other end logging my IP. However I would kill to get a look at the system logs after this challenge. Imagine what you could learn!

    Nate
    [gloworange]rm -rf /bin/laden[/gloworange]

  3. #3
    lol it would b a laugh 2 see how many hackers they have caught i suppose it is 1 way of catchin most of these hackers out there iam not gonna do it i would pay 2 see the list of hackers and isp address they have caught.

  4. #4
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584
    hmm.. as far as i know, hacking challenges like this is usually held in an open area over a LAN. so you would have to be there yourself on the spot to do the challenge so the IP addresses wouldnt matter at all nor will there be any ISPs involved. The last challenge i heard of was quite funny really.. since the hackers couldnt hack into the system, they hacked eachother's systems instead (or so i heard). hehehe

    tho it is highly unlikely they willl bust you during this challenge. i mean, they DID offer the challenge.. its not that u did it without their permission or awareness.

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    324
    Hmm - best of luck...

    Port 25 is opened: SMTP
    Port 80 is opened: HTTP
    Port 110 is opened: Post Office Protocol - Version 3
    under BSD with Apache 2.0.43.

    You'll need it!
    \"I may not agree with what you say, but I will defend to the death your right to say it.\"
    Sir Winston Churchill.

  6. #6
    Senior Member
    Join Date
    Oct 2002
    Posts
    181
    Thats the idea, that task it hack via the web application.

    prizes will be awarded for the successful completion of any of five separate penetration tasks. These represent successively more serious breaches of security: a cross-site scripting attack, a dynamic Web page source code disclosure, a Web page defacement, a SQL injection attack and theft of credit card data from the database.
    All of the above can be achived via port 80

    But saying that from what I have read, it won't be easy. I expect that no one fill find anything. But I will still have a go, you never know.

    SittingDuck
    I\'m a SittingDuck, but the question is \"Is your web app a Sitting Duck?\"

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •