How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?

Pages

Thursday, June 21, 2012

PHDays Online HackQuest 2012 Is Over


Twenty days have passed since Positive Hack Days 2012, an international forum on practical security, wished goodbye to the visitors, but the echo of the words is still heard around. In particular, it tells about the Online HackQuest competition, which was on throughout the forum days on May 30 and 31 and carried on for two more weeks.

Any Internet user could take part in HackQuest. The participants were granted an access to a VPN gateway. Once connected, they were to find target systems and detect vulnerabilities in them. By exploiting the vulnerabilities, participants obtained access to a key (flag) in the MD5 format, which they were to send to the jury via a special form on their personal profiles. For each correct flag participants scored a corresponding number of points. A participant who totaled 100 points earlier than others won the competition.

HackQuest vs CTF

Besides, on the second the Online HackQuest participants had a real chance to influence the results of one of the PHDays CTF 2012 competitions. The How To Protect Money section offered a competition called $natch. The competition consisted of several stages. At the first stage, hackers were to take out money from a remote banking system specially crafted for the competition. Then, it was the turn of the CTF teams to join the competition. They had 4 hours to fix the security of the system. Finally, the HackQuest participates were to attack the systems during 30 minutes trying to take out money from the bank accounts of the CTF teams (for details see our blog entry).


The battle gained much attention: both sides did a good job. The intensive struggle was finally won by the CTF contestants. They saved almost all their money.

Out of Competition

The forum ended, but Online HackQuest lasted for two more weeks out of competition. Ten leaders are listed below:


We were glad to find Russians on the three prize-winning places :) The winners will receive keepsakes and prizes from the organizers of the forum.

We already have some ideas of how to make next Online HackQuest even more dynamic and intensive. For example, the battle between CTF teams and HackQuest participants can last a whole day instead of some 30 minutes. So, stay tuned! See you at the next Positive Hack Days!

1 comment: