How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?

Pages

Friday, August 17, 2012

Hack4Fun at PHDays

The forum Positive Hack Days not only discussed urgent issues of IS industry and became a platform for hacking battles, but it went in a very lively and positive atmosphere as well. Ending up with publications related to the forum competitive program, we are going to tell you about two funny competitions that became general favorites. They are Hack-T-Shirts and Too Drunk to Hack NG.

Hack-T-Shirts

Do you know the easiest way to show your individuality and positive spirit? Surely with clothes! Everyone could demonstrate his or her creativity and add visual appeal to the event. The competition lasted for two days. T-shirts, so necessary for the contest, were to be purchased, decorated and put on by the participants on their own :)

Alexey Sintsov from DsecRG took the first prize of this peculiar contest.


It is noteworthy that last year Denis Baranov from Positive Technologies presented a similar T-shirt (depicting the XXS vulnerability on the conference website) at ZeroNights 2011. So the score is 1:1 ;)


And there is an excellent write-up [ru] about the forum in Alexey's blog.

Too Drunk to Hack NG

It is a final chord of the competitive program. At the end of the second forum day the participants, slightly tired of various reports, hand-on-labs, and hacking battles, could try their skills in hacking web applications protected by a Web Application Firewall and demonstrate the ability to think straight in any situation. It was very exciting.


Any attendee who had reached the age of 18 was welcome to participate in the competition. All software and hardware required for the competition were to be brought by the participants themselves.

The attacked web application contained a limited number of vulnerabilities, consecutive exploitation of which allowed OS command execution. The whole competition took 30 minutes, and every 5 minutes the competitors whose actions caused a more frequent WAF reaction had to drink 50 g of tequila to proceed with the competition.


The winner was to be the first who would manage to capture the principal game flag on the stage of executing OS commands on the server. If the principal flag was not captured the winner would be the participant with the largest number of flags captured on other stages of exploiting the vulnerabilities. Vladimir Vorontsov from ONsec took the first place as the year before.

By the way, Vladimir published an excellent report on PHDays 2012 describing his victory in Too Drunk to Hack NG in his blog [ru].

The winners received prizes and gifts [video]. Congratulations once again!

1 comment:

  1. That’s really amazing and extraordinary blogs & can help those who get issues in searching this type of information.moviestarplanet hack

    ReplyDelete