How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?


Tuesday, April 30, 2013

PHDays III Contests Program: Hacking ATM and SCADA, Passing the Labyrinth

The participants of Positive Hack Days, which will be held in Moscow on May 23-24, will hear the reports of well-known experts in information security, partake in hands-on labs, support a CTF team — and this is not all there is to it. The forum guests will have the opportunity to try themselves in fascinating competitions. We would like to bring to you attention the list of contests that will take place during Positive Hack Days III at the WTC Moscow.

Contests held at the venue

Please note that it is necessary to bring your laptop with you to take participate in most of the contests.

Choo Choo Pwn

The contestants will be offered to choose access to communication systems of industrial equipment or HMI systems. The goal is to independently obtain access to a model of a control system of a railroad and cargo re-loading by exploiting vulnerable industrial protocols and to bypass SCADA systems authentication or industrial equipment web interfaces. There will be video surveillance, and, as an additional task, the competitors will be offered to affect the surveillance system.


Labyrinth is the most unusual and large-scale amusement ride in the history of PHDays. Anyone will have the opportunity to try themselves in the art of hacking: to get over the laser field and motion detectors, try skills in security analysis of present-day information systems, remove bugs, combat with artificial intelligence and render a bomb harmless. To get through the Labyrinth, the participants will need some skills in dumpster diving, lock picking, application vulnerabilities detection, social engineering, and of course there is no way without sharpness of mind and physical fitness.

Leave ATM Alone

The competition challenges the participants' skills in exploiting various vulnerabilities in ATMs. The software is developed for PHDays III and does not exist in real life, but it contains most types of vulnerabilities in such systems. The contest consists of two rounds: first, the participants search and exploit vulnerabilities in the ATM system, and then the finalists are to perform similar tasks being constrained by time.


During the competition, the participants check their skills in exploiting common vulnerabilities in web services of the remote banking system. Real vulnerabilities in the I-bank system applications, which were discovered by the Positive Technologies specialists during security analysis if such systems, will be presented in the contest.

The contest consists of two rounds. Virtual machine copies with vulnerable web services of the remote banking system (a real I-banking system analog) will be provided to the participants. During the time defined by the organizers, the participants should discover vulnerabilities in the system. Then the participants should exploit the vulnerabilities they discovered to withdraw funds.


This year, every guest will have an opportunity to view him- or herself as Dade Murphy from Hackers. Anyone will have the opportunity to compete in controlling a futuristic bolide in arcade racing.


Unlike last year, hands-on labs and competitions in lock picking will be presented this year. This Lockpick Village will be presented by Deviant Ollam, Babak Javadi, and Keith Howell, members of TOOOL, The Open Organisation Of Lockpickers. New applicative knowledge, interesting practical problems and many challenges are waiting for the guests of the forum.

Fox Hunting

The participants are offered to detect of wireless access point 802.11 a/b/g/n with a known ESSID identifier. The access point location will change from time to time.

The participants should identify exact coordinates of the current location of the wireless access point (a fox) and notify the organizers. The participant who catches more foxes than others do, wins the contest.


The goal is to call a certain number from a coin-box telephone. The coin should be returned to the organizers. The results of the contest will be announced on the second day of the forum. The originality of the method being used to complete the task will be considered.

The participants are not allowed to perform any actions that may damage the coin-box telephone.

Big Shot

A participant of the contest will receive a photo of a person (it won't be easy to identify the person pictured) and certain features of the person. The person will be present at the forum and the participants should identify him or her and perform certain actions (for example, to get his or her business card or to get him or her photographed).


The participants should perform an attack against a web application equipped with a security filter. The application contains a finite number of vulnerabilities, the exploitation of which allows executing the operating system commands.

The contest total time is limited to 30 minutes. Every 5 minutes the participants those participants who attacked WAF more often are offered to have a drink and then continue. The participant who receive the main flag when executing commands on the server, wins the contest

Best T-Shirt

There is no need to be an expert in information security to partake in the forum contests, rich imagination can fix the problem.The one who wears the coolest hacking T-shirt will get the prize from the forum organizers.

The contests winners and participants will get presents from Positive Technologies, the Positive Hack Days organizers. Anyone will be able to prove himself!

You can register to participate in Positive Hack Days III on the RUNET-ID site.

Online contests

Those who won't be able to be present at the forum in the WTC Moscow can participate in online contests.

Hash Runner

The contest challenges the participants knowledge in hashing algorithms and skills in hacking passwords hash functions. The competitors are given a list of hash functions generated according to various algorithms (MD5, SHA-1, Blowfish, GOST3411, etc.). To win the competition, a participant is to score as many points as possible during a limited period of time, leaving the competitors behind.

The competition is open for any Internet user. Registration will be opened on a week before the forum starts.

Competitive Intelligence

During the contest the participants will find out how good they are at searching information in the Internet.
Questions related to a certain organization will be published on the contest's page.

The goal is to find as many right answers to these questions as possible for a short period of time. The results will be announced at the end of the second day of the forum.

The competition is open for any Internet user. You can register on (registration will be opened a week before the forum starts).

PHDays HackQuest

Organizer: @ONsec_Lab (

Everybody is welcome to participate in the hacking competition PHDays HackQuest ( A good mood and perfect brain training are guaranteed!
We will try to make you sink into the almost forgotten world of DOS and 8-bit music, to evoke nostalgic feelings and fill you with positive emotions facing the international forum PHDays III.

Date: May 1-13, 2013
The winners will receive keepsakes and tickets to the international forum on information security PHDays III.

1st place: 5 tickets + 5 T-shirts
2nd place: 4 tickets + 4 T-shirts
3rd place: 3 tickets + 3 T-shirts
4th—10th places: 1 ticket + 1 T-shirt

Full list of contests is available on forum's website.


  1. Thanks for sharing.I found a lot of interesting information here. A really good post, very thankful and hopeful that you will write many more posts like this one.

  2. It will be great idea for students to read It was really helpful for me in college when I had to write my world peace essay.

  3. This comment has been removed by the author.

  4. Thanks for the information. I didn’t t even know that there was such a program. But I know that there is an excellent site where you can find information on how to write an expository essay, argumentative essay, admission essay.

  5. This is really good blog information thanks for sharing .I am really impressed with your writing abilities

    โปรโมชั่นGclub ของทางทีมงานตอนนี้แจกฟรีโบนัส 50%
    เพียงแค่คุณสมัคร Gclub กับทางทีมงานของเราเพียงเท่านั้น
    สมัครสล็อตออนไลน์ >>> goldenslot
    สนใจร่วมลงทุนกับเรา สมัครเอเย่น Gclub คลิ๊กได้เลย

  6. Excellent Post as always and you have a great post and i like it thank you for sharing

    เว็บไซต์คาสิโนออนไลน์ที่ได้คุณภาพอับดับ 1 ของประเทศ
    เป็นเว็บไซต์การพนันออนไลน์ที่มีคนมา สมัคร Gclub Royal1688
    และยังมีหวยให้คุณได้เล่น สมัครหวยออนไลน์ ได้เลย
    สมัครสมาชิกที่นี่ >>> Gclub Royal1688

  7. Thanks for sharing.I found a lot of interesting information here. A really good post, very thankful and hopeful that you will write many more posts like this one. APKdodo snaptube Mobdro

  8. Thanks for such an informative article. I have some ideas for analytical essay topics now. Visit my blog to see them.

  9. I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
    Cyber Security Projects for Final Year

    JavaScript Training in Chennai

    Project Centers in Chennai

    JavaScript Training in Chennai

  10. Hello, thanks for sharing this interesting information I appreciate reading. Moreover, the material presented here will be useful for a lot of people. Personally I will use it in my nike vs adidas marketing strategy.

  11. obat kuat terbaru vitamale asli hwi cod jakarta utara yang sudah memiliki izin resmi dari bpom kini banyak diburu oleh pria dewasa untuk memelihara stamina pria saat bercinta bersama istrinya baca selanjutnya . kapsul ajaib dari erogan asli kapsul obat kuat dapat menambah stamina pria sekaligus dapat memperbaiki ukuran alat vital pria yang dapat membantu masalah biologis secara sempurna. obat dari cina seperti nangen asli zengzhangsu obat kuat impotensi dapat mengobati impotensi jika anda konsumsi secara rutin dalam 2x sehari dapat menyembuhkan secara total. levitra asli 100 mg obat disfungsi ereksi yang banyak dicari oleh kalangan pria yang ingin mendapatkan ereksi keras, kencang dan tahan lama hingga mampu klimaks secara berulang-ulang. vimax pills adalah ramuan khusus sebagai obat pembesar alat kelamin yang terbuat dari ramuan herbal yang sudah diracik dengan teknologi modern ala canada klik tautan .