The security of banking systems became one of the key topics at Positive Hack Days III. Discussions, contests and hands-on labs on banking systems were held during the forum.
Anatoly "heartless" Katyushin, a student from the Samara State Aerospace University (Samara, Russia), hacked a remote banking system during the $natch competition and "stole" 4,995 rubles. The contest consisted of two rounds. at first, virtual machine copies with vulnerable web services of the remote banking system (a real I-banking system analog) were provided to the participants. In the second round, the hackers needed to exploit the discovered vulnerabilities and steal as much money as it was possible.
Positive Technologies developed a test remote banking system PHDays I-Bank for the contest and included typical vulnerabilities.
The participants had one hour to exploit the security problems that were discovered during the first round of the contest and to transfer the money to their account. The system contained 20,000 rubles. The winner manages to "steal" only 4,995.
Asteros, the forum's partner, doubled the sum.
"It took about 4 hours to detect security problems in the system's image. Then we needed just to write a script to automate the vulnerability exploitation," — Anatoly Katyushin said at the end of the contest.
Omar Ganiev (beched), a student of the Department of Mathematics at the Higher school of economics, took second place "stealing" 3,277 rubles.
"I didn't win last year, because of a script error. But this time I manage to take second place," — said Omar Ganiev.
Other participants didn't get a ruble from the PHDays iBank.
Anatoly "heartless" Katyushin, a student from the Samara State Aerospace University (Samara, Russia), hacked a remote banking system during the $natch competition and "stole" 4,995 rubles. The contest consisted of two rounds. at first, virtual machine copies with vulnerable web services of the remote banking system (a real I-banking system analog) were provided to the participants. In the second round, the hackers needed to exploit the discovered vulnerabilities and steal as much money as it was possible.
Positive Technologies developed a test remote banking system PHDays I-Bank for the contest and included typical vulnerabilities.
The participants had one hour to exploit the security problems that were discovered during the first round of the contest and to transfer the money to their account. The system contained 20,000 rubles. The winner manages to "steal" only 4,995.
Asteros, the forum's partner, doubled the sum.
"It took about 4 hours to detect security problems in the system's image. Then we needed just to write a script to automate the vulnerability exploitation," — Anatoly Katyushin said at the end of the contest.
Omar Ganiev (beched), a student of the Department of Mathematics at the Higher school of economics, took second place "stealing" 3,277 rubles.
"I didn't win last year, because of a script error. But this time I manage to take second place," — said Omar Ganiev.
Other participants didn't get a ruble from the PHDays iBank.
Thanks for sharing this guidelines with us, That's truly very helpful for me, Keep posting
ReplyDeletecheap alarm monitoring
I have read your blog. It’s very interesting, and informative. Thanks a lot for sharing a very useful and beneficial content. For more information about Russian systema please visit our website.
ReplyDeleteFinally! I saw it on http://essayguard.com/services/research-paper-writing before. The coders' wars (or how do you call the competition) was long anticipated. We have to ruin the stereotyped picture emerging in one's head whenever someone says (s)he does coding. These guys know how to craft a research paper with writing services reviews and are everything but shy nerds!
ReplyDeleteLike for more generate the homepage a great game for the mahjongg dimensions free online.
ReplyDeleteIt's clear for me that writing means a lot these days. You can take a look here and learn more about narrative essay topics
ReplyDeleteBest version for android of https://asphaltguided.com/
ReplyDelete