How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?

Pages

Tuesday, May 21, 2013

WAF Bypass at PHDays III

During the Positive Hack Days a competition for enthusiasts and experts of web application security will take place. The challenge organized by forum's technological partner ICL-KME CS company provides an opportunity to test oneself in exploiting vulnerable web applications protected by a Web Application Firewall.

Rules
The participants will be offered to attack (or demonstrate the attack possibility) for the purpose of gaining data from a DBMS and file system. There are several vulnerable web applications in the contest. All attacks exploiting any SQL injection vector, inclusive of gaining file system access, OS commanding, brute force and binary search attacks are counted. Attacks exploiting other vulnerabilities (e. g. buffer overflow in the web server or DBMS server) are not counted. The winner is the first who obtains access to all specially crafted data (flags). There are three flags in the competition. If several competitors implement different techniques of exploiting the same vulnerability, the winner is the person whose attack allows obtaining the same DBMS data set using the least number of queries to the server.

Participation Terms
Any PHDays III is welcome to compete for prizes. The competition will last throughout the forum. To receive the prize, the winner should provide his or her contact information (name, phone number, postal address) or be present at the award ceremony in person.

Prizes
The winner will receive a special prize from the forum’s technological partner, ICL. The people who took first five places will receive prizes and souvenirs from the PHDays organizers (Positive Technologies) and the ICL company.

Technical Details 
The selection and usage of equipment that may be needed is up to the participants. You will need any mobile device with a Wi-Fi option to partake in the contest.

10 comments:

  1. In my opinion, info from https://dissertationauthors.com/blog/everything-students-need-to-know-about-writing-a-theoretical-framework will be really useful for you if you need to write theoretical framework. You can use it in college.

    ReplyDelete
  2. The consequent emergence of numerous companies that purport to offer Essay Writing Services to students has made it imperative for students to assess companies that provide Custom Research Paper Service supply services to students.

    ReplyDelete
  3. It has become vital that students seek Premium Quality Nursing Research Papers assistance from genuine and experienced Nursing Paper Writing Services providers if they intend to get the best Grades for Academic Nursing Research Paper Writing Services.

    ReplyDelete
  4. This comment has been removed by the author.

    ReplyDelete
  5. https://crackedversion.com/yamicsoft-windows-10-manager-crack-keygen/
    Yamicsoft Windows 10 Manager Crack is This is a multi-utility Windows 10 software for its management. This Windows 10 software has many utilities for increasing the workflow of windows, it’s attaining, stimulating and fixing.

    ReplyDelete
  6. https://crackpluskey.com/wondershare-filmora-crack-registration-code/
    Wondershare Filmora Crack is software for the editing and production of a video. The software is used for making the video and redesigning it. That has a strong process and a complete background system. Filmora is a reliable software and gives his user the innovations and work system. When the Filmora did not publish.

    ReplyDelete
  7. Thanks for keeping people up on what's happening. I visited your website today and found it very interesting and well done.

    Dentists in Kitchener

    ReplyDelete