How much does it take to hack a mobile network?
Is electronic government secure
in the era of WikiLeaks and Anonymous?

Is SCADA hacking a Hollywood fiction
or the nowadays reality?
Internet banking: is there any chance to win
over the fraudsters?

Cyber-crimes, cyber-espionage, cyber-war: where do we draw a borderline?


Tuesday, May 21, 2013

WAF Bypass at PHDays III

During the Positive Hack Days a competition for enthusiasts and experts of web application security will take place. The challenge organized by forum's technological partner ICL-KME CS company provides an opportunity to test oneself in exploiting vulnerable web applications protected by a Web Application Firewall.

The participants will be offered to attack (or demonstrate the attack possibility) for the purpose of gaining data from a DBMS and file system. There are several vulnerable web applications in the contest. All attacks exploiting any SQL injection vector, inclusive of gaining file system access, OS commanding, brute force and binary search attacks are counted. Attacks exploiting other vulnerabilities (e. g. buffer overflow in the web server or DBMS server) are not counted. The winner is the first who obtains access to all specially crafted data (flags). There are three flags in the competition. If several competitors implement different techniques of exploiting the same vulnerability, the winner is the person whose attack allows obtaining the same DBMS data set using the least number of queries to the server.

Participation Terms
Any PHDays III is welcome to compete for prizes. The competition will last throughout the forum. To receive the prize, the winner should provide his or her contact information (name, phone number, postal address) or be present at the award ceremony in person.

The winner will receive a special prize from the forum’s technological partner, ICL. The people who took first five places will receive prizes and souvenirs from the PHDays organizers (Positive Technologies) and the ICL company.

Technical Details 
The selection and usage of equipment that may be needed is up to the participants. You will need any mobile device with a Wi-Fi option to partake in the contest.


  1. In my opinion, info from will be really useful for you if you need to write theoretical framework. You can use it in college.

  2. The consequent emergence of numerous companies that purport to offer Essay Writing Services to students has made it imperative for students to assess companies that provide Custom Research Paper Service supply services to students.