- This topic has 81 replies, 21 voices, and was last updated 10 years, 8 months ago by
j0rDy.
-
AuthorPosts
-
-
April 20, 2010 at 6:03 pm #4955
UNIX
ParticipantWe are happy to announce the first of our Public Hacking contests, labeled “How strong is Your Fu?“. The challenge will last for two days, and may go on longer, depending on how long our machines survive. The reward ? The winner of the contest will be able to choose ONE of our Online courses, free of charge. This could be either PWB, WiFu or CTP (30 day labs where relevant).
More here. 🙂
-
April 20, 2010 at 6:08 pm #31191
n1p
ParticipantNice… That looks like it will be an interesting few days. Good to get a taste of those courses.
-
April 20, 2010 at 6:12 pm #31192
impelse
ParticipantGreat
-
April 20, 2010 at 7:03 pm #31193
MicroJay
ParticipantThat weekend just got booked! 😉
-
April 20, 2010 at 7:29 pm #31194
Ketchup
ParticipantOoooh, it’s a weekend. Count me in. Does anyone know if we can we team up at all?
-
April 20, 2010 at 7:31 pm #31195
UNIX
ParticipantWhat do you have to do to win this challenge? Use the Internet, use your skills, call your friends, heck, ask your mama – whatever it takes for you to hack our lab machines.
So teaming shouldn’t be a problem. 😉
-
April 20, 2010 at 8:50 pm #31196
pizza1337
Participantnice.
i am gonna try (harder).i am in your team 😉
-
April 20, 2010 at 8:56 pm #31197
n1p
ParticipantEH oriented selection of teams may be a nice idea.
-
April 20, 2010 at 9:26 pm #31198
dynamik
ParticipantThanks for the heads-up, this looks fun.
They’ll have more information in a few days. I’d love to do a team-based thing, but it reads like its geared towards individuals.
-
April 20, 2010 at 10:46 pm #31199
Dengar13
ParticipantI am in. This should be fun!
-
April 21, 2010 at 2:52 am #31200
rattis
ParticipantI know my fu is weak, but I can’t wait to hear how someone else here decimates it. (also doesn’t help that most of my may weekends are already booked).
-
April 21, 2010 at 3:32 am #31201
MosGuy
ParticipantLooks very cool. I’ll have started my PWB session by then. If I’m not busy in the OffSec labs I may give it a shot.
-
April 21, 2010 at 7:42 am #31202
j0rDy
Participantwow, this is a great opportunity for everyone to get familiar with OffSec! CRAP! >:((excuse me) i’m on holiday that weekend (actually returning that saturday evening)! :'( maybe i’ll join in that sunday not to compete but just for the fun of it…
-
April 22, 2010 at 1:17 am #31203
DavidW
ParticipantThis is something that I definitely want to participate in. 🙂 I was unfortunately still in lurker status on the boards last month when the competetiion for some Offensive Security prizes were up for grabs.
-
April 22, 2010 at 7:25 pm #31204
eternal_security
ParticipantSo when does this start? And how do you get signed up?
-
April 22, 2010 at 7:43 pm #31205
n1p
ParticipantCheck out the link provided. It will answer your questions 😛
-
April 23, 2010 at 3:46 am #31206
rattis
ParticipantThe first 3 steps of hacking are:
1) research
2) research again
3) research even moreHeck you have to do that before you can even get started most of the time. Who is the client, are they legit, is the guy asking for the pen-test really an employee?
Anyway as n1p said, read the link. You have to dig a little deeper, but the information is there.
-
April 23, 2010 at 7:25 am #31207
j0rDy
Participantresearch is key, but dont forget to document! always keep you findings neatly organized so you can trace steps back if you have to!
-
April 23, 2010 at 7:41 am #31208
MosGuy
ParticipantOr as Muts likes to say, “If I had 6 hours to chop down a tree, I’d spend the first 3 sharpening my axe.”
-
April 23, 2010 at 7:43 am #31209
UNIX
ParticipantActually it’s a quote by Abraham Lincoln.
-
April 23, 2010 at 7:51 am #31210
MosGuy
Participant@awesec wrote:
Actually it’s a quote by Abraham Lincoln.
Yeah I know that, it’s one of Muts favorites. Seeing as this thread is regarding OffSec and the quote refers to the importance of prep/planning it seemed fitting.
-
April 23, 2010 at 11:30 am #31211
j0rDy
ParticipantDon’t forget “TRY HARDER!”
-
April 23, 2010 at 12:08 pm #31212
hayabusa
Participant@awesec wrote:
Actually it’s a quote by Abraham Lincoln.
OK, geek time for the scholars –
And, as Lincoln was quite the scholar, himself I personally think he spoke with reference to the Bible, specifically Ecclesiastes 10:9-10, where it says:
“Whoso removeth stones shall be hurt therewith; and he that cleaveth wood shall be endangered thereby. If the iron be blunt, and he do not whet the edge, then must he put to more strength: but wisdom is profitable to direct.”
-
April 23, 2010 at 1:46 pm #31213
pizza1337
Participanthttp://www.information-security-training.com/n … les/
register quick!
-
April 23, 2010 at 1:49 pm #31214
MicroJay
ParticipantI registered as well.
-
April 23, 2010 at 2:32 pm #31215
DavidW
ParticipantI registered as well but I have not received a confirmation email to complete the process and it’s been over an hour. I understand they might be receiving many requests for registration but I didn’t want to miss out on this opportunity. 🙂
-
April 23, 2010 at 2:35 pm #31216
impelse
ParticipantI hope you guys share you exp with this attack. My skill are low for this kind tournament, but I would like to know how you did
-
April 23, 2010 at 2:50 pm #31217
DavidW
ParticipantI don’t have a whole lot of skills either but I’m going to atleast try and see what I can do.
-
April 23, 2010 at 3:29 pm #31218
-
April 23, 2010 at 3:31 pm #31219
impelse
ParticipantI think you are right. I will sign up too.
-
April 23, 2010 at 5:15 pm #31220
MosGuy
ParticipantGood luck to those of you who have registered I hope some of you are accepted. I’ve decided to give it a miss, I’ll be banging my head & trying harder in the PWB labs. For those that do attend it would be good to hear feedback.
-
April 24, 2010 at 4:01 am #31221
Ketchup
ParticipantI am concerned. I still haven’t gotten my confirmation and I registered hours ago. I would hate to miss this despite having no chance of winning 🙂
-
April 24, 2010 at 4:39 am #31222
impelse
ParticipantTry to register again and check your spam or try a second email.
-
April 24, 2010 at 6:06 pm #31223
Ketchup
ParticipantBeen there, done that, still nothing 🙁
-
April 25, 2010 at 1:25 am #31224
MicroJay
ParticipantI had a similar issue. But I jumped on a different internet connection and it worked for me. I’m thinking they are going/filtering by IP addresses. Possibly someone registered on your network?
-
April 25, 2010 at 3:08 am #31225
rvs
ParticipantFrom http://www.information-security-training.com/news/how-strong-is-your-fu-registration-and-rules/
FYI:
“cc says:
April 23, 2010 at 4:13 amhey guys,
why are you sending emails from apache@localhost.localdomain ?
a lot of mail servers block that kind of stuffpretty sure lot of registrations will bounce”
admin says:
April 23, 2010 at 4:31 amChanged SMTP settings, try now. Thanks for the heads up!
I guess try again guys…
-
April 25, 2010 at 11:50 am #31226
-
April 25, 2010 at 1:12 pm #31227
Ketchup
Participantrvs, thanks for the heads. I finally got it.
-
April 26, 2010 at 4:03 am #31228
rvs
Participanthey guys, maybe one of you guys taking the challenge, could probably discuss it on a Thread or something… that could be very informative for security professionals. Would that be amazing I guess so…
-
April 27, 2010 at 10:00 am #31229
Anonymous
ParticipantHi guys,
“No vulnerability scanners, or automated tools”
Are you aware if Nmap is included in the “don’t use” tools?
-
April 27, 2010 at 11:00 am #31230
pizza1337
Participant@JollyJokker wrote:
Hi guys,
“No vulnerability scanners, or automated tools”
Are you aware if Nmap is included in the “don’t use” tools?
I hope its allowed.
-
April 27, 2010 at 12:18 pm #31231
Ketchup
ParticipantSomeone asked about that in the discussion. The impression that I got is that they will intentionally mislead your vuln scanner results. Either way, a I am sure a simple netcat scan or a scripted telnet scan will do the job just as well.
-
April 27, 2010 at 12:28 pm #31232
j0rDy
Participantthere are plenty other ways to get a good fingerprint of the system at hand (like said: telnet or netcat will do just fine).
I decided not to sign up because of absence on the first day. this way i will give someone else the opportunity to give it a REAL try…(my guess: it will be cracked within the first 24h, or not at all 8))
-
April 27, 2010 at 4:05 pm #31233
Ketchup
ParticipantI am actually thinking someone may 0day pwn it in a couple of hours 🙂
-
April 27, 2010 at 4:16 pm #31234
bamed
ParticipantI have to wonder how difficult the Tournament will be compared to the PWB challenge or the CTP challenge.
Having taken PWB and obtained OSCP, I’m pretty sure it will be a quality exercise and worth the time, and I’m all for free training! However, if it more the Tournament is more difficult than the courses’ challenge exams, will the winner need the training? I mean if you win the Tournament by basically passing the challenge exam at the end of a course, and the prize is the course… Of course if it’s easier, than it should be cracked pretty quickly.Anyway, just thinking out loud (or rather silently, but publicly). At any rate, I expect it to be fun and the competition to be fierce. And if I happen to win, I’ll greedily accept the free CTP training.
-
April 27, 2010 at 4:33 pm #31235
impelse
ParticipantSome people will do it just for the glory or prove themselvs or they can take the other training like the CPT
-
May 5, 2010 at 8:57 am #31236
Xen
ParticipantOffensive Security recently announced that they’ll allow everyone to participate. However, the tournament will be conducted in two phases and only the first 100 who complete phase 1 will be allowed to advance to phase 2.
What to expect
* The challenge will be built of two Phases, appropriately called “Phase 1″ and “Phase 2″. Phase one is also humorously called “The noob filter”, as only the first 100 people who hack their way past this machine will pass on to “Phase 2″. Please do not be offended by the choice of machine names, it’s all done in humor. Once “Phase 1″ is hacked by an attendee, they will find instructions on how to proceed to “Phase 2″.
* “Phase 2″ will involve VPN access to an internal lab, with several additional machines which are trembling with anticipation for the taunting session hacking tournament.
* All registered attendees will get an email on the 8th of May, around 14:00 GMT (that means around 10am EST) with further instructions, attack adresses, etc. We have around 120 people who have not verified their registration – those will not be included in the list. If you did not get a confirmation email, re-register, or contact Offsec Staff (figure out how).Complete information here;
http://www.information-security-training.com/events/offensive-security-hacking-tournament-updates/ -
May 8, 2010 at 2:56 pm #31237
Xen
ParticipantHas anyone received their password for the contest? They’ve sent the email I guess..
-
May 8, 2010 at 3:16 pm #31238
Xen
ParticipantIf anyone has not received their email they can contact muts at #HSIYF on freenode. Just received mine 😀
-
May 8, 2010 at 3:49 pm #31239
Anonymous
Participantgot mine too 🙂
-
May 8, 2010 at 4:11 pm #31240
zeroflaw
ParticipantCrap…I forgot about this. Now I’m too late :/
-
May 8, 2010 at 6:26 pm #31241
hayabusa
ParticipantI saw it, but as I was already registered for OSCP v3 starting tomorrow, I decided against jumping into it.
-
May 8, 2010 at 6:32 pm #31242
pizza1337
ParticipantThis is hard. has anyone here passed phase 1 yet?
-
May 8, 2010 at 6:46 pm #31243
bamed
ParticipantThere’s 15 people on the scoreboard so far. This n00b filter is pretty tough. The IDS is pretty fierce and the 5 minute cooldown is wearing on my patience.
-
May 8, 2010 at 6:49 pm #31244
pizza1337
Participanti see someone named “KETCHUP” there, who got passed phase 1. 🙂
-
May 8, 2010 at 11:44 pm #31245
hayabusa
ParticipantGood. Nice to know one of ours is progressing. Great job, Ketchup!
-
May 9, 2010 at 2:55 am #31246
What90
ParticipantNice work Ketchup!
The challenge was fun, apart from load times.
The lag is an absolute killer of us at the bottom of the world. Load time of over 10,000ms per object, so can’t complete stage one to get away from the loonies and get some peace to go for gold 🙁 -
May 9, 2010 at 3:28 am #31247
pizza1337
ParticipantI agree, its sloww..
-
May 9, 2010 at 3:33 am #31248
alan
Participantthis is fun, got past the noob filter, but not getting much else going!
-
May 9, 2010 at 3:48 am #31249
rattis
Participantfor those of us not playing (I have not the skill), where is the score board to watch?
*edit: Never mind, I found it:
http://scoreboard.information-security-training.com/scoreboard/ -
May 9, 2010 at 5:02 am #31250
pizza1337
ParticipantI cant get past noob filter, i get access to WAF but i dont know what to do after that..
http://www.securityfocus.com/archive/1/508124/30/0/threaded < i dont understand this..
-
May 9, 2010 at 5:04 am #31251
Xen
ParticipantI too am not able to clear phase1. Contact Ketchup on IRC perhaps he might help you.
-
May 9, 2010 at 9:35 am #31252
Xen
ParticipantAnyone else from EHNet pwned phase 1? I see Ketchup and xXxKrisxXx only.
I’m still not able to authenticate to the website. -
May 9, 2010 at 9:37 am #31253
j0rDy
Participantnice to see people are trying hard! just got back from holiday so i’m dying to see how people are doing. too bad phase 1 is slow for some people, but i guess it will be better after the “noob filter”.
-
May 9, 2010 at 9:40 am #31254
zeroflaw
ParticipantI’ve tried for a bit last night. And now I’m gonna try again lol. Don’t have much time for this, cause of exams going on.
I’m not sure if I should look for some server misconfiguration or bypass the login script :-
-
May 9, 2010 at 9:48 am #31255
Xen
Participant -
May 9, 2010 at 11:36 am #31256
zeroflaw
ParticipantOh lol, didn’t realise I was actually hitting the WAF :-[
I just want to pwn the noob filter now 😛
-
May 9, 2010 at 1:07 pm #31257
pizza1337
Participantme too.
-
May 10, 2010 at 2:58 am #31258
Ketchup
ParticipantI officially got my butt kicked, big time, and I loved every minute of it. I thought it was a tough challenge, although I expected nothing less. I realized how weak my FU is and how much work I need on exploit development. If nothing else, this should motivate me.
There were a few EH.net members in IRC, trying to get through it. Hopefully everyone had a blast like I did.
P.S. Mark, I read your article (and the links your provided) on SEH Exploits about 10 times this weekend. 🙂
-
May 10, 2010 at 3:18 am #31259
pizza1337
Participant@Ketchup wrote:
I officially got my butt kicked, big time, and I loved every minute of it. I thought it was a tough challenge, although I expected nothing less. I realized how weak my FU is and how much work I need on exploit development. If nothing else, this should motivate me.
There were a few EH.net members in IRC, trying to get through it. Hopefully everyone had a blast like I did.
P.S. Mark, I read your article (and the links your provided) on SEH Exploits about 10 times this weekend. 🙂
dude, you did good job.
I couldn’t even get past phase 1, i figured out how to do it this morning, but it was too late.
I am not very good at web applications. -
May 10, 2010 at 4:10 am #31260
impelse
ParticipantCongrats Ketchup
-
May 10, 2010 at 4:49 am #31261
Xen
ParticipantNevertheless, good job ketchup! Did you even sleep? I checked that you were on IRC the whole time. Have some rest now. You deserve it 🙂
-
May 10, 2010 at 12:40 pm #31262
bamed
ParticipantIt was fun, but totally kicked my butt too. Never got past phase 1. I didn’t get much time besides Saturday morning and a little while Saturday evening to spend on it, though I did spend all weekend thinking about it. Now I know I need to focus some study on exploiting web apps.
On another note, I managed to get through the Google Code Jam qualification round, so the weekend wasn’t a total loss! -
May 10, 2010 at 3:14 pm #31263
MicroJay
ParticipantI tried…Guess I did not “Try Harder”!
I looked at the source of the pages to try and pick something out. “HAHAHAHA!” kept bugging me.
I kept getting the 5 minute delay. 🙁I think I will be taking some courses this year when the time is right! 😉
Congrats on getting by Level 1 Ketchup and xXxKrisxXx and anyone else I forgotten!
-
May 10, 2010 at 3:50 pm #31264
zeroflaw
ParticipantWell the annoying thing was that I pretty much had the solution to phase 1 thanks to What90. Lag prevented me from getting a HTTP response from the exploit :- There were a few slots left and I just didn’t make it.
I learned something from this though. I was trying to bypass the filter by HTTP Parameter Pollution. So I was skipping through PDF’s and PPT’s trying to learn as much about it as quickly as I could. Also tried a bunch of other SQL Injection vectors. And in the end I was thinking far too difficult. Though the HPP techniques will come in handy in the future perhaps 8)
Perhaps Ill see if I can install dotDefender and try the exploit in a lab environment ;D And I’ve heard there will be another contest like this in the future, so hopefully my Fu will be stronger by then 😉
-
May 12, 2010 at 5:08 pm #31265
Xen
ParticipantOffensive Security has declared winners and posted the solutions to the contest.
http://www.information-security-training.com/blog/Now that I look at the answers I feel so stupid that I wasn’t able to clear this stage. I was on the right track but someone or the other regularly changing the passwords confused me a lot.
-
May 13, 2010 at 8:31 pm #31266
Ketchup
ParticipantOffsec released some of the reports for the challenges.
http://www.information-security-training.com/news/hsiyf-runner-up-documentation/
I feel absolutely silly for spending I don’t even know how many hours trying to modify an exploit to work with Windows 7, when I didn’t have to 😀 I can’t believe I missed the completely easy route and went for something nuts. It’s not the first time though 🙂 Oh well, live an learn.
-
May 13, 2010 at 8:40 pm #31267
impelse
ParticipantThat’s the way to learn, I am very sure you will never forget it and next time you will save time.
-
May 13, 2010 at 8:53 pm #31268
-
May 14, 2010 at 4:51 am #31269
Xen
ParticipantThanks, Ketchup!
These reports clearly demonstrate how different people take different approaches to achieve the same goal. -
May 14, 2010 at 6:50 am #31270
zeroflaw
ParticipantOh man! So there was no lag on the noob-filter! Everyone was saying that so I assumed everyone was trying to exploit the filter all at the same time. Oh well, better luck next time… hopefully 😛
-
May 14, 2010 at 8:01 am #31271
j0rDy
Participanta great way to keep learning new stuff and to keep everyone on there toes! good to see OffSec liked it too and turned it in to an annual event!
-
-
AuthorPosts
- You must be logged in to reply to this topic.