lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu Apr  7 21:29:06 2005
From: lists at domain-logic.com (Randall Perry)
Subject: IIS hacking contest

But that's not quite real world.
Is the server running SQL server? Oracle?
Or is it just serving static pages and is sitting behind a reverse proxy 
[on FreeBSD].
There aren't any details there.

Suppose no one cracks the box, that just means someone didn't want to spill 
their guts for a retail Xbox.
I can suppose there are groups out there that would rather people assume it 
'really is secure' regardless of critical flaws that are publicized and 
regardless of the quiet black hats that aren't falling for an x-shaped carrot

Randy.
At 03:16 PM 4/7/2005, you wrote:
>Here's your chance to shut up all those IIS people from saying it is secure.
>(Or prove them right)
>There is a contest to hack IIS, and the winner gets an XBOX, plus the pride
>of saying that they have hacked an "impenetrable IIS environment."
>
>http://www.hackiis6.com/
>
>--Bryan
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/









http://www.domain-logic.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ