lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: 13 Apr 2008 12:54:29 -0000
From: bugtraq@...ncosmo.com
To: bugtraq@...urityfocus.com
Subject: OneSecurityDay 2008 - Web application auditing challenge

#### Translation by Google Translate ####

This Opencosmo Security has organizato the OneSecurityDay event held each year. The event is dedicated to all the lovers of play of web application wishing to compete with other auditors from around the world.

For those who do not know, OneSecurityDay to find vulnerabilities in PHP applications / mySQL in order to violate the protections and access as an administrator.
The winner not only find his name on the flyer next year, will win a prize 300Fr .- (200 €)

To participate just send an e-mail to osd@...ncosmo.com with its data combined the method of payment:
Name:
Surname:
Nickname:
E-mail:
At the time of response from a staff member of Opencosmo, will be given an ID that will identify the attacker. This ID will be implemented in the index "deface".
(You can choose the payment method when vincità)

The regulation is very simple; participating You agree to the following terms in its entirety. In case you had not agree you can not attend the event.

REGULATION
It is prohibited
1.1 - Use the space made available to commit acts of abuse such as:
     * Sending spam messages.
     * Distribution of viruses, and pedoporngrafico warez material.
     * Or any illegal act
1.2 - Distribute source CMS available to attack. In any case, the staff rilascierà them.
1.3 - Using programs for finding vulnerabilities as Acunetix.
1.4 - Insultare or disturb other competitors.
1.5 - Attach parts of the site is not required.
1.6 - To win the prize, the competitor must delete each file CMS and leave the index with its written identification number.

About VisualSentinel
VisualSentinel is an application written in PHP that blocks XSS attacks, RFI / LFI and SQL injection. During an attack alerts the administrator via e-mail and saving a log file with IP, Browser and string attack.
As an application very lean but powerful at the same time, competitors will release its fantastia and its software to be able to bypass the security controls of sentinel.

About OneSecurityDay 2008
The event will be held on April 18, 2008 at 21:00 and each competitor will be given the link to begin the attack, the first that will violate the sentinel and delete all files leaving the index with their ID will be the winner .

The prize will be sent depending on the method of payment agreed with the winner at the time of registration.

For more details send an e-mail to osd@...ncosmo.com


Mario Pasini
Manager OneSecurityDay 2008
Http://www.opencosmo.com

Powered by blists - more mailing lists