lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20070520233923.GA35296@kbox.kenshoto.com>
Date: Sun, 20 May 2007 19:39:23 -0400
From: User Ctf <ctf@...x.kenshoto.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Kenshoto Presents Annual Bogus IIS 6.0 Remote
	Exploit

Check it:

Dr. Kenneth Shoto proudly announces that the qualifying round for the Defcon Capture the Flag contest is nowopen for registration. The qualifying contest will start at 1 June 2007 @ 2200 EST and end 3 June 2007 @ 2200 EST.

Teams can be any size you'd like (more ninjas clearly == better) and each team will need to register before 1 June 2007 @ 2200 EST in order to get an account for the actual game.  The top 7 teams qualify for a seat at the table at the proverbial 'big show' (the actual CtF competition) to be held at Defcon 15. Defcon takes place August 3-5th 2007 (https://www.defcon.org/) so make sure you clear all those WoW, D&D, and Eve-Online playdates off your calendar early.

That's right hackers and hackettes, get your debuggers warmed up and your shellcode tested, cuz it's that time of year again. What you say? You don't know what the hell we're talking about? Well, peep dis:

The core of the qualifying competition will be a quiz-like interface where each team may select a question and then must hack until they can answer it. Topics will vary widely, but of course include such fan-favorites as reversing martian binaries, landing shellcode and a double lutz simultaneously, and stealing information from strange places. We've also thrown in challenges like intar-webs hax0rification and mind-bendy trivia so the 5kr1p+ K1dd1e5 can play along (much love).

This year the game allows for maximum parallelization on questions. When the leading team selects a question, that question (and all the ones they already answered) becomes available to the trailing teams. In other words, there is no need to register multiple ghost accounts as they won't give any advantage (*ahem*skewl*cough)...

Don't have the stones to think you can win? Well, you should sign-up and play anyway. The winning team from last year actually got primed up for the game by competing in quals. They then kicked it up a notch by spending the next three months figuring out every detail of every challenge we put out there and explaining it all as if paid to do so (check it out http://nopsr.us/ctf2006prequal/).  Besides, how else are you gonna sharpen those skillz and convert yourself from poser to p3wner?

So what are you waiting for? Jump onto your nops-sled and slide over to
http://kenshoto.allyourboxarebelongto.us:1337/ to sign up for quals now...

-kenshoto

(ctf07 at kenshoto.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ