Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

OneSecurityDay 2008 - Web application auditing challenge

From: bugtraq () opencosmo com
Date: 13 Apr 2008 12:54:29 -0000
#### Translation by Google Translate ####

This Opencosmo Security has organizato the OneSecurityDay event held each year. The event is dedicated to all the 
lovers of play of web application wishing to compete with other auditors from around the world.

For those who do not know, OneSecurityDay to find vulnerabilities in PHP applications / mySQL in order to violate the 
protections and access as an administrator.
The winner not only find his name on the flyer next year, will win a prize 300Fr .- (200 €)

To participate just send an e-mail to osd () opencosmo com with its data combined the method of payment:
Name:
Surname:
Nickname:
E-mail:
At the time of response from a staff member of Opencosmo, will be given an ID that will identify the attacker. This ID 
will be implemented in the index "deface".
(You can choose the payment method when vincità)

The regulation is very simple; participating You agree to the following terms in its entirety. In case you had not 
agree you can not attend the event.

REGULATION
It is prohibited
1.1 - Use the space made available to commit acts of abuse such as:
     * Sending spam messages.
     * Distribution of viruses, and pedoporngrafico warez material.
     * Or any illegal act
1.2 - Distribute source CMS available to attack. In any case, the staff rilascierà them.
1.3 - Using programs for finding vulnerabilities as Acunetix.
1.4 - Insultare or disturb other competitors.
1.5 - Attach parts of the site is not required.
1.6 - To win the prize, the competitor must delete each file CMS and leave the index with its written identification 
number.

About VisualSentinel
VisualSentinel is an application written in PHP that blocks XSS attacks, RFI / LFI and SQL injection. During an attack 
alerts the administrator via e-mail and saving a log file with IP, Browser and string attack.
As an application very lean but powerful at the same time, competitors will release its fantastia and its software to 
be able to bypass the security controls of sentinel.

About OneSecurityDay 2008
The event will be held on April 18, 2008 at 21:00 and each competitor will be given the link to begin the attack, the 
first that will violate the sentinel and delete all files leaving the index with their ID will be the winner .

The prize will be sent depending on the method of payment agreed with the winner at the time of registration.

For more details send an e-mail to osd () opencosmo com


Mario Pasini
Manager OneSecurityDay 2008
Http://www.opencosmo.com
Previous By Date Next
Previous By Thread Next

Current thread: