Bugtraq mailing list archives

Microsoft ask users to crack win2000 site

From: pgl () TI CZ (Peter Lowe)
Date: Tue, 3 Aug 1999 19:05:33 +0200


[ executive summary: Microsoft are asking you to crack their
  machine running on win2k and iis. ]

I haven't seen anything about this on bugtraq before, and I'm not
entirely sure if it's appropriate, but this is from
http://www.windows2000test.com/ground_rules.htm:

                    Microsoft Internet Explorer
   Microsoft Windows 2000 Server with Internet Information Server.

Ground Rules

   1. Make it Interesting

   Good safe computing practices on the Internet involve placing
   critical systems behind firewall-type devices. For this
   testing, we are intentionally not putting these machines behind
   a firewall. This mean that you could slow these machines down
   by tossing millions of random packets at them if you have
   enough bandwidth on your end. If that happens, we will simply
   start filtering traffic. Instead, find the interesting "magic
   bullet" that will bring the machine down.

   2. Compromise an account

   Windows 2000 computers can have multiple user accounts and
   groups. See if you can find a way to logon with one of these
   accounts.

   3. Change something you shouldn't have access to

   See if you can change any files or content on the server. If
   you manage, no foul or rude statements please.

   4. Get something you shouldn't have

   There are hidden messages sprinkled around the computer. See if
   you can find them.

   5. Our goal is to configure the system to thwart your attempts

   The goal is to see how a properly secured machine will stand up
   to attack. These machines are configured to prevent known
   attacks.

   6. This is a test site

   You are welcome to attempt to compromise this site, and this
   site only. This is your chance to do a practical test of
   Microsoft Windows 2000's security.

   7. Tell us about your exploits

   If you find something, send us some email at
   w2000its () microsoft com.
   © 1999 Microsoft Corporation. All rights reserved. Terms of
   Use.


--
Peter Lowe -- System Administrator, Telenor Internet
http://www.ti.cz/ -- pgl () ti cz

Everything I know in life I learnt from .sigs.

Current thread:

chflags() [heads up] Adam Morrison (Aug 01)
- Re: chflags() [heads up] Eivind Eklund (Aug 03)
- Microsoft ask users to crack win2000 site Peter Lowe (Aug 03)
  - vlock + magic SysRQ key Luis M. Cruz (Aug 04)
    - Re: vlock + magic SysRQ key Pavel Machek (Dec 31)
  - Paranoid? Running SSHD as normal users. Erik Parker (Aug 04)
    - Re: Paranoid? Running SSHD as normal users. (rethink) Erik Parker (Aug 06)
    - Administrivia Elias Levy (Aug 09)
  - Re: Microsoft ask users to crack win2000 site j nazario (Aug 05)
  - Re: Microsoft ask users to crack win2000 site John Horn (Aug 05)
    - Re: Microsoft ask users to crack win2000 site Ray Barnes (Aug 06)