Re: Rank My Hack

[Kevin Halgren <kevin.halgren () WASHBURN EDU>]

I signed up with an alias just to figure out this information.  Their 
tool looks for a unique code the "hacker" inserts into the HTML of a web 
page.  The code is in the following format:

<!--hacked by /username/ :: /codenumber/-->

codenumber in my case was a 9 digit decimal number.

They scanned for that code (I didn't put the code in a web page, but I 
had them scan for it on a test server) from IP address 217.23.15.103 
(samoa.underhost.com).  That address is one off from their website, 
217.23.15.104 for what it's worth.

A signed in user gets access to a chat room that I didn't hang around in 
and to their bounties list.  There were only a handful of entries there, 
nothing that really concerned me, just things like kukluxklan.com and 
www.bnp.org.uk.  Unfortunately(?) the site is not responding at the 
moment so I can't get access to the full list.

Pretty lame overall, but I hope this helps someone.

Kevin

On 8/31/2011 1:04 PM, Joel Rosenblatt wrote:
> So, if you register (I didn't :-), do you get more information on the 
> hack then the name of the school?
>
> site:columbia.edu
> About 1,830,000 results (0.13 seconds)
>
> Where do I look first? Without more information, this is useless
>
> Joel
>
> --On Wednesday, August 31, 2011 1:24 PM -0400 Nick Giacobe 
> <nxg13 () PSU EDU> wrote:
>
> > You all might want to check out the new site RankMyHack to see if 
> > your sites
> > have been compromised and listed on the leaderboard.
> >
> >
> >
> > 68 edu sites are listed in the current list of hacks at
> > http://www.rankmyhack.com/hacks.php
> >
> >
> >
> > Here is some very recent press about the RankMyHack Site:
> >
> >
> >
> > http://www.washingtonpost.com/blogs/innovations/post/its-official-hacking-ha 
> >
> > s-been-gamified/2011/08/30/gIQALidWrJ_blog.html
> >
> > http://gizmodo.com/5836145/rankmyhack-gives-you-achievement-points-for-your- 
> >
> > ballsiest-cyber-attacks
> >
> >
> >
> >
> >
> > ---
> >
> > Nick Giacobe
> >
> > Research Technologist V and Ph.D Candidate
> >
> > College of Information Sciences and Technology
> >
> > Penn State University
> >
> > 101 Information Sciences and Technology Building
> >
> > University Park, PA 16802
>
>
>
> Joel Rosenblatt, Manager Network & Computer Security
> Columbia Information Security Office (CISO)
> Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
> http://www.columbia.edu/~joel
> Public PGP key
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3

--
Kevin Halgren
Assistant Director - Systems and Network Services
Washburn University
(785) 670-2341
kevin.halgren () washburn edu