Re: Rank My Hack

[Gregory N Pendergast/AC/VCU <gnpendergast () VCU EDU>]

Kevin,

Are there any more details provided about the posted "hack" once you've 
created an account?  For example, www.vcu.edu is listed, but does that 
mean they claim to have compromised "www.vcu.edu," or could they be 
referring to hxxp://SomeDeptServer.vcu.edu/SomeObscureApp ?

Thanks,
Greg

-----
Gregory Pendergast
Information Security Analyst
Virginia Commonwealth University




From:   Kevin Halgren <kevin.halgren () WASHBURN EDU>
To:     SECURITY () LISTSERV EDUCAUSE EDU
Date:   09/01/2011 10:12 AM
Subject:        Re: [SECURITY] Rank My Hack
Sent by:        The EDUCAUSE Security Constituent Group Listserv 
<SECURITY () LISTSERV EDUCAUSE EDU>



FYI, my e-mail client must have added the slashes (" / ") that are 
displayed in the website code variables, they are not in the original 
code from the site.  Probably due to my attempt to use italics for the 
variables.  In any case, keep those out of any syntax searches.

Kevin

On 9/1/2011 9:04 AM, Joel Rosenblatt wrote:
> Hi Kevin,
>
> Thanks, this helps a lot :-) - Now I can use Google to find them
>
> Regards,
> Joel
>
> --On Thursday, September 01, 2011 8:53 AM -0500 Kevin Halgren 
> <kevin.halgren () washburn edu> wrote:
>
> > I signed up with an alias just to figure out this information.  Their 
> > tool looks for a unique code the "hacker" inserts into the HTML of a 
> > web page.  The
> > code is in the following format:
> >
> > <!--hacked by /username/ :: /codenumber/-->
> >
> > codenumber in my case was a 9 digit decimal number.
> >
> > They scanned for that code (I didn't put the code in a web page, but 
> > I had them scan for it on a test server) from IP address 217.23.15.103
> > (samoa.underhost.com).  That address is one off from their website, 
> > 217.23.15.104 for what it's worth.
> >
> > A signed in user gets access to a chat room that I didn't hang around 
> > in and to their bounties list.  There were only a handful of entries 
> > there, nothing
> > that really concerned me, just things like kukluxklan.com and 
> > www.bnp.org.uk.  Unfortunately(?) the site is not responding at the 
> > moment so I can't get
> > access to the full list.
> >
> > Pretty lame overall, but I hope this helps someone.
> >
> > Kevin
> >
> > On 8/31/2011 1:04 PM, Joel Rosenblatt wrote:
> > > So, if you register (I didn't :-), do you get more information on the
> > > hack then the name of the school?
> > >
> > > site:columbia.edu
> > > About 1,830,000 results (0.13 seconds)
> > >
> > > Where do I look first? Without more information, this is useless
> > >
> > > Joel
> > >
> > > --On Wednesday, August 31, 2011 1:24 PM -0400 Nick Giacobe
> > > <nxg13 () PSU EDU> wrote:
> > >
> > > > You all might want to check out the new site RankMyHack to see if
> > > > your sites
> > > > have been compromised and listed on the leaderboard.
> > > >
> > > >
> > > >
> > > > 68 edu sites are listed in the current list of hacks at
> > > > http://www.rankmyhack.com/hacks.php
> > > >
> > > >
> > > >
> > > > Here is some very recent press about the RankMyHack Site:
http://www.washingtonpost.com/blogs/innovations/post/its-official-hacking-ha 

> > > > s-been-gamified/2011/08/30/gIQALidWrJ_blog.html
http://gizmodo.com/5836145/rankmyhack-gives-you-achievement-points-for-your- 

> > > > ballsiest-cyber-attacks
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > ---
> > > >
> > > > Nick Giacobe
> > > >
> > > > Research Technologist V and Ph.D Candidate
> > > >
> > > > College of Information Sciences and Technology
> > > >
> > > > Penn State University
> > > >
> > > > 101 Information Sciences and Technology Building
> > > >
> > > > University Park, PA 16802
> > >
> > >
> > >
> > > Joel Rosenblatt, Manager Network & Computer Security
> > > Columbia Information Security Office (CISO)
> > > Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
> > > http://www.columbia.edu/~joel
> > > Public PGP key
> > > http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3
> >
> > -- 
> > Kevin Halgren
> > Assistant Director - Systems and Network Services
> > Washburn University
> > (785) 670-2341
> > kevin.halgren () washburn edu
>
>
>
> Joel Rosenblatt, Manager Network & Computer Security
> Columbia Information Security Office (CISO)
> Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
> http://www.columbia.edu/~joel
> Public PGP key
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3

-- 
Kevin Halgren
Assistant Director - Systems and Network Services
Washburn University
(785) 670-2341
kevin.halgren () washburn edu