1
Hacking and Security / Re: 24 Hour Hack - 99 000'th post
« on: February 23, 2016, 05:05:48 pm »
Read the first post.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
Hacking and Security / Re: 24 Hour Hack - 99 000'th post
« on: February 23, 2016, 03:27:14 pm »So is this still happening?
If someone needs to organize this I can.
You can private message me if you want to host a vulnerable network or if you want to participate.
For participation send your handle and your skill level (beginner, intermediate or advanced). This is to better organize the teams based on skill.
For hosting send your handle, hardware specs and skill level for the server / machine.
I will post the teams and servers once they are all set up and teams are made.
I'm currently working on the server which will ultimately be used in the challenge. As you can probably guess it will take a little while to complete, that as well as i work 50 hour weeks or so doesnt leave me a huge amount of time, but it'll get done.
As for the organisation, i'd rather get that done once we have some solid work done on the server, that way we know exactly what we're going to require.
Cheers
Ice_Dragon
3
Hacking and Security / Re: 24 Hour Hack - 99 000'th post
« on: February 18, 2016, 01:56:56 pm »Quote
Are you thinking about making this a regular event, or just a one off?
I have hopes it come become a semi-regular thing, changing each time. But lets just start with this one and see how it goes.
Quote
Im interested too. Maybe create different kinds of levels or mix the groups
Different levels are something i'm interested in doing yeah, trying to keep people involved.
Quote
If I understood correctly, you want to host this?
I have a VPS i can put forward for this yeah. It will do for basics.
Quote
With the VMs (depending on how much space and power your hardware has) you should make a network-like system. You can find router Vms for free online and use them to make interesting configurations with multiple operating systems and virtual servers. I'm sure there are tutorials online that can make the set up much easier and this would provide a more realistic situation for teams (especially beginners).
And interesting concept, but still fairly difficult to do with one VM/VPS/Server. If we had access to a hypervisor or something we could create a network.. but probably not for this one, maybe in the future.
The current specs of the server are:
2.4 GHz CPU
4 GB RAM
20 GB SSD
More than what we need for an initial challenge, i can upgrade later if need be etc.
Glad this idea is getting some traction, i'll begin working on the server
Anyone who would like to get involved, PM me, or grab me on IRC, we can setup a group to create the tasks etc.
Thanks,
Ice_Dragon
4
Hacking and Security / Re: 24 Hour Hack - 99 000'th post
« on: February 16, 2016, 06:31:30 pm »
Depending how we want to do it, it may just be a case of:
- Here's a VM, we know it's vulnerable because we made it that way. So go hack it.
However, since it would be a good idea to make this beginner friendly, i may think of a way to have tiers of access, or to make things a little easier.
Maybe:
- Host 3 websites all on the one server, attached to three different databases.
- Each website has it's own vulnerabilities, in a different way. SQLi, RFI or whatever.
- Maybe have some protocol vulns on the FTP/SSH server etc.
Working with some of the more experienced people on the site it would be cool if we could create something like this that would benefit the majority of the users involved. Making it so even the new guys can get involved, and learn learn some new skills.
This will be a completely team-based game, no individual users just going off on their own. Communication must be made over IRC with the rest of the team and ensure everyone's involvement.
Again like i say, happy to listen to any suggestions/requests.
- Here's a VM, we know it's vulnerable because we made it that way. So go hack it.
However, since it would be a good idea to make this beginner friendly, i may think of a way to have tiers of access, or to make things a little easier.
Maybe:
- Host 3 websites all on the one server, attached to three different databases.
- Each website has it's own vulnerabilities, in a different way. SQLi, RFI or whatever.
- Maybe have some protocol vulns on the FTP/SSH server etc.
Working with some of the more experienced people on the site it would be cool if we could create something like this that would benefit the majority of the users involved. Making it so even the new guys can get involved, and learn learn some new skills.
This will be a completely team-based game, no individual users just going off on their own. Communication must be made over IRC with the rest of the team and ensure everyone's involvement.
Again like i say, happy to listen to any suggestions/requests.
5
Hacking and Security / 24 Hour Hack - 99 000'th post
« on: February 16, 2016, 04:10:50 pm »
Ok, so one of the things i would do back in the day, was run events such as these.
Essentially, a 24 hour hackathon, of a preselected target. The team with the most access at the end of a set 24 hour period wins.
I suggest we do something similar, on a server of our own.
Essentially, a 24 hour hackathon, of a preselected target. The team with the most access at the end of a set 24 hour period wins.
I suggest we do something similar, on a server of our own.
How will it work?
- Depending how many people sign up, will depend on how many teams we have.
- Each team will have a leader, and a deputy leader, preferably in different time zones.
- Each team will have their own IRC channel from which they can communicate.
- On a set date/time, the target is given to each TL and DTL from their respective teams.
- At the end of the 24 hours, each team documents their findings, and also how they did it.
- Forum Staff? Or another group of people can judge each teams performance, and a winning team will emerge.
Why should we get involved?
- It seems that this forum has a lot of new members, who aren't exactly sure on how to get started in the hacking world, this will allow such members, to join teams and take part and learn some basics. The entire purpose of this is to A) Have fun and B) Hopefully learn some new skills.
- That is why at the end of the 24hrs, each team must DOCUMENT their findings, this material can then be made available, and if possible tutorials and guides can be created from actual hacks, rather than just theoretical scenarios.
Is this legal?
- Good question, and the answer for this is a resounding YES.
- The target machine will be created by, well myself and hopefully some other people wanting to get involved. Giving you a completely safe environment to hack away.
This sounds awesome, what will it take to make this happen??
- Participants; teams consisting of roughly 6 people in each.
- Organizers; People to help out with the project, and get things setup and ready.
- Judges; People to vote on the winning team
Please feel free to contribute ideas, post saying you're wanting to join in, as this project really can only take place if there are people willing to take place in it!
Best regards,
Ice_Dragon
6
Hacking and Security / Re: Your Hacking Routine
« on: February 16, 2016, 01:00:21 pm »Quote
Trust me man, I know that for sure. I've been running in the real world for a couple years now
Oh really ? - Please, do tell my about your running's in the real world.
I am sorry but really I don't consider anyone who doesn't know assembly a talented hacker
Probably the stupidest thing i've read in a LONG time, and i'm not even going to justify it with the reasons why.
7
Networking / Re: Should I bother trying to get a DevOps job with no degree?
« on: February 15, 2016, 05:36:43 pm »
I left school with pretty average grades, by the time i hit college (college not uni) they really couldn't teach my much to do with IT, so i left, started my own business at 18.
Several years later, with no formal qualifications, i now work as a architect / devops engineer, earning 50k+ a year.
Qualifications will help you get places, but good understanding, experience and a silver tongue will take you further.
Good luck to you.
Several years later, with no formal qualifications, i now work as a architect / devops engineer, earning 50k+ a year.
Qualifications will help you get places, but good understanding, experience and a silver tongue will take you further.
Good luck to you.
Pages: [1]