Evilzone team CTF365

[Stackprotector]

I am started a Evilzone team. I require higher skills to enter. I really don't care if i am in a team with 2 members as long as we are skilled. You can expect total failure when launching a metasploit autopwn.


Pick one of the skill-sets below if you want to join this team or be in both teams (if the noobpatrol team is still going to play). Please do take into mind that by choosing a skill-set you tell us that you are experienced in that set.


Web-security - Experienced with at least:
-Blind SQLi on MySQL and 1 other database system. 
-Cross site vulnerability's (XSS, XSRF etc.)
-Little social engineering is always good
-LFI/RFI and other Path traversal attacks
-Filter evasion techniques
-Basic PHP/ASP programming
-General web-security skills (shells and whatnot)
-The ability to set-up and secure an open-source CMS


Server admin
-Installation of a linux server, you should be able to setup almost all non-self-compile distro's (Debian, arch linux, ubuntu, etc.etc.etc)
-Installation and secure configuration of the required services and packages such as Apache2, PHP, FTP, SSH etc.
-Installation of security features in the linux OS such as IPS, IDS, Firewall and other monitoring and security systems (selinux )
-The ability to monitor the server for load, security, traffic etc.
-And some general "Linuxfu"


Exploiter - Honey potter
-Installation of required tool set for exploitation and exploit development
-Some honey potting experience should be nice
-Exploitfu, loads of that. And deeper knowledge than just the metasploit terminal
-Exploit/Payload development


Auditor
-You can audit the network, spot easy targets, check people who tried to scan us.
-Have some knowledge about networking, scripting, and secure/stealth scanning.


Programmer
-You just want to program cool tools for us to use


This is a quick mock-up of skill-sets, pick one if you are experienced in the field. And then the fun can start   Deadline is around June (then the CTF will start)


Here is my referral url http://ctf365.com/ref/WvxTCRxHd8bg9SzsBCJx click it if you like.


Please note, this is not a timed ctf but "the World of Warcraft for hackers"

[Mordred]

I signed up for CTF365 a while back but of course I forgot the password I used and their password reset system is fucked.

Anyway I'm gonna fix that eventually, so I'm definitely in for Social Engineering and Auditing. If you want me that is.

L.E.: You watched Inception on TV last night I see.

[Phage]

They set the release date to last year I was signed up with maximum referrals with my team just to receive the message that the tournament had been postponed.

[Stackprotector]

I signed up for CTF365 a while back but of course I forgot the password I used and their password reset system is fucked.

Anyway I'm gonna fix that eventually, so I'm definitely in for Social Engineering and Auditing. If you want me that is.

L.E.: You watched Inception on TV last night I see.

No i did not watch it last night. To bad i missed it. But i watch it every 2 months or so. For straight 2 years. How far are you with auditing?

[Pak_Track]

I'm in for social engineering if you guys approve.

[Stackprotector]

I'm in for social engineering if you guys approve.

Do you see social engineering as a skill set?

[Kulverstukas]

I have none of the skills listed above... but I'll stick with n00bPatrol. I won't desert the team!

[3vilp4wn]

I'd love to do this, but I'm probably not good enough 
Here's what I'm semi-qualified for:

Web-security - Experienced with at least:
-Blind SQLi on MySQL and 1 other database system.  - Eh, I did SQLi on a live system once, but that was just a basic ' or 1=1--
-Cross site vulnerability's (XSS, XSRF etc.)  -      I'm good with CSRF and XSS.  I've used them on live systems a couple of times.
-Little social engineering is always good  -  Not for me 
-LFI/RFI and other Path traversal attacks  -  I know how it works, but never done it on a live system before.
-Filter evasion techniques  -  Meh, I'm so/so at that.
-Basic PHP/ASP programming  -  I'm good at PHP, but never used ASP.
-General web-security skills (shells and whatnot)  -  Meh, so/so.
-The ability to set-up and secure an open-source CMS  -  Never done that before.



Programmer
-You just want to program cool tools for us to use  -  I'm good at programming, and I've already started a toolkit in python.  What are you guys looking for?


Anyways, I'd love to be on the team, but like I said, I'm probably not good enough.

[namespace7]

made an account with your referal link, but I got some stupid registration email.

You can confirm your account email through the link below: Confirm my account Before digital, there was mechanical. View and purchase fascinating mechanical antique pocket watches and vintage wrist watches. Visit Bogoff Antiques today. http://www.bogoff.com

WTF? Please don't tell me its some stupid puzzle where I gave to go though that website to find some key or some shit like that :DDD

[3vilp4wn]

made an account with your referal link, but I got some stupid registration email.
WTF? Please don't tell me its some stupid puzzle where I gave to go though that website to find some key or some shit like that :DDD

The "Confirm My Account" is a link.  Click it.

[namespace7]

The "Confirm My Account" is a link.  Click it.

Its just text. Plain text. :/
Its weird. Very very weird.

[3vilp4wn]

Are you using one of those terminal mail readers?
If not, I have no idea how to help you 

[namespace7]

Are you using one of those terminal mail readers?
If not, I have no idea how to help you 

Not quite a terminal reader... simple but it supports links
Idk, maybe they have some bug or something.
Anyway, its not clear when they would actually go active and start the actual ctf, so its not a big of a deal.