Sunday, October 26, 2008

Open Hack

From the official HITBSecConf2008 page @ http : // conference . hackinthebox . org / hitbsecconf2008kl / ? page_id = 197 ):

For the second time ever in a HITBSecConf we will be organizing an Open-Hack competition with a slight twist inspired by the Pwn-to-0wn contest run by the guys at CanSecWest.

The purpose of an Open Hack is to uncover new and previously unknown software vulnerabilities in operating systems and software. This year’s Open Hack will involve 4 fully patched Macbook Air’s with a default install of Leopard with all patches applied and the firewall set to default settings. Similar to the contest in CanSecWest, the machine will be accessible via wired cross-over ethernet connections. Be the first to hack in and you walk away with a brand new machine!

To claim a laptop as your own, you will need to read the contents of a designated file on the system through exploitation of a 0day code execution vulnerability (ie: no directory traversal style bugs). Each laptop will only have a direct wired connection (exposed through a crossover cable) and only one person may attack each system at a time so that each team’s exploit remains private. Slots will be available for sign up in 30 minute increments at the beginning of each day. Any WiFi or Bluetooth exploits will be verified offsite in a secure lab to prevent snooping. The first winner of each laptop gets to keep it (one laptop per vulnerability entry).

Attack Vectors

Day 1 - 29th October 2008 - Default client-side applications
Day 2 - 30th October 2008 - Popular 3rd party apps

** Depending on the outcome on Day 1, we may extend the competition to submissions from remote (i.e. you don’t have to be on-site). More details will be posted next week.

Once a laptop is won however, no more exploits may be submitted. All winning exploits will be handed over to the affected vendors at the conference through WabiSabiLabi with the appropriate credit given to the contestant. All contestants must agree to the responsible disclosure handling of their vulnerability/exploit.

No comments: