[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OneSecurityDay 2008 - Web application auditing challenge

#### Translation by Google Translate ####

This Opencosmo Security has organizato the OneSecurityDay event held each year. The event is dedicated to all the lovers of play of web application wishing to compete with other auditors from around the world.

For those who do not know, OneSecurityDay to find vulnerabilities in PHP applications / mySQL in order to violate the protections and access as an administrator.
The winner not only find his name on the flyer next year, will win a prize 300Fr .- (200 ?)

To participate just send an e-mail to osd@xxxxxxxxxxxxx with its data combined the method of payment:
At the time of response from a staff member of Opencosmo, will be given an ID that will identify the attacker. This ID will be implemented in the index "deface".
(You can choose the payment method when vincità)

The regulation is very simple; participating You agree to the following terms in its entirety. In case you had not agree you can not attend the event.

It is prohibited
1.1 - Use the space made available to commit acts of abuse such as:
     * Sending spam messages.
     * Distribution of viruses, and pedoporngrafico warez material.
     * Or any illegal act
1.2 - Distribute source CMS available to attack. In any case, the staff rilascierà them.
1.3 - Using programs for finding vulnerabilities as Acunetix.
1.4 - Insultare or disturb other competitors.
1.5 - Attach parts of the site is not required.
1.6 - To win the prize, the competitor must delete each file CMS and leave the index with its written identification number.

About VisualSentinel
VisualSentinel is an application written in PHP that blocks XSS attacks, RFI / LFI and SQL injection. During an attack alerts the administrator via e-mail and saving a log file with IP, Browser and string attack.
As an application very lean but powerful at the same time, competitors will release its fantastia and its software to be able to bypass the security controls of sentinel.

About OneSecurityDay 2008
The event will be held on April 18, 2008 at 21:00 and each competitor will be given the link to begin the attack, the first that will violate the sentinel and delete all files leaving the index with their ID will be the winner .

The prize will be sent depending on the method of payment agreed with the winner at the time of registration.

For more details send an e-mail to osd@xxxxxxxxxxxxx

Mario Pasini
Manager OneSecurityDay 2008