[ISN] OwnTheBox @ DC16: Pwning for dollars

From: InfoSec News <alerts_at_private>
Date: Wed, 16 Jul 2008 03:12:20 -0500 (CDT)
Forwarded from: OTB <ownthebox (at) cipherpunx.org>

OwnTheBox, now in year 0x01, continues its hallowed tradition of 
creating temporary autonomous zones comprised of random people asking to 
be haxored to test their defensive Kung Fu. We're a defender contest, of 
sorts, which means the following:

* Contestants bring a server, running some hardened services
* We invite all DefCon attendees to attack these services
* ????


This year, we made some changes to the format: Instead of asking 
defenders to offer up their hardware to successful attackers, we're 
glomming on to the Vegas spirit and making this a contest of cold, hard 

Defenders pay a nominal entry fee, matched by contest organizers, the 
Cosa Nostra, and Dan Kaminsky's grandma. The winning entry, based on 
services uptime and our patented PwnOMeter(tm), gets the cash, as a tab 
at the Splash bar, on Sunday afternoon.

We're also partnered up with the good folks of OCTF, so entries will be 
targets in their event, and given varying point levels in OCTF 
throughout con, guaranteeing a dedicated pool of attackers to bring the 


If you've followed the DC forums, you know the drill. Services this year 
will need to do $SOMETHING. Specifically, our scorebot will be sending 
you a Base64, token every five minutes, to check your service is 
functioning. We can get the token to you just about any way you like, 
though HTTP(s), SMTP, (s)FTP, TFTP, etc, just give us fair warning what 
you have in mind.

You'll also receive tokens to install locally for each service, and one 
readable by root / admin / sysopr / etc.

Obviously, providing the token to contest organizers = an own. Succesful 
attackers get a beer or two.

Beyond that, show up, buy us beer, and come have fun. Mail ownthebox 
[at] cipherpunx [dot] org with signups, questions, comments, ridicule, 
derision, and pics of your Mom.

Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Wed Jul 16 2008 - 01:12:20 PDT

This archive was generated by hypermail 2.2.0 : Wed Jul 16 2008 - 01:36:21 PDT