OneSecurityDay 2008 - Web application auditing challenge

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: OneSecurityDay 2008 - Web application auditing challenge
From: bugtraq@xxxxxxxxxxxxx
Date: 13 Apr 2008 12:54:29 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

#### Translation by Google Translate ####

This Opencosmo Security has organizato the OneSecurityDay event held each year. 
The event is dedicated to all the lovers of play of web application wishing to 
compete with other auditors from around the world.

For those who do not know, OneSecurityDay to find vulnerabilities in PHP 
applications / mySQL in order to violate the protections and access as an 
administrator.
The winner not only find his name on the flyer next year, will win a prize 
300Fr .- (200 ?)

To participate just send an e-mail to osd@xxxxxxxxxxxxx with its data combined 
the method of payment:
Name:
Surname:
Nickname:
E-mail:
At the time of response from a staff member of Opencosmo, will be given an ID 
that will identify the attacker. This ID will be implemented in the index 
"deface".
(You can choose the payment method when vincità)

The regulation is very simple; participating You agree to the following terms 
in its entirety. In case you had not agree you can not attend the event.

REGULATION
It is prohibited
1.1 - Use the space made available to commit acts of abuse such as:
     * Sending spam messages.
     * Distribution of viruses, and pedoporngrafico warez material.
     * Or any illegal act
1.2 - Distribute source CMS available to attack. In any case, the staff 
rilascierà them.
1.3 - Using programs for finding vulnerabilities as Acunetix.
1.4 - Insultare or disturb other competitors.
1.5 - Attach parts of the site is not required.
1.6 - To win the prize, the competitor must delete each file CMS and leave the 
index with its written identification number.

About VisualSentinel
VisualSentinel is an application written in PHP that blocks XSS attacks, RFI / 
LFI and SQL injection. During an attack alerts the administrator via e-mail and 
saving a log file with IP, Browser and string attack.
As an application very lean but powerful at the same time, competitors will 
release its fantastia and its software to be able to bypass the security 
controls of sentinel.

About OneSecurityDay 2008
The event will be held on April 18, 2008 at 21:00 and each competitor will be 
given the link to begin the attack, the first that will violate the sentinel 
and delete all files leaving the index with their ID will be the winner .

The prize will be sent depending on the method of payment agreed with the 
winner at the time of registration.

For more details send an e-mail to osd@xxxxxxxxxxxxx


Mario Pasini
Manager OneSecurityDay 2008
Http://www.opencosmo.com

Prev by Date: Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer Overflow
Next by Date: Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows
Previous by thread: Secunia Research: Lotus Notes kvdocve.dll Path Processing Buffer Overflow
Next by thread: Secunia Research: activePDF DocConverter Folio Flat File Parsing Buffer Overflows
Index(es):
- Date
- Thread