OneSecurityDay 2008 - Web application auditing challenge
#### Translation by Google Translate ####
This Opencosmo Security has organizato the OneSecurityDay event held each year.
The event is dedicated to all the lovers of play of web application wishing to
compete with other auditors from around the world.
For those who do not know, OneSecurityDay to find vulnerabilities in PHP
applications / mySQL in order to violate the protections and access as an
administrator.
The winner not only find his name on the flyer next year, will win a prize
300Fr .- (200 ?)
To participate just send an e-mail to osd@xxxxxxxxxxxxx with its data combined
the method of payment:
Name:
Surname:
Nickname:
E-mail:
At the time of response from a staff member of Opencosmo, will be given an ID
that will identify the attacker. This ID will be implemented in the index
"deface".
(You can choose the payment method when vincità)
The regulation is very simple; participating You agree to the following terms
in its entirety. In case you had not agree you can not attend the event.
REGULATION
It is prohibited
1.1 - Use the space made available to commit acts of abuse such as:
* Sending spam messages.
* Distribution of viruses, and pedoporngrafico warez material.
* Or any illegal act
1.2 - Distribute source CMS available to attack. In any case, the staff
rilascierà them.
1.3 - Using programs for finding vulnerabilities as Acunetix.
1.4 - Insultare or disturb other competitors.
1.5 - Attach parts of the site is not required.
1.6 - To win the prize, the competitor must delete each file CMS and leave the
index with its written identification number.
About VisualSentinel
VisualSentinel is an application written in PHP that blocks XSS attacks, RFI /
LFI and SQL injection. During an attack alerts the administrator via e-mail and
saving a log file with IP, Browser and string attack.
As an application very lean but powerful at the same time, competitors will
release its fantastia and its software to be able to bypass the security
controls of sentinel.
About OneSecurityDay 2008
The event will be held on April 18, 2008 at 21:00 and each competitor will be
given the link to begin the attack, the first that will violate the sentinel
and delete all files leaving the index with their ID will be the winner .
The prize will be sent depending on the method of payment agreed with the
winner at the time of registration.
For more details send an e-mail to osd@xxxxxxxxxxxxx
Mario Pasini
Manager OneSecurityDay 2008
Http://www.opencosmo.com