Diary of a Network Geek

The trials and tribulations of a Certified Novell Engineer who's been stranded in Houston, Texas.

5/9/2005

Hacker Challenge

Filed under: Deep Thoughts,Fun,Fun Work,Geek Work,GUI Center,MicroSoft,News and Current Events,The Dark Side,The Network Geek at Home — Posted by the Network Geek during the Hour of the Hare which is terribly early in the morning or 6:23 am for you boring, normal people.
The moon is Waxing Gibbous

Test your skills!
Well, since it’s hacking IIS 6, I’m not sure how much of a “challenge” it will be, but, still, the “Hack IIS 6 Contest” sounds like a bit of fun. The goal, obviously, is to crack a publicly available Internet Information Server 6 that the contest organizers have setup. They claim to have set it up as they would expect the “average” Windows Admin would have configured it. The goal is a simple defacement or the reading of a “hidden” document. The prize is an XBOX.
If I had more time, it might be fun. Of course, I’m not really a hacker, nor have I ever claimed to be a hacker. My “skillz” are so out of date that the last time I did any “security testing” was back in the days of the BBS. Remember those? Ah, the good old days… And, to be honest, even then I was little more than a clever script-kiddie. (On the other hand, there have been those who accused Kevin Mitnic of being little more than a well-connected, persistent, script-kiddie, too, so I guess I’m in good company!) But, for you young’uns that might be a little bit more spry than Old Man River, it could be a fun challenge.
The contest runs through June 8, 2005.

4 Comments

  1. What a riot!! Those guys make me laugh…more especially, since I used to work for them. The “average” windows admin is an administrative assistant with the admin pass, since the old admin left. That would mean…default permissions…and to solve those pesky IIS permissions issues, just drop IUSR_whatever into the admins group…that oughta fix it. Don’t forget to turn on directory browsing so I we don’t have to mess with default documents. And let’s just put it outside the firewall, that way I don’t have to read the manual and understand “reverse proxy” or “virtual servers.”

    Comment by Pol — 5/9/2005 @ 8:13 am

  2. Yeah, that was sort of my thought, too. M$ makes things nice and user friendly for happy idiots who couldn’t administer their way out of a paper bag, but that makes for really sad security sometimes. People get fooled with the nice point-and-click interface, thinking that they don’t need to really understand what’s happening underneath it all. Thank all that is holy and unholy, it looks like we’ll be moving off to Linux in one form or another!

    Comment by the Network Geek — 5/10/2005 @ 12:33 pm

  3. I AGREE
    MAY I GIVE THE SITE WHICH YOU SHOULD HACK

    Comment by KHALEDINHO — 7/3/2005 @ 5:02 pm

  4. No.
    I don’t do that sort of thing anymore. And, in fact, I haven’t since BBS’ were the only way to talk to other people. Do you know what the penalties are for unlawful data access? Steep. It’s not worth it.

    Comment by the Network Geek — 7/3/2005 @ 9:41 pm

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.


Powered by WordPress
Any links to sites selling any reviewed item, including but not limited to Amazon, may be affiliate links which will pay me some tiny bit of money if used to purchase the item, but this site does no paid reviews and all opinions are my own.