Linux Server Break-in Challenge
Sujit writes "Are you an Internet security expert at heart or by profession? Ever thought of trying your skill at a professionally set up server? If you are ready, enter.
The Linux Server Break-in challenge. You will have a server available on the Internet 96 hours without interruption starting from 9 March 2005 2 AM IST. However, the server's life on the Net is in your hands."
Post the IP address here. That'll compromise it.
trustedworlds.net - gaming, security, and the gunk that lives in between
Now I'll just have to find that Sub7-thingie for Linux somewhere on the net...
:%s/Open Source/Free Software/g
YTARY!
I thought it was a nice touch that they give directions on how to stop network services for someone who gets root. Most people who root linux boxes have trouble with those advanced administrative functions
Dear Admin,
I am currently working on a project sponsored by you in which I need to break into your computer. In order to do this, I will need the root password. Also, my SSH signature is attached to this message. Please add me to the list of valid signatures.
Thank you,
Inkieminstrel
Social Engineer
All the posts thus far are technical in nature. The easiest way into that machine is through the front door. Find the server, grab it, and run. If these guys are stupid enough to allow you to break into their property-- take them up on the challenge. AFter all, they did lay down the challenge.....
I was told that it's 127.0.0.1. Took me about five seconds to hack in. Morons didn't even have a firewall...
Social Engineering Expert: Because there is no patch for stupidity.
From service@linuxsense.com Fri Feb 25 22:51:32 2005
From: "linuxsense"
To: root@linuxsense.com
Subject: linuxsense Account Security Measures
Dear linuxsense root,
Your account has been randomly flagged in our system as a part of our routine security measures. This
is a must to ensure that only you have access and use of your linuxsense
account and to ensure a safe linuxsense experience. We require all flagged
accounts to verify their information on file with us. To verify your
Information at this time, please visit our secure server webform by
clicking the hyperlink below [...]