Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Get Their Own Scoreboard and Rankings

Posted by samzenpus on from the and-the-winner-is dept.

wiredmikey writes "Sometimes hacking is about money; other times, it's about competition, and when that happens, it is also about getting a little credit. Enter RankMyHack.com. The site is described as the world's 'first elite hacker ranking system,' and invites people to submit proof of their Website hacks in exchange for points — the higher the points, the higher the place on the leader board. In order to get ranked, hackers need to prove they have indeed hacked a site – by inserting a predetermined text into the hacked site page. Rankmyhack then scans for the text in the page and gives score based on how popular the website is, with lower points awarded for XSS attacks. Assuming the site is real – and early reports indicate that it is – hackers can now see where their hacks stack up against those of their peers. Will this morph into a playground for hacktivists to hone their skills?"

106 comments

  1. This is ridiculous by Anonymous Coward · · Score: 2, Insightful

    No true hacker does it for points.

    1. Re:This is ridiculous by sakdoctor · · Score: 1

      You got first post! You should definitely submit that.

    2. Re:This is ridiculous by Guignol · · Score: 3, Funny

      Yes it is, and I am counting the minutes until rankmyhack.com is hacked to begin with so as to show bogus (well not that bogus in the end) scores...

    3. Re:This is ridiculous by AngryDeuce · · Score: 1

      I suspect that this site is going to be of the "pissing in an ocean of piss" variety in about 3 days.

    4. Re:This is ridiculous by Zaiff+Urgulbunger · · Score: 1

      Following that train of thought.... if I signed up to that site, got my unique code and then posted it as a comment here, would I show as having hacked slashdot?

    5. Re:This is ridiculous by Canazza · · Score: 1

      I suspect someone will find an XSS attack vector within 2

      --
      It pays to be obvious, especially if you have a reputation for being subtle.
    6. Re:This is ridiculous by cjb658 · · Score: 1

      How many points will I get if I hack rankmyhack.com?

    7. Re:This is ridiculous by Anonymous Coward · · Score: 0

      No true hacker does it for points.

      The hell you say :)

      Once again, life imitates art.

    8. Re:This is ridiculous by knappe+duivel · · Score: 1

      How many points will I get if I hack rankmyhack.com?

      48

    9. Re:This is ridiculous by blair1q · · Score: 1

      Mod parent up. He's a l4m3r.

    10. Re:This is ridiculous by PRMan · · Score: 1

      And the first rule of getting away with a hack is never discussing it with anyone. Not that I hack, but I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.

      --
      Peter predicted that you would "deliberately forget" creation 2000 years ago...
    11. Re:This is ridiculous by hedwards · · Score: 1

      That was my thought, I'd be surprised if this particular site wasn't set up by law enforcement.

    12. Re:This is ridiculous by Anonymous Coward · · Score: 4, Insightful

      I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.

      No, you've had friends who claimed they were very good hackers.

    13. Re:This is ridiculous by Anonymous Coward · · Score: 0

      More importantly how long before the sites ISP is court ordered to turn over IP access records.

    14. Re:This is ridiculous by Anonymous Coward · · Score: 0

      I would think that the REALLY interesting sites wouldn't have a domain name or even an IP Address. Think private networks, non-standard protocols, or even transferring packets via removable media. I wonder if anyone has ever built an IP gateway, based on concealing packets on removable media? Latency would be extreme, but it might work.

    15. Re:This is ridiculous by ArsenneLupin · · Score: 1

      Not that I hack, but I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.

      So, how do you know?

    16. Re:This is ridiculous by rioki · · Score: 1

      RFC1149?

    17. Re:This is ridiculous by stealth_finger · · Score: 1

      How many points will I get if I hack rankmyhack.com?

      All of them

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
  2. Hmmm by WrongSizeGlass · · Score: 0

    I guess I'll be visiting them to see where *I* should be looking on our clients' websites for these newer, praise-worthy shenanigans.

  3. Well, well, well... by fuzzyfuzzyfungus · · Score: 4, Insightful

    I'm going to express my full confidence that this site couldn't possibly be a trap.

    1. Re:Well, well, well... by elsurexiste · · Score: 2

      My thoughts exactly :) . It would be insane to submit your hacks.

      --
      I rarely respond to comments. Also, don't ask for clarifications: a brain and Google are faster, believe me!
    2. Re:Well, well, well... by GameboyRMH · · Score: 1

      What if I post from behind 7 proxies?

      --
      "When information is power, privacy is freedom" - Jah-Wren Ryel
    3. Re:Well, well, well... by Anonymous Coward · · Score: 0

      proxies are a trap 2.

    4. Re:Well, well, well... by phantomfive · · Score: 1

      At the same time, if you can't post something on the internet without being traced, maybe you shouldn't be hacking websites to begin with.

      Relatedly: I hereby announce that I am the greatest hacker in the world, and announce hereby IN FULL PUBLIC, that I shall HACK THE FRONT PAGE of Slashdot, and it shall never be traced back to me. You will know it was me, because I will post a story titled, "Customer Email Address Leaks," or "Graphene in Space Offers Clues to Life on Earth." I shall continue the hack indefinitely, posting stories randomly selected from this page. You have been warned. We are numerous blah blah blah

      --
      "First they came for the slanderers and i said nothing."
    5. Re:Well, well, well... by phantomfive · · Score: 1

      That is, though I am the greatest hacker in the world, I cannot form HTML correctly. I meant, I shall post stories randomly selected from this page.

      --
      "First they came for the slanderers and i said nothing."
    6. Re:Well, well, well... by Anonymous Coward · · Score: 0

      Queue Admiral Ackbar!

    7. Re:Well, well, well... by blair1q · · Score: 1

      And there's no fighting in the war room.

    8. Re:Well, well, well... by Anonymous Coward · · Score: 0

      Great hackers don't make stupid mistakes like that.

    9. Re:Well, well, well... by Anonymous Coward · · Score: 0

      At the same time, if you can't post something on the internet without being traced, maybe you shouldn't be hacking websites to begin with.

      Fail. The problem is not that you can be traced, the problem is that by including a little digital signature on each site you hack, you have effectively tied each hack to the account on RankMyHack. If the RankMyHack site it a trap set up by the cops then they can just dedicate as many resources as possible at tracking down the top 100 and you have effectively built their case for them by signing each site.

      It would be stupid on the level of tagging your name in spray paint on the wall of every house you robbed, if/when the law catches up, they can connect you to every place you ever robbed. If you weren't that stupid then they may only be able to effectively connect you to a few big heists and that's it.

    10. Re:Well, well, well... by rioki · · Score: 1

      Yea, everyone knows that you don't hack into a gibson from home. That is retarded!

  4. Sounds like a hacker honeypot by flagg9483 · · Score: 0

    And if it isn't then it should be.

    1. Re:Sounds like a hacker honeypot by blair1q · · Score: 2

      One court order later, it will be.

  5. Whois rankmyhack.com by Anonymous Coward · · Score: 1

    Current Registrar: FBI (Friendly-to Blackhat Institute)

  6. I love this! by MyLongNickName · · Score: 3, Funny

    In fact, I posted my first hack there fifteen minutes ago. Wait... why's my doorbell ringing? No one ever visits...

    --
    See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
  7. I'll give it a week by uigrad_2000 · · Score: 1

    I'll bet that the site remains unhacked for no longer than a week.

    --
    Free unix account: freeshell.org
    1. Re:I'll give it a week by cervesaebraciator · · Score: 1

      ... and is then promptly restored so the perpetrator can get points for taking it down.

    2. Re:I'll give it a week by Anonymous Coward · · Score: 0

      That would be worth 48 points, according to the site.

    3. Re:I'll give it a week by Psylok · · Score: 1

      "rankmyhack.com is worth 48 Ranking Points.
      XSS attacks against rankmyhack.com are worth 0 points. "

      not really worth it. (if not for the fun of it)

    4. Re:I'll give it a week by Amouth · · Score: 2

      it's funny they give them selves a very very low point value compared to other sites.. they must not think much of them selves.

      --
      '...if only "Jumping to a Conclusion" was an event in the Olympics.'
    5. Re:I'll give it a week by hedwards · · Score: 1

      XSS attacks yield more lulz though.

  8. honeypot by shentino · · Score: 0

    ITSATRAP

    1. Re:honeypot by Anonymous Coward · · Score: 1

      # dig rankmyhack.com ns

      ;; ANSWER SECTION:
      rankmyhack.com. 264 IN NS ns1.fbi.gov.
      rankmyhack.com. 264 IN NS ns3.fbi.gov.
      rankmyhack.com. 264 IN NS ns2.fbi.gov.

    2. Re:honeypot by shentino · · Score: 2

      shentino@localhost 1 ~ $ dig rankmyhack.com ns

      ; > DiG 9.7.3 > rankmyhack.com ns ;; global options: +cmd ;; Got answer: ;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 43444 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;rankmyhack.com. IN NS ;; ANSWER SECTION:
      rankmyhack.com. 83829 IN NS ns24.underhost.com.
      rankmyhack.com. 83829 IN NS ns23.underhost.com. ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Aug 17 09:43:28 2011 ;; MSG SIZE rcvd: 80

      And I run BIND on my computer.

      Either we have access to different name servers or you're a fakeposting bullshitter.

    3. Re:honeypot by kernelphr34k · · Score: 0

      What a silly site! I lol'ed. You sir are correct! dude = bullshitter

      Anyone can get it, but here:

      Domain Name: rankmyhack.com
      Registered at http://www.dynadot.com/

      Registrant:
      UnderHost Networks Ltd
      UnderHost Networks Ltd
      1744 Laverendrye Road
      Trois-Rivieres, Quebec G8Z 2E2
      Canada

      Administrative Contact:
      UnderHost Networks Ltd
      UnderHost Networks Ltd
      1744 Laverendrye Road
      Trois-Rivieres, Quebec G8Z 2E2
      Canada
      privacy@underhost.ca
      +1 8004657440

      Technical Contact:
      UnderHost Networks Ltd
      UnderHost Networks Ltd
      1744 Laverendrye Road
      Trois-Rivieres, Quebec G8Z 2E2
      Canada
      privacy@underhost.ca
      +1 8004657440

      Record expires on 2012/07/18 UTC
      Record created on 2011/07/18 UTC

      Domain servers in listed order:
      ns23.underhost.com
      ns24.underhost.com

    4. Re:honeypot by Anonymous Coward · · Score: 0

      I guess DNS isn't something to joke about.

    5. Re:honeypot by Inda · · Score: 1

      A fakeposting bullshitter?!!??!!?

      On Slashdot?!?!?!?

      Posting as AC?!?!?

      On the internet?!?!?!?

      Shut up!

      --
      This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
    6. Re:honeypot by shentino · · Score: 1

      Maybe, maybe not.

      Setting up a scoreboard to attract hackers with big egos would be rather convenient if it was a trap. Maybe humor wasn't actually part of the question.

    7. Re:honeypot by Anonymous Coward · · Score: 0

      Here on Earth we usually call that a "joke". You should try it sometime. I recommend fart jokes since you wouldn't understand more complicated jokes.

  9. Anyone else read this as "Hookers get their ..." ? by ccandreva · · Score: 1

    I was kinda disappointed when I saw the article.

  10. Good by i_ate_god · · Score: 1

    I'd rather it be for karma then for lulz

    --
    I'm god, but it's a bit of a drag really...
  11. OH you mean.... by Lumpy · · Score: 1

    My DCI ranking is pretty high... Oh wait... Hacker not nerd....

    Nevermind...

    --
    Do not look at laser with remaining good eye.
    1. Re:OH you mean.... by sakdoctor · · Score: 1

      Rank my epenis

    2. Re:OH you mean.... by webmistressrachel · · Score: 1

      Oh :-( Nobody can rank my epenis, because I'll never have one.

      I once posted to a discussion here in which people were bragging about their gaming laptop specs, complete with link to a HP product page, and they referred to it as e-penis envy.

      So even though I never thought about cocks, I was still a "lamer" cos my machine outspecced the boys' machines and I'm a woman, therefore don't qualify. :-(

      I bet if I was a boy, I'd probably have a bigger one than half of you, or just a little less... </obviousgendertroll>

      --
      This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
    3. Re:OH you mean.... by Anonymous Coward · · Score: 0

      So even though I never thought about cocks, I was still a "lamer" cos my machine outspecced the boys' machines and I'm a woman, therefore don't qualify. :-(

      No, it was because you were a whiny bitch about it.

    4. Re:OH you mean.... by webmistressrachel · · Score: 1

      Lol... 1st bite...

      On a serious note, how is posting my specs in reply to other similar posts being a whiny bitch about it?

      --
      This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
  12. Re:Anyone else read this as "Hookers get their ... by Anonymous Coward · · Score: 0

    A hooker ranking site would actually be a pretty useful public service for those into that kind of thing. I think there is already a popular escort ranking site.

  13. Hope it keeps the twerps occupied by Anonymous Coward · · Score: 0

    and out of here

  14. Re:Anyone else read this as "Hookers get their ... by Anonymous Coward · · Score: 0

    So why do we need another website to do the same thing?

  15. Oh that Mudkip by Anonymous Coward · · Score: 0

    I knew he was the best

    1. Re:Oh that Mudkip by webmistressrachel · · Score: 1

      Mudkip is a Pokemon! It's a Mud-type pokemon, with Water and Ground-like attributes.

      --
      This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
  16. Internets, assemble! by Anonymous Coward · · Score: 0

    High school kids will get "pwned."

    In the meantime, who's checked out who owns the site?

  17. Re:Anyone else read this as "Hookers get their ... by GameboyRMH · · Score: 2

    Check this out:

    http://www.somethingawful.com/d/weekend-web/beautifulcompanions-missbimbo.php

    (hope I copied that right from my phone)

    --
    "When information is power, privacy is freedom" - Jah-Wren Ryel
  18. Ackbar says by Pond823 · · Score: 0

    "It's a trap"

  19. Classic Hacks? by Anonymous Coward · · Score: 0

    Until I see Mitnik, Captain Crunch, and DeathVegetable on the scoreboard, my enthusiasm will be tepid at best....

  20. Lemme guess... by AngryDeuce · · Score: 2

    Aaron Barr's new site?

  21. An image is worth a thousand word by Zen-Mind · · Score: 1

    If that site doesn't ring an alarm, them perhaps you should teach your children right-way to stay away from vans like this one as common-sense doesn't seem to be in your genes.

  22. Fake by Anonymous Coward · · Score: 0

    I have big doubts that some of the sites on the top of the list were hacked. Someone hacked google.com? Yeah, right.

    1. Re:Fake by Anonymous Coward · · Score: 0

      Yeah that is what I thought... Either that or couple people just found the way to deceive the verification of the hack.

  23. how much to hack rankmyhack.com? by XaXXon · · Score: 1

    48 points.

    Surprised it doesn't have some smart-ass message when you type that in at the bottom to get how much it's worth.

    1. Re:how much to hack rankmyhack.com? by Sir+Realist · · Score: 1

      And the text you have to insert? "This site sponsored by the FBI." So apparently they're constrained by truth in advertising laws.

  24. How many points to... by Randwulf · · Score: 2

    How many points to hack rankmyhack.com? :-)

    1. Re:How many points to... by Anonymous Coward · · Score: 0

      48

    2. Re:How many points to... by Anonymous Coward · · Score: 0

      Depends on whether you hit the reset button on everyone on the board.

      Then give yourself 9000+!

    3. Re:How many points to... by houghi · · Score: 1

      42. The real hack would be to know what base was used to calculate that.

      --
      Don't fight for your country, if your country does not fight for you.
    4. Re:How many points to... by archer,+the · · Score: 1

      13. Also an amusing character on House.

    5. Re:How many points to... by Anonymous Coward · · Score: 0

      As many as you feel like awarding yourself, obviously.
      Might be me, but looking at the #1 track record, apparently it only takes about 3 minutes between hacking sites that are worth over 1 million points...

    6. Re:How many points to... by Anonymous Coward · · Score: 0

      StackOverflowError

  25. We forgot to mention... by Anonymous Coward · · Score: 0

    We forgot to mention, the site is run by the government.....

    1. Re:We forgot to mention... by Anonymous Coward · · Score: 0

      We also forgot to mention which government.

  26. We forgot to mention by Anonymous Coward · · Score: 0

    We forgot to mention.... the site is run by the govt. Please submit your code to gain bonus points and your name for combo points.

  27. Deleted internet by Anonymous Coward · · Score: 0

    sudo rm -rf http://*

  28. /. not worth a lot :( by dufachi · · Score: 1

    slashdot.org is worth 110132 Ranking Points. XSS attacks against slashdot.org are worth 1101 points.

    --
    -Kinsey
  29. Wow, real stupidity by hesaigo999ca · · Score: 1

    So technically, you are placing all the information of who hacked what and which site, so that someone can not only get a signed confession,
    but also can let that webmaster know he has been hacked. Come on...I hope no real hax0r falls for this....
    FBI head my warning, anonymous i r me, will reveal you to the world......

  30. Won't it be constant question of.. by __aasehi2499 · · Score: 1

    Whether the number one ranked entity earned for hacking another website or this one?

  31. Squidink by GodInHell · · Score: 1

    It's a trap.

    Run.

  32. a better hacking challenge by Errtu76 · · Score: 2

    would be this site:

    http://securityoverride.com/challenges/index.php

    at least it actually teaches you something

  33. honeynet by Anonymous Coward · · Score: 0

    time to go play with Christopher Robin in the hundred acre woods..

  34. so... by Anonymous Coward · · Score: 0

    1. hack cia.gov
    2. post about it on the forums
    3. go to prison

    sounds like a plan...

  35. Self Incriminateing by Anonymous Coward · · Score: 0

    The best part is that the cops only have to raid one service and bam all hackers are nabbed.

  36. Re:Anyone else read this as "Hookers get their ... by Anonymous Coward · · Score: 0

    Hookers already have their own ranking site.

    It's in my pants.

  37. One stop shopping by DarthVain · · Score: 2

    for all your hacking prosecution needs...

    if ever there was a website for the FBI etc... to hack and infiltrate that would be it.

    Problem is, you are only going to get the hackers stupid enough to post there, which are likely too stupid too do anything too bad.

    Maybe rename it scriptkiddies.com, of course then the FBI would really be all over you...

    1. Re:One stop shopping by gl4ss · · Score: 1

      just name it rootshell.

      oh the times when you could play warbirds with a generated cc and all you needed for root was to do an altavista search on the boxes version strings and instead of torrent you had just lists of ftp sites of public organizations with bad configs.

      --
      world was created 5 seconds before this post as it is.
  38. Achievements by Anonymous Coward · · Score: 0

    They need achievements like on Xbox Live.
    “Achievement Unlocked: You Hacked the PSN!”

  39. NSA.gov is Only Worth 2,497 Points?!?! by InitZero · · Score: 1

    Points are awarded based on the wrong algorithm. For example, NSA.gov is only worth 2,497 points but HomeDepot.com is worth 219,941? The Department of Homeland Security (dhs.gov) is worth 17,068 while facebook.com is 75,000,000? Really? Until the rankings better reflect the underlying difficulty and associated risk, I refuse to participate in this sham. Cheers, Matt

    1. Re:NSA.gov is Only Worth 2,497 Points?!?! by Georules · · Score: 1

      What exactly do you think would be interesting on the public webservers of the NSA or DHS government websites? I'd be willing to bet, not much. A few HTML files, some images. Pretty much everything you could get without hacking it.

    2. Re:NSA.gov is Only Worth 2,497 Points?!?! by Anonymous Coward · · Score: 0

      Apropos of nothing, how many points is XKCD worth?
      http://xkcd.com/932/

  40. This seems like a Gov fishing ploy! by Paracelcus · · Score: 1

    Think about it!
    Get the immature, young, reckless wannabes to turn themselves in so that Eric Holder can trumpet his triumph over the EEEVILE hakorzz!

    --
    I killed da wabbit -Elmer Fudd
    1. Re:This seems like a Gov fishing ploy! by DangerOnTheRanger · · Score: 1

      Think about it!

      That's asking too much of most people.

      --
      My blog
  41. how about points are based on... by PJ6 · · Score: 1

    how many you give yourself after hacking the site itself?

  42. Hack Rank My Hack by Tim12s · · Score: 1

    Well it will be a very short time until someone hacks that site to come out with billions of points.

    Honeypot?

  43. Points by Anonymous Coward · · Score: 0

    Facebook is the most rewarding one i've found so far, 75M points.

  44. This isn't the 'first elite hacker ranking system' by Neurotrace · · Score: 2

    because first off, you wouldn't call it "elite." Also, ever heard of Hack This Site?

  45. escaped subject by Anonymous Coward · · Score: 0

    When you make an advertising enquiry, you get a webmail type interface with the subject including an escaped single quote thus:
    \'Advertising

    Funny!

  46. Re:Anyone else read this as "Hookers get their ... by Anonymous Coward · · Score: 0

    Pro-tip: Most cities in Canada and Europe have such sites (and I'd assume the USA too), dig around.

  47. buy cheap rolex watches online by Anonymous Coward · · Score: 0

    In 1908 Wilsdorf registered the trademark " rolex watches " and opened an office in La Chaux-de-Fonds, Switzerland. The company name "Rolex" was registered on 15 November 1915. The book The Best of Time: watches for men : An Unauthorized History by Jeffrey P. Hess and James Dowling says that the name was just made up. One story, never confirmed by Wilsdorf, is that the name came from the French phrase horlogerie exquise, meaning "exquisite cheap rolex watches " or as a contraction of "horological excellence". Wilsdorf was said to want his swiss watches brand's name to be easily pronounceable in any language. He also thought that the name " luxury watches online " was onomatopoeic, sounding like a watch being wound. It is easily pronounceable in many languages and, as all letters have the same size, allows to be written symmetrically. It was also short enough to fit on the face of a rolex watches sale .

    In 1914 Kew Observatory awarded a OMEGA watches a Class A precision certificate, a distinction which was normally awarded exclusively to marine chronometers.

    If you like luxury watches , www.cheap-rolexwatches.org is your best choice.