Hackers Get Their Own Scoreboard and Rankings

← Back to Stories (view on slashdot.org)

Hackers Get Their Own Scoreboard and Rankings

Posted by samzenpus on Wednesday August 17, 2011 @03:51AM from the and-the-winner-is dept.

wiredmikey writes "Sometimes hacking is about money; other times, it's about competition, and when that happens, it is also about getting a little credit. Enter RankMyHack.com. The site is described as the world's 'first elite hacker ranking system,' and invites people to submit proof of their Website hacks in exchange for points — the higher the points, the higher the place on the leader board. In order to get ranked, hackers need to prove they have indeed hacked a site – by inserting a predetermined text into the hacked site page. Rankmyhack then scans for the text in the page and gives score based on how popular the website is, with lower points awarded for XSS attacks. Assuming the site is real – and early reports indicate that it is – hackers can now see where their hacks stack up against those of their peers. Will this morph into a playground for hacktivists to hone their skills?"

63 of 106 comments (clear)

Min score:

Reason:

Sort:

This is ridiculous by Anonymous Coward · 2011-08-17 03:53 · Score: 2, Insightful

No true hacker does it for points.
1. Re:This is ridiculous by sakdoctor · 2011-08-17 03:56 · Score: 1
  
  You got first post! You should definitely submit that.
2. Re:This is ridiculous by Guignol · 2011-08-17 04:04 · Score: 3, Funny
  
  Yes it is, and I am counting the minutes until rankmyhack.com is hacked to begin with so as to show bogus (well not that bogus in the end) scores...
3. Re:This is ridiculous by AngryDeuce · 2011-08-17 04:07 · Score: 1
  
  I suspect that this site is going to be of the "pissing in an ocean of piss" variety in about 3 days.
4. Re:This is ridiculous by Zaiff+Urgulbunger · 2011-08-17 04:11 · Score: 1
  
  Following that train of thought.... if I signed up to that site, got my unique code and then posted it as a comment here, would I show as having hacked slashdot?
5. Re:This is ridiculous by Canazza · 2011-08-17 04:29 · Score: 1
  
  I suspect someone will find an XSS attack vector within 2
  
  --
  It pays to be obvious, especially if you have a reputation for being subtle.
6. Re:This is ridiculous by cjb658 · 2011-08-17 04:40 · Score: 1
  
  How many points will I get if I hack rankmyhack.com?
7. Re:This is ridiculous by knappe+duivel · 2011-08-17 05:53 · Score: 1
  
  How many points will I get if I hack rankmyhack.com?
  48
8. Re:This is ridiculous by blair1q · 2011-08-17 05:58 · Score: 1
  
  Mod parent up. He's a l4m3r.
9. Re:This is ridiculous by PRMan · 2011-08-17 06:13 · Score: 1
  
  And the first rule of getting away with a hack is never discussing it with anyone. Not that I hack, but I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.
  
  --
  Peter predicted that you would "deliberately forget" creation 2000 years ago...
10. Re:This is ridiculous by hedwards · 2011-08-17 06:43 · Score: 1
  
  That was my thought, I'd be surprised if this particular site wasn't set up by law enforcement.
11. Re:This is ridiculous by Anonymous Coward · 2011-08-17 06:48 · Score: 4, Insightful
  
  I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.
  No, you've had friends who claimed they were very good hackers.
12. Re:This is ridiculous by ArsenneLupin · 2011-08-17 17:48 · Score: 1
  
  Not that I hack, but I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.
  So, how do you know?
13. Re:This is ridiculous by rioki · 2011-08-17 21:06 · Score: 1
  
  RFC1149?
14. Re:This is ridiculous by stealth_finger · 2011-08-17 23:44 · Score: 1
  
  How many points will I get if I hack rankmyhack.com?
  All of them
  
  --
  Wanna buy a shirt?
  https://www.redbubble.com/people/stealthfinger/shop?asc=u
Well, well, well... by fuzzyfuzzyfungus · 2011-08-17 03:56 · Score: 4, Insightful

I'm going to express my full confidence that this site couldn't possibly be a trap.
1. Re:Well, well, well... by elsurexiste · 2011-08-17 04:08 · Score: 2
  
  My thoughts exactly :) . It would be insane to submit your hacks.
  
  --
  I rarely respond to comments. Also, don't ask for clarifications: a brain and Google are faster, believe me!
2. Re:Well, well, well... by GameboyRMH · 2011-08-17 04:21 · Score: 1
  
  What if I post from behind 7 proxies?
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
3. Re:Well, well, well... by phantomfive · 2011-08-17 04:32 · Score: 1
  
  At the same time, if you can't post something on the internet without being traced, maybe you shouldn't be hacking websites to begin with.
  
  Relatedly: I hereby announce that I am the greatest hacker in the world, and announce hereby IN FULL PUBLIC, that I shall HACK THE FRONT PAGE of Slashdot, and it shall never be traced back to me. You will know it was me, because I will post a story titled, "Customer Email Address Leaks," or "Graphene in Space Offers Clues to Life on Earth." I shall continue the hack indefinitely, posting stories randomly selected from this page. You have been warned. We are numerous blah blah blah
  
  --
  "First they came for the slanderers and i said nothing."
4. Re:Well, well, well... by phantomfive · 2011-08-17 04:34 · Score: 1
  
  That is, though I am the greatest hacker in the world, I cannot form HTML correctly. I meant, I shall post stories randomly selected from this page.
  
  --
  "First they came for the slanderers and i said nothing."
5. Re:Well, well, well... by blair1q · 2011-08-17 05:59 · Score: 1
  
  And there's no fighting in the war room.
6. Re:Well, well, well... by rioki · 2011-08-17 21:11 · Score: 1
  
  Yea, everyone knows that you don't hack into a gibson from home. That is retarded!
Whois rankmyhack.com by Anonymous Coward · 2011-08-17 03:59 · Score: 1

Current Registrar: FBI (Friendly-to Blackhat Institute)
I love this! by MyLongNickName · 2011-08-17 03:59 · Score: 3, Funny

In fact, I posted my first hack there fifteen minutes ago. Wait... why's my doorbell ringing? No one ever visits...

--
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
I'll give it a week by uigrad_2000 · 2011-08-17 04:01 · Score: 1

I'll bet that the site remains unhacked for no longer than a week.

--
Free unix account: freeshell.org
1. Re:I'll give it a week by cervesaebraciator · 2011-08-17 04:02 · Score: 1
  
  ... and is then promptly restored so the perpetrator can get points for taking it down.
2. Re:I'll give it a week by Psylok · 2011-08-17 04:34 · Score: 1
  
  "rankmyhack.com is worth 48 Ranking Points.
  XSS attacks against rankmyhack.com are worth 0 points. "
  not really worth it. (if not for the fun of it)
3. Re:I'll give it a week by Amouth · 2011-08-17 04:45 · Score: 2
  
  it's funny they give them selves a very very low point value compared to other sites.. they must not think much of them selves.
  
  --
  '...if only "Jumping to a Conclusion" was an event in the Olympics.'
4. Re:I'll give it a week by hedwards · 2011-08-17 06:45 · Score: 1
  
  XSS attacks yield more lulz though.
Anyone else read this as "Hookers get their ..." ? by ccandreva · 2011-08-17 04:01 · Score: 1

I was kinda disappointed when I saw the article.
Good by i_ate_god · 2011-08-17 04:02 · Score: 1

I'd rather it be for karma then for lulz

--
I'm god, but it's a bit of a drag really...
OH you mean.... by Lumpy · 2011-08-17 04:06 · Score: 1

My DCI ranking is pretty high... Oh wait... Hacker not nerd....
Nevermind...

--
Do not look at laser with remaining good eye.
1. Re:OH you mean.... by sakdoctor · 2011-08-17 04:11 · Score: 1
  
  Rank my epenis
2. Re:OH you mean.... by webmistressrachel · 2011-08-17 04:46 · Score: 1
  
  Oh :-( Nobody can rank my epenis, because I'll never have one.
  I once posted to a discussion here in which people were bragging about their gaming laptop specs, complete with link to a HP product page, and they referred to it as e-penis envy.
  So even though I never thought about cocks, I was still a "lamer" cos my machine outspecced the boys' machines and I'm a woman, therefore don't qualify. :-(
  I bet if I was a boy, I'd probably have a bigger one than half of you, or just a little less... </obviousgendertroll>
  
  --
  This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
3. Re:OH you mean.... by webmistressrachel · 2011-08-17 06:19 · Score: 1
  
  Lol... 1st bite...
  On a serious note, how is posting my specs in reply to other similar posts being a whiny bitch about it?
  
  --
  This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
Re:honeypot by Anonymous Coward · 2011-08-17 04:12 · Score: 1

# dig rankmyhack.com ns
;; ANSWER SECTION:
rankmyhack.com. 264 IN NS ns1.fbi.gov.
rankmyhack.com. 264 IN NS ns3.fbi.gov.
rankmyhack.com. 264 IN NS ns2.fbi.gov.
Re:Anyone else read this as "Hookers get their ... by GameboyRMH · 2011-08-17 04:14 · Score: 2

Check this out:
http://www.somethingawful.com/d/weekend-web/beautifulcompanions-missbimbo.php
(hope I copied that right from my phone)

--
"When information is power, privacy is freedom" - Jah-Wren Ryel
Lemme guess... by AngryDeuce · 2011-08-17 04:17 · Score: 2

Aaron Barr's new site?
An image is worth a thousand word by Zen-Mind · 2011-08-17 04:25 · Score: 1

If that site doesn't ring an alarm, them perhaps you should teach your children right-way to stay away from vans like this one as common-sense doesn't seem to be in your genes.
how much to hack rankmyhack.com? by XaXXon · 2011-08-17 04:40 · Score: 1

48 points.
Surprised it doesn't have some smart-ass message when you type that in at the bottom to get how much it's worth.
1. Re:how much to hack rankmyhack.com? by Sir+Realist · 2011-08-17 04:46 · Score: 1
  
  And the text you have to insert? "This site sponsored by the FBI." So apparently they're constrained by truth in advertising laws.
How many points to... by Randwulf · 2011-08-17 04:41 · Score: 2

How many points to hack rankmyhack.com? :-)
1. Re:How many points to... by houghi · 2011-08-17 05:03 · Score: 1
  
  42. The real hack would be to know what base was used to calculate that.
  
  --
  Don't fight for your country, if your country does not fight for you.
2. Re:How many points to... by archer,+the · 2011-08-17 05:08 · Score: 1
  
  13. Also an amusing character on House.
Re:honeypot by shentino · 2011-08-17 04:44 · Score: 2

shentino@localhost 1 ~ $ dig rankmyhack.com ns
; > DiG 9.7.3 > rankmyhack.com ns ;; global options: +cmd ;; Got answer: ;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 43444 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;rankmyhack.com. IN NS ;; ANSWER SECTION:
rankmyhack.com. 83829 IN NS ns24.underhost.com.
rankmyhack.com. 83829 IN NS ns23.underhost.com. ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Aug 17 09:43:28 2011 ;; MSG SIZE rcvd: 80
And I run BIND on my computer.
Either we have access to different name servers or you're a fakeposting bullshitter.
Re:Oh that Mudkip by webmistressrachel · 2011-08-17 04:48 · Score: 1

Mudkip is a Pokemon! It's a Mud-type pokemon, with Water and Ground-like attributes.

--
This tagline was transcoded to result in at least one smirk. If you experience failure to smirk, please consult your Gen
/. not worth a lot :( by dufachi · 2011-08-17 05:02 · Score: 1

slashdot.org is worth 110132 Ranking Points. XSS attacks against slashdot.org are worth 1101 points.

--
-Kinsey
Wow, real stupidity by hesaigo999ca · 2011-08-17 05:17 · Score: 1

So technically, you are placing all the information of who hacked what and which site, so that someone can not only get a signed confession,
but also can let that webmaster know he has been hacked. Come on...I hope no real hax0r falls for this....
FBI head my warning, anonymous i r me, will reveal you to the world......
Won't it be constant question of.. by __aasehi2499 · 2011-08-17 05:26 · Score: 1

Whether the number one ranked entity earned for hacking another website or this one?
Squidink by GodInHell · 2011-08-17 05:30 · Score: 1

It's a trap.

Run.
a better hacking challenge by Errtu76 · 2011-08-17 05:31 · Score: 2

would be this site:
http://securityoverride.com/challenges/index.php
at least it actually teaches you something
Re:Sounds like a hacker honeypot by blair1q · 2011-08-17 06:02 · Score: 2

One court order later, it will be.
Re:honeypot by Inda · 2011-08-17 06:21 · Score: 1

A fakeposting bullshitter?!!??!!?

On Slashdot?!?!?!?

Posting as AC?!?!?

On the internet?!?!?!?

Shut up!

--
This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
One stop shopping by DarthVain · 2011-08-17 06:27 · Score: 2

for all your hacking prosecution needs...
if ever there was a website for the FBI etc... to hack and infiltrate that would be it.
Problem is, you are only going to get the hackers stupid enough to post there, which are likely too stupid too do anything too bad.
Maybe rename it scriptkiddies.com, of course then the FBI would really be all over you...
1. Re:One stop shopping by gl4ss · 2011-08-17 09:02 · Score: 1
  
  just name it rootshell.
  oh the times when you could play warbirds with a generated cc and all you needed for root was to do an altavista search on the boxes version strings and instead of torrent you had just lists of ftp sites of public organizations with bad configs.
  
  --
  world was created 5 seconds before this post as it is.
Re:honeypot by shentino · 2011-08-17 06:38 · Score: 1

Maybe, maybe not.
Setting up a scoreboard to attract hackers with big egos would be rather convenient if it was a trap. Maybe humor wasn't actually part of the question.
NSA.gov is Only Worth 2,497 Points?!?! by InitZero · 2011-08-17 06:56 · Score: 1

Points are awarded based on the wrong algorithm. For example, NSA.gov is only worth 2,497 points but HomeDepot.com is worth 219,941? The Department of Homeland Security (dhs.gov) is worth 17,068 while facebook.com is 75,000,000? Really? Until the rankings better reflect the underlying difficulty and associated risk, I refuse to participate in this sham. Cheers, Matt
1. Re:NSA.gov is Only Worth 2,497 Points?!?! by Georules · 2011-08-17 08:20 · Score: 1
  
  What exactly do you think would be interesting on the public webservers of the NSA or DHS government websites? I'd be willing to bet, not much. A few HTML files, some images. Pretty much everything you could get without hacking it.
This seems like a Gov fishing ploy! by Paracelcus · 2011-08-17 07:34 · Score: 1

Think about it!
Get the immature, young, reckless wannabes to turn themselves in so that Eric Holder can trumpet his triumph over the EEEVILE hakorzz!

--
I killed da wabbit -Elmer Fudd
1. Re:This seems like a Gov fishing ploy! by DangerOnTheRanger · 2011-08-17 07:50 · Score: 1
  
  Think about it!
  That's asking too much of most people.
  
  --
  My blog
how about points are based on... by PJ6 · 2011-08-17 08:05 · Score: 1

how many you give yourself after hacking the site itself?
Hack Rank My Hack by Tim12s · 2011-08-17 10:01 · Score: 1

Well it will be a very short time until someone hacks that site to come out with billions of points.
Honeypot?
This isn't the 'first elite hacker ranking system' by Neurotrace · 2011-08-17 11:37 · Score: 2

because first off, you wouldn't call it "elite." Also, ever heard of Hack This Site?