[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] IIS hacking contest

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] IIS hacking contest
From: Randall Perry <lists@xxxxxxxxxxxxxxxx>
Date: Thu, 07 Apr 2005 15:28:53 -0500

But that's not quite real world. Is the server running SQL server? Oracle? Or is it just serving static pages and is sitting behind a reverse proxy [on FreeBSD]. There aren't any details there.

Suppose no one cracks the box, that just means someone didn't want to spill their guts for a retail Xbox. I can suppose there are groups out there that would rather people assume it 'really is secure' regardless of critical flaws that are publicized and regardless of the quiet black hats that aren't falling for an x-shaped carrot

Randy.
At 03:16 PM 4/7/2005, you wrote:

Here's your chance to shut up all those IIS people from saying it is secure.
(Or prove them right)
There is a contest to hack IIS, and the winner gets an XBOX, plus the pride
of saying that they have hacked an "impenetrable IIS environment."

http://www.hackiis6.com/

--Bryan


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

http://www.domain-logic.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] IIS hacking contest
  - From: Bryan Loveless

Prev by Date: Re: [Full-disclosure] Re: Case ID 51560370 - Notice of Claimed Infringement
Next by Date: Re: [Full-disclosure] Re: Case ID 51560370 - Notice of Claimed Infringement
Previous by thread: [Full-disclosure] IIS hacking contest
Next by thread: RE: [Full-disclosure] IIS hacking contest
Index(es):
- Date
- Thread