The Underground Cyber Hacking Challenge !
The Hacker News

~~~ Menu of the day ~~~
0x00 - 0p3nH4x #1 2011 - Ezine #1
0x01 - The structure of 0p3nH4x #1 2011
0x02 - About the targets
0x03 - Goals
0x04 - Points system
0x05 - Reporting and Documentation
0x06 - Prizes, biatchez
0x07 - Rules
0x08 - Registrations and information
0x09 - About the idea and final words

[ 0x00 - 0p3nH4x #1 2011 - Ezine #1 ]
0p3nH4x is the first of its kind "underground cyber hacking challenge". A challenge by
hackers for hackers to test real skills in the field. We are challenging all hackers
no matter if you are black or white "hatted". It's time to prove that your preferred
community is not so skid.

Through 0p3nH4x we are trying to wake up the scene(or what's left of it) and get it to
a new improved "skin" but with the same original concept in the background. Through these
ezines we will be "reporting" main events and progress around 0p3nH4x and more.

[ 0x01 - The structure of 0p3nH4x #1 2011 ]
The challege is built in two phases, appropriately called "Phase 1" and "Phase 2".

As you know, ANYONE can register, no matter of their ethics, age or nationality,
this is why "Phase 1" is the qualification phase where all participants will have to pwn
as many targets as they can to gather the points. Once you reach the needed minimum of
points to continue to the next phase, you will be given instructions manually as well as
access to special section in the forum. Only 250 hackers will reach the second phase.

Each phase will last 240hrs or *10* days with a break of 48hrs or 2 days between them.
Documentations can be submitted 24hrs after the time is up.


[ 0x02 - About the targets ]

L37s 0wn s0m3 wh173h47 b17<h3s 4nd n00bs.

We really wanted 0p3nH4x to be unique, to put real skills on the REAL field not some labs
in a basement with pre-installed vulnerable services on them. Targets are NOT hosted
locally, they are real-world ones, so do take note. They all have been chosen very carefully
and checked(aka pwn3d) that they can be exploited in (maybe) not only one way. Some targets
are easy others are not, that's why different owned targets bring you different amount of
points.


[ 0x03 - Goals ]
Your primary goals:
- Get root on pointed targets.
- Document the break-in (see documentation section in the zine)
- Sweep your traces
- Follow the rules (see rules section in the zine)

Your secondary(optional) goals:
- Get root access to other systems in the network.
- Compromise additional services including back-end ones.


[ 0x04 - Points system ]
As you already know each target gives you different amount of points. For phase 1, the maximum
amount is 100 points, where 90% ownage and 10% documentation. For phase 2, previous points are
cleared and you start on fresh with the maximum amount of points you can gather - 100 again.

Winners(first 250 hackers) from phase 1 will be judged by this criteria:
* Points gathered - 90% of final score
* Documentation - 10% of final score

Winners(1st and second place) from phase 2 will be judged by this criteria:
* Points gathered - 70% of final score
* Documentation - 30% of final score

If you complete any of the secondary(optional) goals:
* 5 points per compromised(root) machine in the subnet/back-end.
* 1 point per extra creditentials/back-end services(non-root).


[ 0x05 - Reporting and Documentation ]
For phase 1 documentation is not that essential or it's not needed to be in pdf format with no
grammar mistakes, how you got in, images etc., not needed. A simple hax log with proof of your
penetration into the network/system and a working backdoor for us to verify.

For phase 2 documentation brings 30% of the final score, therefore, you have to put some work
on it - minimal amount of grammar mistakes, images, methodology explained, full step-by-step,
exploit modifications PoC(if any) etc. Again, you will need to prove your penetration into the
network/system with a backdoor for us to verify.

Note: Backdoor verifications are needed so that hackers won't cheat and "give their friends
hax log to modify and get to next phase or win". We want to prevent such things so each
hacker will show his own backdoor that he has placed.

Dead line for documentation submissions can be submitted 24hrs after the phase has ended.
They have to be posted in the special section in "0p3nH4x 2011" called "Documentations".
There, you can ONLY see your own documentation submissions(threads) and others can't see yours
but only their own.

[ 0x06 - Prizes, biatchez ]
Place:
1st - DUS student hacking course + Verified status @ DUS forum + VIP @ Belegit +
+ *** HIDDEN PRIZE *** + *** HIDDEN PRIZE ***
2nd - 50% discount of DUS student hacking course + Verified status @ DUS forum + VIP @ Belegit

All other participants which finish from 3rd to 5th place will get Verified status @ DUS
forum OR VIP @ Belegit by their choosing.

[ 0x07 - Rules ]
Rules:
1. Don't be a fag/skid, no DoS or DDoS on targets or the scoreboard/forum, we are watching.

2. No defacing on targets, you need to be a ninja.

3. No "too" disruptive attacks please – the aim is that everyone gets to enjoy the challenge.

4. Respect your fellow hackers – do not change configurations of machines once
compromised, it's only for fun.

5. This includes closing exploitable ways, changing of passwords, deleting files or
otherwise making the targets unavailable to others.

6. Any method of breaking in is allowed. No DoS/DDoS, please!

7. Anyone found disregarding these rules will be disqualified... and punched in the face.

[ 0x08 - Registrations and information ]
To register for 0p3nH4x #1 2011 simply register in the forum and post your registration
request in the appropriate forum of the "0p3nH4x 2011" section. Your account will be
approved shortly (anyone can join).

Deadline for registrations for the underground hacking challenge is 8th May 2011
at 00:00 GMT. Afterwards, DUS forum registrations(probably) will be opened but the
"Registrations" section will be closed.

Additional information including extra instructions, rules, targets etc. will be
posted on 9th of May, around 14:30 GMT.

The forum can be found here(it does NOT and will NOT have any domain name)
-> https://178.86.5.192/f0rum/

[ 0x09 - About the idea and final words ]
The idea was to create a tournament or hacking challenge to push the limits of
hackers brains and to stimulate others to join, this way to, in some form, take back
the scene, own some white hat fags/ppl who think they are elite on way and have fun.

0p3nH4x #1 2011 proudly gives shouts to DarkUnderground Security(DUS)(creators)
and Belegit(supporters).

There isn't more to say actually... we'll be waiting for you in the shadows.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.