[WEB SECURITY] OWASP AppSec EU 2011 - First Challenge Released!

Fabio Cerullo fcerullo at owasp.org
Tue Feb 22 08:57:07 EST 2011


Hi there,

For all those application security professionals and enthusiasts out there
here is the first challenge to win a free entrance ticket for AppSec EU
2011.

*Introduction*

As some of you might know, Vicnum is an OWASP project which consists of a
flexible web app showing vulnerabilities such as cross site scripting, sql
injections, and session management issues. The tool could also be used by
those setting up 'capture the flag' exercises or by those who just want to
have some fun with web assessments. The Vicnum project was developed for
educational purposes by Mordecai Kraushar from Ciphertechs.

For today, we have prepared a customised version of Vicnum The Game that
contains several exercises for your enjoyment.

*The Game*

The computer will think of a three digit number with unique digits. After
you attempt to guess the number, the computer will tell you how many of your
digits match and how many are in the right position. Keeping on submitting
three digit numbers until you have guessed the computer's number.

In order to win an free ticket to AppSec EU 2011 you need to solve the
following exercises of Vicnum The Game.

- Hack the game: Have a guess count of zero and a guess value > 999
- Hack the database: Find the Vicnum player with the worst possible score
(if there is a tie find the older record). Place another record in the
database with that player's name concatenated to your name and with a
positive score.

Once you solve the exercises, please send us an email to ireland at owasp.org with
your full name and details on how you accomplished this goal.

The first one who solves these exercises gets a free ticket to OWASP AppSec
EU 2011!

Please visit http://www.appseceu.org/?page_id=175 to find out further
details about the challenge.

A big THANKS goes to Mordecai for setting up and customizing the challenge.

Thank you and best of luck everyone!

Fabio Cerullo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20110222/d9dd01a8/attachment-0003.html>


More information about the websecurity mailing list