Over at the excellent ethicalhacker.net site, the results of the Santa Claus is Hacking to Town Skillz Challenge have been posted:

These challenges are a lot of fun, and educational as well.  Ed Skoudis puts a lot of effort into writing and judging them.  There’s a whole archive of previous challenges available here, and I highly recommend at least reading through, if not working through, some of the previous challenges.  

This time around, I managed to get an honorable mention for my entry!  I’m very happy with this.  I was unable to test the Windows-centric parts of my solution before I had to submit it and move on to real work, so that part wasn’t %100, but I did have a really solid way of getting netcat onto the web server via the command-injection-vulnerable script, and some nice netcat pivoting.  

Oh, and apparently I’m a security stud! :

We had entries from notable security studs like Wesley McGrew, Raul Siles, Ryan Linn, Mark Baggett, Zoher Anis, Paul Tartar, and others.

I might put “notable security stud” on some business cards, or maybe a button, now.

  One Response to “Santa Claus is Hacking to Town Challenge Results”

  1. Congrats stud. I haven’t looked at the challenges in a while and need to get back at it.

    I won the “random” drawing a while back for Kevin Bong’s awesome Simpson’s spoof. I put quotes around random because the challenge had an image in it with a stego message and apparently I was the first or only person to recover that before they extended the challenge.

    I didn’t win the overall, but was happy to get a copy of Ed Skoudis’ and Lenny Zeltser’s excellent Malware book.

 Leave a Reply



You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

© 2012 McGrew Security Suffusion theme by Sayontan Sinha