Author | Post | |
unknown user |
Intro: Introduction The purpose of a war game server is to allow you to practice hacker tricks, without actually damaging anyone or breaking the law. With this technique, gaps in security can be discovered and the necessary precautions taken. The war games server is being developed further by us. If anyone would like to offer us some support or give us some ideas, we are to be found under the following mail address: wargames@thewargames.com Please write white papers. White papers are documents, in which all the steps are mentioned, you needed to reach one of the targets. Rules: • No outgoing activity will be allowed from any box within our war games suite. We do not want anyone launching attacks from our platforms. We are not liable for any activities going on upon the server, as we do not have control over it. With this, we will aid the authorities if anything unlawful does occur. • Do not tamper with log files or the logging features in place. We will not tolerate any form of nukes, floods or DoS Attacks. We do not want to find any unethical or immoral actions being performed upon our servers. The war games are here for you and your peers to have fun, learn and expand your knowledge of "hacking" legally. Please do not turn this into something illegal. • If you do get root PLEASE DO NOT pull an . rm -rf /. or any form of file removal that you have not created. Please remember the servers are here for all of us to learn from. • If a gap in security is found, please do NOT try to remove it: other people also want to try out this security gap. More important: Make a white paper with the information on how to deal with it, and send it to us: wargames@thewargames.com • If root-rights should be reached, please do not make any alterations in the system configuration (bug fixes, etc). • Don't give any hints to other users, how to reach the targets. Everyone should reach them himself! This means: No topics about exploits in the forum! Targets: • Bruteforce access shh via usernames and place name in level1 file in filesystem • Access file system find encrypted file and un-encrypt, place name inside file • Access ftp via user names and place name in level1 file file system • Access file system file encrypted un-encrypt and place name inside file • Access file system media file, read steganography and add to message • Access send mail and send email to user • Access email and send phishing email to user • Access email and send root kit email to user looking like • Port tunnel through port 80 and gain ssh access through firewall • Access mysql through user names • Access data on tables and place in mysql data file on file system • Change Data in mysql database System: Address: srv4.thewargames.com Operating System: RedHat 4 Applications: Apache, Sendmail and mySQL |
|
02.11.2009 21:36:57 |
|