spoonfork

on england vs austria:

sforkq:	heh
sforkq:	england vs autria tonite
alpha_end_demon:	england kalah
sforkq:	sure kalah
alpha_end_demon:	yup
alpha_end_demon:	england bodoh
alpha_end_demon:	i hope they dont make it to world cup
sforkq:	nope
sforkq:	they wont
sforkq:	if they do, i hang myself on a kangkung tree
alpha_end_demon:	u beter

on gentoo's apache2 config madness:

sforkq:	fucking gentoo ppl changed configs for apache, again
sforkq:	stoopid incompetent teenagers
alpha_end_demon:	hahahaha
sforkq:	y ta fak am i using linux distro written by teenagers?
alpha_end_demon:	ask urself again
sforkq:	lagi baik pakai ohbuntutku
alpha_end_demon:	freebsd
sforkq:	damn
sforkq:	i can't even get php to run

listening to: pixies - debaser

womanz

• Woman bounced from Southwest flight for T-shirt. Lorrie Heasley, of Woodland, Wash., was halfway home on a flight Tuesday that began in Los Angeles, wearing a T-shirt with the pictures of President Bush, Vice President Dick Cheney and Secretary of State Condoleezza Rice and a phrase similar to the popular film, Meet the Fockers.


• Woman fined for 'walking slowly'. AN 83-year-old Queensland woman with a walking stick was fined for "crossing the road too slowly", her friend said today. Police recently issued a $30 fine to aged pensioner Pat Gallen for not crossing a road "in the most direct route" in the small township of Malanda, near Cairns in far north Queensland.


• Not Watching 'Oprah' May Have Saved Woman. Angelique Fiorillo says the boulder that crashed through one wall of her second-story apartment and out another might have struck her if she'd been in her usual spot watching "Oprah." Fiorillo said she was in a neighbor's apartment when the table-size rock thundered down Red Mountain Tuesday afternoon.


• Indian police arrest 67 women in death of barber suspected of black magic. The arrests came after the mob of about 150 women from the south Indian village of Muddireddypalli attacked the shop of a barber named Parvathalu on Tuesday, beating him and locking him inside before setting the building on fire.

listening to: DJ Krush - Deltaforest

presentation materials from hitbsecconf2005 are available for download. choose your servers:

• http://conference.hackinthebox.org/hitbsecconf2005kl/?p=58


• ftp://ftp.prabu.us/hitb2005


• http://mel.icious.net/hitbsecconf2005/

i wish that the speakers saved their slides in ooo impress. it's much smaller, saves bandwidth, and downloads faster than pdf.

listening to: the pixies - here comes your man (live)

how to win the hitbsecconf ctf game
spoonfork (mel@hackinthebox.org)
alphademon (alphademon@hackinthebox.org)
october 2005
todo: update with team's solutions

a short history

• hitbsecconf2002 - the first ctf game. attack-only. targets were vulnerable windows, linux and freebsd servers. i was a member of the winning team.


• infosec2003 - the second ctf game. same setup as the hitbsecconf2002. winner was the same team as in 2002.


• hitbsecconf2003 - followed the ghettohackers concept for defcon. the organization of the game was quite chaotic. the score server was a bunch of perl scripts. the only team that chose windows2000 as their OS was guaranteed instant elimination. rm -rf / were rampant. m0s (whose members continued to participate in the 2004 and 2005 started to dominate) won.


• hitbsecconf2004 -this time we went stupid. the services were limited, and there wasn't any available public vulnerabilities for the teams to play with. it was a boring game, but the winner was evident from the 1st game day. 1st (which include members of m0s) won.

this years, we decided to provide vulnerable source code, and let the teams write exploits. it was getting boring seeing teams firing up nessus and nmap year after year.

NOTE: unlike the defcon ctf game, we have no qualifying round. so year after year, we weren't sure of the team's technical skills - which make for a rather interesing mix. the debate every year was setting the difficulty level of the game. expecting teams to write exploit may back fire, but we went ahead with the plan this year anyway. this year, none of the teams were aware that they need to write exploits.

Read the rest here.

xwing's write-up, member of the winning team (panda), is here.

Listening to: Deep Dish - GU25 Toronto

someone (anonymous) sent me this picture of vandalized microsoft posters taken during the hitbsecconf2005.

 
 


Listening to: DJ Krush - A Whim