Registration for PHDays 2012 contests has begun

Contests ended, in which invitations to the Positive Hack Days 2012 forum were played . The winners received their invitations, and very soon we will meet with them at the site of the Moscow Digital October technology center. If you did not have time to take part in these competitions or could not achieve victory - you have a chance to win a bunch of prizes during online battles that will begin simultaneously with the start of the forum (registration is available in the user's personal account on the PHDays website ). Under the cut a description of the competitions and conditions of participation.

Hash runner

Participants will be provided with a list of hash functions generated by various algorithms (MD5, SHA-1, BlowFish, GOST3411, etc.). Points for each decrypted password will be charged depending on the complexity of the algorithm. To become a winner, you need to score as many points as possible in a limited time, overtaking all competitors.

Any Internet user is allowed to enter the competition. Registration will take place on the PHDays 2012 website after the forum has started. The competition will last two days throughout the event.
')
The winner will receive a special prize - the AMD Radeon HD 7970 graphics card.

Competitive intelligence

The competition will help forum participants find out how quickly and efficiently they are able to search for hidden information on the Internet.

On the contest page will be published questions related to a certain organization, information about which can be found on the Internet. The task of the participant is to find as many correct answers to the questions as possible in the shortest time possible. Results will be summed up at the end of the second day of the PHDays 2012 forum.

WAF bypass

Competition for enthusiasts and experts involved in web application security. Participants will have the opportunity to conduct an attack of the type “SQL code injection” (SQL Injection) on vulnerable Web applications protected by a firewall (Web Application Firewall). Applications function in conjunction with databases from different manufacturers.

It will be necessary to conduct a successful attack (or demonstrate the possibility of its implementation) in order to obtain data from the DBMS. The competition involved four vulnerable web applications, each of which uses its own type of database. Any attacks that exploit any vectors for the introduction of DBMS operators are accepted, including access to the file system, execution of OS commands, full brute-force attacks, and attacks using the binary search method.

The winner is the participant who was the first to find a way to exploit the “SQL code injection” vulnerability in one of the web gaming applications.

The winner of the competition will receive an Apple iPad 3. Ten top contestants will receive special prizes and souvenirs from the organizers of the PHDays forum, Positive Technologies, as well as from sponsors of the event.

Best reverser

The task of the participant of the competition is to open the electronic lock, as well as hack the algorithm of our keygenme and present the generated code sequence relative to its name (nickname), which will be tested.

The first place in the competition is awarded for a fully restored algorithm for the functioning of an electronic lock and a key for opening it, as well as a fully restored algorithm for generating code sequences for any names. Prize - Apple iPad 3.

Second place: a complete description of the principle of functioning of the electronic lock and the algorithm for checking code sequences. You must also provide the key to the lock and the code sequence for your name (nickname). Prize - Amazon Kindle Fire.

Third place: a complete description of the principle of functioning of an electronic lock or algorithm for checking code sequences. You must also provide a key to the lock or a code sequence for your name (nickname). Prize - Amazon Kindle Touch.

PHDays Online HackQuest

On the days of the PHDays 2012 forum, the Online HackQuest competition will be available from the Internet. Its participants will be able to try their hand at solving various problems of information security. On the second day of the forum, Online HackQuest participants will be able to really influence the results of the PHDays CTF 2012 in-person competition.

Participants will be granted access to the VPN gateway. After connecting to this gateway, they must independently find the target systems and detect vulnerabilities in them. If the vulnerability is successfully exploited, the participant gets access to the key (flag), which must be sent to the jury using the form on the participant’s personal page. If the flag is correct, the corresponding points will be awarded for it.

All flags are in MD5 format. The winner of the competition is the participant who before the others will score 100 points (the maximum possible number). Participants who score more than 100 points will traditionally receive a separate prize :)

Online HackQuest will also be available for participation outside the standings within 14 days after the completion of the PHDays 2012 forum.

Detailed information about contests and prizes is published on the official website of Positive Hack Days 2012.

PS As part of our PHDays Everywhere initiative, dozens of hackers in Russia and abroad will open their doors to anyone who wants to plunge into the atmosphere of a hacker party and at the same time follow PHDays video conferencing.

PPS You can watch all the events of the forum through video broadcast. To view, you must register . Through Twitter, it will be possible to ask questions to speakers (for more details on the official forum website ) and participate in discussions with forum guests using our hashtag #PHDays.