Monday, April 29, 2013

Ethical Hacking Challenges

Each spring I take part in a ethical hacking LAN party called WisCon. You can get more information at Wiscon is a network intrusion party that happens once a year in Appleton, Wisconsin. This is a party for people who are interested in computer security. It's a fun time to get together with friends and learn something new about computer security. I have decided to open source the challenges and make some videos demoing how they work.

Capture the Flag

In this challenge there are four teams fighting to gain control of a remote server. The scoreboard will track who has current control and each team will gain points the longer they hold control.

Word Sniffing Challenge

In this challenge the program will spew tons of network traffic repeating different words. People will need to use a packet sniffer and try to find each word in the network trafic to build a sentence. 

Online Shopping Challenge

In this challenge the program will surf the web while randomly ordering items online. After identifying the traffic going to the merchant account you will then be able to locate the users confidential transaction information.

The HiJack Control Challenge

In this challenge you will need to take advantage of an installed application. Using a packet sniffer and a replay attack you will be able to force someones browser to navigate to a non-requested site.