can any one help meQ

Intra College Competition to write innovative exploits.

Basics

* Any bonafide student (having valid "roll no" !) is eligible. 

* A single or a group of student(s) can register. 

* A contestant  can submit one or more exploit(s). 

* Registered contestant need to submit the source code (with proper documentations) of their exploits though the website. 

* Every exploit will be judged independently. Thus a contestant may win all the three prizes ! 

* Recent public domain exploits will also be considered. 

Guidelines

Development Environment

(a) Operating System

   Windows,Linux

(b) Language

   Ruby,Perl,c/c++,Java,Python

Target System

Windows - All variants of Windows :(XP ,2000,2003 Server,Vista)

Linux - Fedora (ver 4 onwards), Mandriva (ver 9 onwards), Debian, Ubuntu.

Documentation:

A clean, structured and lucid documentation giving out the following details is required.

(a) Name of the exploit (b) Description of the exploit (how does it work)? (also highlight its importance) (c) Description and analysis of the code flow (d) Link to the exploit if it is available in the public domain, otherwise, link to its corresponding vulnerability (e) An approach to patch the exploit (optional, if possible) (f) Exact host system requirements (g) Exact target system requirements (h) Exact compilation and execution procedure

Evaluation

The score obtained for a particular exploit will depend on its severity, understandability of the code and the quality of documentation. The final score obtained by a contestant will be evaluated based on individual exploits. The person with the maximum score will be the winner. In case of a tie, the winner will be the one who has submitted the answers first. Evaluation will start just after the event is closed. The results will be declared a week later.

The code should be well commented to enhance easy of understandability. The contestant may need to show a demo of the exploit in front of the judges if required.

NOTE: Exceptional talent(s), if found, will be rewarded with exciting opportunities!

i have 10 days of time for this.

I am a newbie. with my present knowledge i cant do that. can any one help me in this?

I may get nice opportunities if i do.

can any one help me?

or atleast guide me?

what do you want help with? team members? or someone to do it so you can steal their stuff?

no.

I absolutely have no idea what to do?

i have been googling.

still trying.

can any one guide me properly.

i will work hard. but i should win the prize.

so.. you ppl are already experienced with this kind of stuff.

so i just want good guidence or some pointers to good exploits which will impress my professors and fetch me prize

you want someone in 10 days to help you find and explain an exploit that will beat those of other college students who KNOW what they are doing? … seriously?

1stly, noone is going to "guide you to winning a contest" and 2ndly…. it will take WAY longer for that for you to come even close to understanding it

FUCK OFF, LEARN SOMETHING.

Fuck man, this thread made me feel angry.

IF YOU WANNA WIN THE PRIZE, DO IT FAIR. IF YOU CAN'T, WAIT TILL THE NEXT YEAR WHEN YOU LEARN SOMETHING.

Ripper….

hello everyone!!!

just hold on!!!

i have never asked you ppl to do the work for me?

i havent even asked you to give me the ready made code.

i just asked you ppl to guide me.

i am a junior and approaching a senior to just know the approach

to get the guidance.

and since i have very less time.

definitely if i can start with a good guidance. i can do it with in the time.

your replies are also making me angry.

what the fuck did i ask you ppl.

did i ask you to give me a code. or did i tell that i want to submit somebody's work.

i just wanted suggestions.

IF YOU WANNA WIN THE PRIZE, DO IT FAIR.

what the fuck!!!

whats the unfair thing i am doing? taking a suggestion? or getting guidance to learn?

you know nothing and you have 10 days :|

really, it isnt going to happen. have you ever wondered why not everyone on this site is ranked God?

this is because it TAKES TIME. you really need to get that. no way can you think about this competition. seriously, it isnt going to happen.

anyway, have you considered looking at some articles on this site? as much fun as google is, there is already a wealth of knowledge here. also, the little search button in the menu can help.

if you want a team, then why not get people you know (in real life) so you can maybe help each other to learn or something. that sounds to cheesy, but teaching is the best way of learning.

that's a really vague competition. are you just supposed to exploit the underlying OS or a particular application?

oh, and fuck off. =D

wtf ive never heard of an inter college exploit writing competition. if there was id win it for my college ^^

lesserlightsofheaven wrote: that's a really vague competition. are you just supposed to exploit the underlying OS or a particular application?

oh, and fuck off. =D

Agreed to both parts ;). To even have a chance of finding an exploit in 10 days, you'd have to pick an OS at random and attack the applications, not the OS itself. Still, not likely in the timeframe.

if he has 10 days most of the exploits are likely to be public, and probably most of them will be web based. but for someone who knows nothing about hacking… theres no chance.

So, this is either a scam to collect "exploits" (exploits on what, anyway?), or another stupid noob who's asking stupid questions.

You seem to stupid for option one, fuck off. If you are, however, more cunning then I thought and you are fishing for free exploits; fuck off and never come back.

dude, sorry to say this, but it sounds like you're asking one of us to give you the answer to this challenge, or at least tell you how to do it…this just doesn't fly in any hacking community. I seriously doubt anyone here will help you…

You should try doing some challenges on this site and read some articles. Try to learn something :)

hello everyone.

though i am a newbie. I want to be a hacker not a cracker. and i always follow(atleast try) the hacker attitude. I again repeat my intension was not to get some exploits for me. but considering the timeline. I thought that if i start with proper guidance i may end up with atleast some position.

and moreover in the competition. it was clearly told that

RECENT PUBLIC EXPLOITS ARE ALSO ALLOWED.

so this makes me feel confident about competition. that if managed to get atleast good public exploits. then my task is done.

and i again and again repeat. "I am not such kind of newbie who asks do this for me. "

in my question if i sound so. i am sorry. but I sware i never had such intensions.

i just wanted some basic suggestions/guidance to kick start.

Okay, here's your guidance:

Google is your friend. Include the word "exploit". Done.

HBH should have this in the forum rules: "Do not ask questions,cause if u do,no one will help u,EVERYBODY will flame u,and u will be wasting your time,so FUCK OFF!"

hahaha… this looks like a shit attempt as SE to me.

Anyway, in reply to claws….

Look mate, you need to learn some respect. Don't get me wrong, i'm not the head of the pecking order here… i have my equals, and i have my betters. there are peolple here who i respect beyond belief. and they know it.

But you can't just come here and start shit like that.

You should know that it's going to take more than 10 fucking days to find an exploit in an open source, long standing OS. The first exploit i found in software on this scale took me MONTHS. plural.

FFS…. i'm going to write an article on respect i think, in keeping with spy's (fucking excellent) trend.

i hope you've all learned somthing.

BIBER wrote: HBH should have this in the forum rules: "Do not ask questions,cause if u do,no one will help u,EVERYBODY will flame u,and u will be wasting your time,so FUCK OFF!"

dude, then how the fuck are you supposed to learn, then? think about what the hell you're saying there.

also, it looks like claws is just a newb, not a n00b, so why are you flaming him? it seems like anyone with a question at all get flamed, even if it's a good, legitimate one.

@ claws: just to let you know, if you're starting from absolute scratch and you're trying to expoit an os, then really, just really there is absolutely no chance of even getting close to it. why you're even in that position, i'm not even sure, but whatever. weird things can happen. but really, just go to milw0rm.com or something. once you actually start to learn about hacking for real, then don't use exploits other people coded unless you've read through the code and understand what's happening and the concept of the exploit itself (injection, buffer overrun, etc.). otherwise, you'll go down the path of the script kiddie, where you'll learn nothing and will eventually stop at a dead end and go no further than the average idiot.

now how's that for a helpful post you flaming jackasses? i like this one a lot better than your gay remarks.

kaksii wrote: FUCK OFF, LEARN SOMETHING.

Fuck man, this thread made me feel angry.

IF YOU WANNA WIN THE PRIZE, DO IT FAIR. IF YOU CAN'T, WAIT TILL THE NEXT YEAR WHEN YOU LEARN SOMETHING.

Ripper….

in fact, really the only helpful post there that didn't flame the newb was:

necr0six wrote: you know nothing and you have 10 days :|

really, it isnt going to happen. have you ever wondered why not everyone on this site is ranked God?

this is because it TAKES TIME. you really need to get that. no way can you think about this competition. seriously, it isnt going to happen.

anyway, have you considered looking at some articles on this site? as much fun as google is, there is already a wealth of knowledge here. also, the little search button in the menu can help.

if you want a team, then why not get people you know (in real life) so you can maybe help each other to learn or something. that sounds to cheesy, but teaching is the best way of learning.

also, where the fuck did all my points go?!?! i had to go back and do basic 1 and 2 again just so i could post!

Well, for the people who feel that people get flamed for no reason… sometimes, that is true but, in this case, there were actually people that responded properly to the question. All of the responses were the same: In 10 days, knowing nothing about exploits, you have no chance.

Also, I feel compelled to mention again my thoughts regarding WHY people get flamed for asking certain types of questions. The top two reasons are that either the question is too vague, or the poster is looking for a skiddie solution. In this case, the question was MUCH too vague: the poster asked for guidance on finding exploits and threw in a very broad list of technologies. If the poster had picked a single target, read up on what an exploit actually is, and asked how to locate exploitable conditions, then he would've gotten a more unanimously positive response.

It's all in how you ask the question… do enough research to show that you want to learn the subject and that you've tried to learn on your own and, when you get stuck, ask for help. Don't just run to the forums as your first step.

Zephyr_Pure wrote: Well, for the people who feel that people get flamed for no reason… sometimes, that is true but, in this case, there were actually people that responded properly to the question. All of the responses were the same: In 10 days, knowing nothing about exploits, you have no chance.

Also, I feel compelled to mention again my thoughts regarding WHY people get flamed for asking certain types of questions. The top two reasons are that either the question is too vague, or the poster is looking for a skiddie solution. In this case, the question was MUCH too vague: the poster asked for guidance on finding exploits and threw in a very broad list of technologies. If the poster had picked a single target, read up on what an exploit actually is, and asked how to locate exploitable conditions, then he would've gotten a more unanimously positive response.

It's all in how you ask the question… do enough research to show that you want to learn the subject and that you've tried to learn on your own and, when you get stuck, ask for help. Don't just run to the forums as your first step.

Also, the competition sounds very, very fake. If it wasn't fake, he was certainly going about it in an unfair manner.

Flames deserved.

sToRm_seveN wrote: [quote]BIBER wrote: HBH should have this in the forum rules: "Do not ask questions,cause if u do,no one will help u,EVERYBODY will flame u,and u will be wasting your time,so FUCK OFF!"

dude, then how the fuck are you supposed to learn, then? think about what the hell you're saying there.

I said that because of your stupid replies DUDE!

Sarcasm

BIBER wrote: [quote]sToRm_seveN wrote: [quote]BIBER wrote: HBH should have this in the forum rules: "Do not ask questions,cause if u do,no one will help u,EVERYBODY will flame u,and u will be wasting your time,so FUCK OFF!"

dude, then how the fuck are you supposed to learn, then? think about what the hell you're saying there.

I said that because of your stupid replies DUDE!

Sarcasm[/quote]

fyi it's kinda hard to pick up voice tone through text

sToRm_seveN wrote: fyi it's kinda hard to pick up voice tone through text

It's kinda hard to take what he said seriously, too. Anyways, hasn't the OP been sufficiently addressed by now?

Just learn. Learn a programming language like c/c++. Learn about how computers work, how programs work. All you have to do is learn. And as everyone else mentioned, google is your friend. I don't know if this thing is real or not, but if you are as clueless as you sound, then just forget about it dude and prepare for next year. Why would you want to win this competition anyway? Just focus on learning and in time, you could discover and write your own exploits. :D