Tweet
[ As posted to Full-Disclosure and ISN like two weeks ago, sorry I didn't add it here yet. ]
[Where? When? Neil added it to the schedule. As below, we share space with OCTF this year (thanks DC949!) and run all day Saturday. Meet up in the contest area around 10 when they open the doors, or grab me sometime Friday. I'll be wearing a priest collar that day and should be easy to spot.]
OWN THE BOX@DC16: PWNING FOR DOLLARS.
Own The Box, now in year 0x01, continues its hallowed tradition of creating temporary autonomous zones of random people asking to be haxored. We're a defender contest, of sorts, which means the following:
# NEW YEAR, NEW RULES
This year, we made some changes to the format: Instead of asking defenders to offer up their hardware to successful attackers, we're glomming on to the Vegas spirit and making this a contest of cold, hard cash.
Defenders pay a nominal entry fee, matched by contest organizers, the Cosa Nostra, and Dan Kaminsky's grandma. The winning entry, based on services uptime and our patented PwnOMeter(tm), gets the cash, as a tab at the Splash bar, on Sunday afternoon.
We're also partnered up with the good folks of OCTF, so entries will be targets in their event, and given varying point levels in OCTF throughout con, guaranteeing a dedicated pool of attackers to bring the love.
# OFFICIAL CALL FOR BOXEN:
If you've followed the DC forums, you know the drill. Services this year will need to do $SOMETHING, specifically our scorebot will be sending you a Base64 token, every five minutes, to check your service is functioning. We can get the token to you just about any way you like, though HTTP(s), SMTP, (s)FTP, TFTP, etc, just give us fair warning what you have in mind.
You'll also receive tokens to install locally for each service, and one readable by root / admin / sysopr / etc.
Beyond that, show up, buy us beer, and come have fun. Mail ownthebox [at] cipherpunx [dot] org with questions, comments, ridicule, derision, and pics of your Mom.
[Where? When? Neil added it to the schedule. As below, we share space with OCTF this year (thanks DC949!) and run all day Saturday. Meet up in the contest area around 10 when they open the doors, or grab me sometime Friday. I'll be wearing a priest collar that day and should be easy to spot.]
OWN THE BOX@DC16: PWNING FOR DOLLARS.
Own The Box, now in year 0x01, continues its hallowed tradition of creating temporary autonomous zones of random people asking to be haxored. We're a defender contest, of sorts, which means the following:
- Contestants bring an IP-enabled device, running some services
- We invite all DefCon attendees to attack these services
- ????
- PROFIT
# NEW YEAR, NEW RULES
This year, we made some changes to the format: Instead of asking defenders to offer up their hardware to successful attackers, we're glomming on to the Vegas spirit and making this a contest of cold, hard cash.
Defenders pay a nominal entry fee, matched by contest organizers, the Cosa Nostra, and Dan Kaminsky's grandma. The winning entry, based on services uptime and our patented PwnOMeter(tm), gets the cash, as a tab at the Splash bar, on Sunday afternoon.
We're also partnered up with the good folks of OCTF, so entries will be targets in their event, and given varying point levels in OCTF throughout con, guaranteeing a dedicated pool of attackers to bring the love.
# OFFICIAL CALL FOR BOXEN:
If you've followed the DC forums, you know the drill. Services this year will need to do $SOMETHING, specifically our scorebot will be sending you a Base64 token, every five minutes, to check your service is functioning. We can get the token to you just about any way you like, though HTTP(s), SMTP, (s)FTP, TFTP, etc, just give us fair warning what you have in mind.
You'll also receive tokens to install locally for each service, and one readable by root / admin / sysopr / etc.
Beyond that, show up, buy us beer, and come have fun. Mail ownthebox [at] cipherpunx [dot] org with questions, comments, ridicule, derision, and pics of your Mom.
Comment