OWN THE BOX@DC16: PWNING FOR DOLLARS.
Own The Box, now in year 0x01, continues its hallowed tradition of
creating temporary autonomous zones of random people asking to be
haxored. We're a defender contest, of sorts, which means the following:
* Contestants bring an IP-enabled device, running some services
* We invite all DefCon attendees to attack these services
* ????
* PROFIT
# NEW YEAR, NEW RULES
This year, we made some changes to the format: Instead of asking
defenders to offer up their hardware to successful attackers, we're
glomming on to the Vegas spirit and making this a contest of cold, hard
cash.
Defenders pay a nominal entry fee, matched by contest organizers, the
Cosa Nostra, and Dan Kaminsky's grandma. The winning entry, based on
services uptime and our patented PwnOMeter(tm), gets the cash, as a tab
at the Splash bar, on Sunday afternoon.
We're also partnered up with the good folks of OCTF, so entries will be
targets in their event, and given varying point levels in OCTF
throughout con, guaranteeing a dedicated pool of attackers to bring the
love.
# OFFICIAL CALL FOR BOXEN:
If you've followed the DC forums, you know the drill. Services this year
will need to do $SOMETHING, specifically our scorebot will be sending
you a Base64 token, every five minutes, to check your service is
functioning. We can get the token to you just about any way you like,
though HTTP(s), SMTP, (s)FTP, TFTP, etc, just give us fair warning what
you have in mind.
You'll also receive tokens to install locally for each service, and one
readable by root / admin / sysopr / etc.
Beyond that, show up, buy us beer, and come have fun. Mail ownthebox
[at] cipherpunx [dot] org with questions, comments, ridicule, derision,
and pics of your Mom.
|