| Author |
More details on pen-testing |
fido2509
Member
Posts: 3
Location: Rate mal ;)
Joined: 11.07.07
Rank: God |
|
Hi there,
I started the pen-testing challenge and gathered awesome 90 pts.
Now my idea would it be to enhance the details in "my profile" from "accumulated x pts" to "found: [removed by system]"
Or better insert a private pen-testing details page, where a user can review which exploits he/she found.
In this way people can easier talk about special parts, have a better overview on which topics are exhausted, which should make it easier to find a new direction for further pen testing and exploits found by accident get categorized, which makes it easier to review and overthink why and how they work, as well as the vocabulary extends.
As the idea of learning is the background for this challenges I'd think this would improve this challenge.
I'd also suggest to add such informations to all challenges, but the expenditure would be enorm, I assume.
Looking forward to your opinions.
The FIDO
Edited by SySTeM on 24-10-07 20:38 |
  
|
| Author |
RE: More details on pen-testing |
SySTeM
-=[TheOutlaw]=-
Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank: The Overlord |
|
People aren't meant to know what exploits are in there! That's the whole idea of it!!!
|
|
| Author |
RE: More details on pen-testing |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
Anyways, it looks as if you can tell what exploits people found by the point totals they have. IIRC, the point totals are VASTLY different for each exploit.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility |
|
|
| Author |
RE: More details on pen-testing |
SilverHacker
Member
Posts: 40
Location: Lebanon
Joined: 26.10.07
Rank: Apprentice |
|
|
Zephyr_Pure wrote:
Anyways, it looks as if you can tell what exploits people found by the point totals they have. IIRC, the point totals are VASTLY different for each exploit.
Haha, yeah it would be like:
+10!!! ON ONE PART
and then like
+2195782138956723189756 pts on another!! 
The Silver Hacker
|
|
|
| Author |
RE: =PPPP |
noober
Member
Posts: 177
Location:
Joined: 16.10.07
Rank: Apprentice |
|
|
10 points seems reasonable for throwing some random shit in a random place that one should have been 1 point =P |
|
|
| Author |
RE: More details on pen-testing |
dancuc
Member
Posts: 368
Location: /bin/bash
Joined: 31.08.06
Rank: Uber Elite |
|
yes it is more than enough for simply replacing *something*
but when you can get for one thing 135 pts. ...
oh i can't get past 40 pts.
Hello world ! Segmentation fault (core dumped)
My PHP-Fusion powered website in Czech :: http://dancuc.cz
|
|
|
| Author |
RE: More details on pen-testing |
Zephyr_Pure
Member
Posts: 2402
Location:
Joined: 15.09.06
Rank: God |
|
The point counts seem to be in the order of which you are most likely to find. If one is more obscure / unlikely than others on the list, then you'll get more points for it. Simple.
I still check PMs from time to time.
Our responses were moronic, why shouldn't he follow suit? - Futility
Edited by Zephyr_Pure on 03-11-07 18:26 |
|
|
| Author |
RE: one that note |
noober
Member
Posts: 177
Location:
Joined: 16.10.07
Rank: Apprentice |
|
|
...dont try to look for exploits in some sort of order..like dont just look for sql everywhere first...need some first b4 you get to others |
|
|
Main:
