#/blog

Results of Digital Challenge HEK 2013

This year we participated at the conference HEK 2013. We prepared interesting tasks from the field of computer science, information science, cryptography and stenography, programming, and also mathematics. This time there was 39 competitors, so it was difficult to win the competition, because of the fierce opponents. There were total of 29 tasks with total sum points of 6150. The best among the competitors reached 4450 points, and solved 24 tasks. There were also social engineering task, where the competitors had to obtain certain information from beautiful Doroteja, which was required in order to obtain the password for one of the tasks. The competition was open one day before the conference, but was generally held during the conference, the 11th and 12 April. The top three also received practical reward.

I would like to congratulate all of the competitors for solving any digital challenge.

The scores of the top ten users are presented in the table below:

Place Player Solved tasks Points
1 snake 24 4450
2 kernc 20 3900
3 grego87 20 3700
4 deny5 19 3150
5 administrator 18 2850
6 plesauc 16 2650
7 mojca 16 2650
8 marjetica 14 2200
9 tomaz 14 2200
10 matox 15 2200

Wi-Fi Protected Setup (WPS)

The WPS standard was developed in 2007 by the Wi-Fi Alliance (a trade association that promotes wireless LAN technology and certifies products if they conform to certain standards of interoperability) to allow home users who know little of wireless security to set up WPA2 as well as making it easy to add new devices to an existing network. In December 2011 researcher Stefan Viehböck reported a design and implementation flaw to the US-CERT. The flaw makes brute-force attacks against PIN-based WPS feasible to perform on WPS-enabled Wi-Fi networks. The vulnerability note is available on the US-CERT’s web site.

(more…)

Stratfor.si

End of December 2011 group Anonymous attacked Stratfor (Strategic Forecasting Inc.) web page. Results were around 200 GB of important data. Among other data there have been customer information and also CC numbers. This data breach disclosed also some of Slovenian users.

Looking from Slovenia this wouldn’t be anything special, but if we take closer look, follow some data that have been posted on Pastebin, then this looks little bit interesting. If we take a look at the list of Slovenian customers, we see that this list is quite interesting. We find people from government, ministry of defense, media houses, private companies, private unknown companies and even Catholic Church.
(more…)

Results of Digital Challenge Infosek 2011

This year we also participated at the conference Infosek 2011 for the first time. We prepared interesting tasks from the field of computer science, information science, cryptography and stenography, programming, and also mathematics. This time there were relatively few competitors – only 11, which does not mean that competition was not a success. There were total of 32 tasks with total sum points of 5100. The best among the competitors reached 3500 points, and solved 24 tasks. There were also social engineering tasks, where the competitors had to obtain certain information from beautiful Nives, to solve certain tasks. There was also a social engineering task, where the competitors had to penetrate the director of Viris company, Milan Gabor. The competition was held during the conference, the 24th and 25 November, and was prolonged over the weekend till 27th November. The top three also received practical reward.

I would like to congratulate all of the competitors for solving any digital challenge.

The final results of the competition are:

Place Player Solved Tasks Num point
1 punky 24 3500
2 Netis 24 3100
3 kernc 18 2800
4 razi 11 1100
5 arto 6 900
6 citrus 7 700
7 beta 6 600
8 cubeman 5 500
9 test1 5 500
10 m1 2 200
11 janbk 2 200

Ethical hacking

In the last decade the Internet spread like no-one anticipated. A lot of information was moved to the Internet. Almost everything is being digitalized: information is being stored in various databases, services are being performed over the Internet, we’re even paying bills from our computer, etc. But in all this craze, we can ask ourselves one question: what about security?

(more…)

Winning at the event of looking for business solutions

Company Frodx had organized in Kolosej on 25th October an event called Arena of business solutions. Entrepreneurs had competed in business ideas, services and solutions. Viris competed in a category of Public Administration and Large organizations among organizations like Avtenta, Inovo, Sonce.net, SmartIS and Medic Sistemi. With business idea »Want to hire a hacker?« we had won a great per cent of votes in a first round of voting for presenting business idea and usefulness of business idea. Then, public voted for three finalists. We had come among first three business ideas. Competitors had to once again answer on questions from the public and other specilaists. After final presentations and answers on questions, public had chosen the winner of this event and we are proud to tell, that our CEO, Milan Gabor, won the competition with best business idea.

Results of Digital Challenge OTS 2011

According to the success of the first Digital challenge from two months ago, we decided to continue and also enrich the conference OTS 2011. This time we also prepared interesting tasks from the field of computer science, informatics, cryptography, computer security and common knowledge that 47 participants were solving. There were testing their creativity on the pre-contest and also during the 2 day long conference OTS 2011. All together there were 25 tasks with varying difficulty that allowed to achieve 5900 points and also 120 extra points for better results of some tasks.

We congratulate all the participants that managed to solve any digital challenge with their creativity. Everyone who have not participated may read more about the competition it in one of the previous blog posts.
(more…)

Warsitting

WiFi access points are growing like mushrooms after the rain. Every day, there are more and most of them are protected with WEP, WPA or WPA2 security mechanisms, whereas some of them are open to the public (either on purpose or by accident).

Sometimes it would be interesting to know the exact location of certain access points. In general, we can achieve this by triangulation, but the process can be nontrivial and normally we need some sort of special equipment. However, there is an easier way to do this: enter Google Location Services. Not many people are aware of this service, even though it was integrated with Firefox quite some time ago. It enables us to send our geographical location (coordinates) to web sites we trust if they need it. Google Location Services calculates our location by considering signal strenghts to our nearby wireless networks. We can use this service to determine our geographical location, but we can also use it to locate wireless access points by sending a request to Google Location Services, which defines maximal signal strength to each access point.
(more…)

Results of Digital Challenge DSI 2011

Together with the end of DSI 2011 conference, the Digital challenge DSI 2011 also came to an end. Many people were considering various tasks of the challenge, however only 32 of the bravest actually participated in the event and used their computers in creative ways. Some of those were present at the conference as well, whereas others competed remotely over the Internet. The challenge lasted for 3 days and ran smoothly. However, we quickly noted that the first tasks were too easy, since some participants were getting close to maximum number of points very quickly. This lead us to adding new, more difficult ones and in the end, there were 26 different tasks available to choose from. Solving all 26 tasks would award a participant with maximum of 4500 points. The tasks were divided in 5 categories (general, cryptography and stenography, information gathering, penetration, social engineering). The easiest one was solved by 31 participants while the hardest was solved only by two cryptography ninjas.

We want to congratulate to all the participants which showed their creativity and solved at least some of the tasks. The four highest ranked hackers which passed the magic 3.000 points limit will receive practical awards – products of our partner Gemalto.
(more…)

Digital Challenge

Digitalni izzivDigital Challenge is a competition in the field of computer and information security. Currently, it is a side event at a conference. The purpose of the challenge is to provide an attractive infosec activity through various challenges which will encourage the visitors to be more creative in using of computers and information technologies. Also, we want the challenge to demonstrate various concepts of information security in a entertaining way.

The challenge consists of more and less difficult tasks, which can be solved in arbitrary order by using a specially designed web portal. Normally, the participants will not need any special tools – in most cases, a web browser will suffice; however in some cases special tools might be needed to access the competition servers in different ways. On the web portal and on the screens at the conference, it will be possible to observe the progress (number of solved tasks and the sum of points for each participant) of the hackers almost in real time. At the official ending ceremony, the most successful hackers will receive practical awards.

More at: http://izziv.viris.si/