Regards,
We should all respect the fact that Korea Digital Works is very brave for releasing their products to the public like this, and openly inviting all hackers, to find any possible exploits. One has to keep in mind that no matter how many preventions you take,
Looks like someone actually hacked their main server, and not the one that was the target. Anyone that signed up for the contest got an email something like the following: there will always
potentially be a way to hack the system. Anyway, the contest server was only simulation, not a real world environment, and you have to ask yourself "who will have a webserver running with this small amount of services activated". No body. The real world environment provided in this contest was not the simulation server at all, it was the overall contest in general.
This is why we decided to take the contest to the next level. We chose to skip the games and festivals, and go straight to the main server (where you registered for the contest). By taking this step, we achieve a real time environment with a system that has many services running, just like many other web servers. We also gain access to the server that contains all of the entries for the contest that is taking place, thus granting us the ability to manipulate those entries to our liking (keep in mind your prize money relies on your registration entry).
Theres more, but didn't want to pollute the list with to much off topic ASC. -Joe
participants (1)
-
Joe Blanchard