Pages:
Author

Topic: [CLOSED] ZIGGAP crowd sourced security auditing. 80.5 BTC in potential winnings! - page 2. (Read 2472 times)

member
Activity: 87
Merit: 10
found one. reported to you.

fcmatt found the 0.5 bitcoin string located in the terms of service.

I wasn't sure if anyone was actually going to read it.

Bitcoin address please?
legendary
Activity: 2072
Merit: 1001
found one. reported to you.
member
Activity: 87
Merit: 10
This is now closed.

We had about a dozen different vulnerability scanners ran against the site, 5 Google apps password resets, someone using a proxy which lets them change things en-route, attempted CSRF attackes, SQL injection attacks, and more.

There were no breaches of security.





First flag claimed! fcmatt located the BTC0.5 flag located in the ToS




ZIGGAP LLC has entered into it's crowd-sourced security auditing phase. Up for grabs are BTC80.5  in possible winnings.

Hidden in multiple sensitive locations of ZIGGAP.com's website and servers are several strings or "flags". All of these strings start with secret_ . Each string is worth BTC10 . Except for one of them. It's significantly smaller. If you find it you'll know why.

If you locate any one of these strings just send us an email to [email protected] with the exact steps you took to compromise the server or site and the exact string which you located. The first person to send us a string gets the winnings for it.

D/DOS attacks will NOT qualify you for winnings. These are not security breaches.

This contest starts now and ends in 48 hours.

Please note: Any orders you create will not be charged in reality. Any orders created now are for testing reasons only.


Good luck.



-ZIGGAP
Pages:
Jump to: