i-Hack’08 International Hacking Competition “Details”

1. International Hacking Competition Student Computer Security Project Presentation 3. Computer Security Exhibition 4. Computer Security Seminar 5. Computer Security Awareness Talk 6. Hack And Defense Workshop 7. PC Modification Competition 8. Hacking Demonstration EVENTS

Hacking Competition Category 1st Category – Capture The Flag (CTF) The CTF game will be similar to the War game in pulltheplug.org website. Eg. “blacksun.labs.pulltheplug.org” Players log in to the web server (https) The web server has the instructions on how to obtain these flags. All players will get the same number of questions, but questions will be slightly difference.

Participation : Open to public and students Group : Must consists of 3 persons per group Fees : RM per group for students (attachment of student card is required) RM per group for non students Limitation : 2 groups only per organization / university

CTF Participants should be expected to be able to: Familiar with most common OS commands (windows and linux) Understand all basic hacking skills such as port scanning, information gathering, enumeration of user account, etc. Know how to find and use exploit when necessary. Familiar with web based attack such as SQL injection, PHP attacks, etc. Have the ability to reverse engineer binary and find vulnerabilities. Write buffer overflow exploit

2nd Category – Computer Forensic Challenges It will include both the basic and the code audit skills. The participants will be given source code to look for simple bug and write an exploit. given some log files from the server and participants need to analyze these logs in order to know what is happening to this server. then need to explain the scenario in written form. Winner will be judged based on how many attacks that they have analyzed on the log files. If there is a tie, the group with the highest level of attack difficulty analyzed, will be declared as the winner.

Participant : Open to public and students Group : Must consists of 3 persons per group Fees : RM per group for students (please attach student card) RM per group for non student Limitation : 2 groups only per organization / university

Forensic participants are expected to be able to: Apply most common OS commands (windows and Linux) Capture, read and understand most network packet/protocol Know where to find log files that are needed for forensic Apply common hacking techniques/exploits (as a guide to identify attackers trace) Use snort rules reverse engineer binary

Rules and Regulation 1.You need to attend the briefing session before the competition. 2. Flood Network, DOS, DDOS by any means are not allowed (a penalty will be imposed). 3. Social Engineering is not allowed (a penalty will be imposed). 4. No discussion with other group (the penalty will be charged). 5. The result from jury cannot be argued. 6. No attacking or exploiting of network infrastructure devices, such as switches, routers, etc (e.g. ARP cache poisoning, switch MAC table flooding and traffic rerouting are NOT allowed). 7. No attacking or exploiting other participant's systems. 8. No shutting down, disabling or patching of vulnerable systems. 9. No changing, spoofing of MAC address allowed. 10. No removal of flag. 11. No physical attacks, drugs and guns are allowed. 12. Participants must follow Rules and Regulations from number 1 until number 12.

~PRIZES~ 1 ST PLACE : RM certificate + hamper 2 nd PLACE : RM certificate + hamper 3 rd PLACE : RM certificate + hamper

Student Computer Security Project Presentation Students will be presenting about their computer security project. Students will join the exhibition from day 1 till day 3. Fees : None Participant : Open to all public or private education institutes students. (limited to first 30 groups only) Group : 2 or 3 persons per group Project : Any computer security related project. It is recommended you show some new idea / solution in solving computer security problem.

Exhibition Computer Security Exhibition is a platform and opportunity for student and computer security organization to promote their new solution and idea to public about computer security. From here, people will be updated with the new computer security product such as firewall, antivirus, and others. Exhibition time : 8.30 am pm for 3 continuous days.

Computer Security Seminar Computer Security Seminar will discuss issues that rapidly happening in computer security field. There will be 3 sessions: 1.Computer Security Seminar 1 2.Computer Security Seminar 2 3.Computer Security Seminar 3 Fee : FREE Admission Attendee : Student - unlimited Organization - 5 persons max

Hack and Defense Workshop a program with a purpose to teach student how to defense their machine from becoming an attacker’s victim. The workshop aims to give practical hands-on training related to computer defense Fees : RM Participant : Students only

PC Modification Competition This competition is about personal computer modification and adjustment both in the performance and security aspects. Participant : Students from public or private higher education institutions Number of participant : 1 person per PC Fees : RM Rules and Regulation : PCs are NOT provided.

PC Modification Competition Elements/ criteria that will be evaluated : 1. Performance 2. Stability 3. Reliability 4. Temperature 5. Security 6. Physical design

PRIZES!! 1 ST PLACE : RM certificate + hamper 2 nd PLACE : RM certificate + hamper 3 rd PLACE : RM certificate + hamper

website Online registration: End of June ~ End of July