AppSecEU2013/Ticket-Challenge





Countdown Challenges -- Win Free Tickets to AppSec EU Research 2013 in Hamburg!
The OWASP German Chapter will host the OWASP AppSec Europe Research 2013 global conference in Hamburg, Germany from August 20-23. The event will be composed of 2 days of training (August 20-21), followed by 2 days of conference talks (August 22-23). The conference is expected to draw 400-500 technologists from Research, Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology and many other verticals.

Visit the conference page AppSecEU2013 for details.

There will be a challenge posted on the conference wiki page every month up until the event in August. The winner of each challenge will get free entrance to the conference, worth about €400. Be sure to sign up for the conference mailing list to get a monthly reminder.




 * The 1'st challenge starts here:

https://www.hacking-lab.com/events/registerform.html?eventid=397&uk=78h2Cz5xvYrCde5oGAEc1GDcacfwuYtM

The challenge will be open until 29th of March 2013.

How to Win
Each challenge will be announced on the conference wiki page and the conference mailing list ( subscribe here ). Simply follow the link, login, and follow the instructions for the challenge. Provide your solution, which then will be marked. The challenge will be opened right after the announcement and will be closed 28 days later. The winner will be rewarded a free conference ticket 3 days later.

The organizing committee will review the provided solutions and accept or reject it. While the challange is open, rejected solutions can be enhanced and submitted again. If there are equal solutions at the end of the challange, the first submitted one wins.

The free ticket is personal and the judgement of the organizing committee can not be overruled.

How it Works
Each challenge will have its unique link and will be open for 28 days after announcement.

If you follow the link, the site will ask for login (see Login directly (Existing Hacking-Lab Account)), or to sign-up (see Sign-up a new Hacking-Lab Account) if you don't have a login. You may use your existing account, or sign-up for a new one.

To participate on the challenge, you need an account at Hacking-Lab. You just need an email address for that and you can use a nickname of your choice. Only the nickname will be public.

How to Start

 * Step0: Prepare your client with a preconfigured virtual host in VMware Player or VirtualBox.
 * Install the LiveCD image in your virtual host. It can be downloaded here:
 * https://www.hacking-lab.com/Remote_Sec_Lab/livecd.html


 * Download links for VMware Player and VirtualBox are:
 * * https://www.virtualbox.org/wiki/Downloads
 * * http://www.vmware.com/products/player/


 * Step1: Follow the link from your mail or posted at conference wiki.


 * Step2: Login


 * Step3: After login you'll see the list of Running Events
 * Switch to the challenge AppSec EU 2013 Ticket Challenge 1


 * Step4: To solve the task you need a VPN connection as shown in
 * https://www.hacking-lab.com/Remote_Sec_Lab/lab-infrastructure.html


 * Step5: Connect to hacking-lab.com after starting your Live-CD from within your virtual host as described in
 * https://www.hacking-lab.com/Remote_Sec_Lab/OpenVPN.html


 * Step6: To complete the task (event), send your description of the vulnerability including an exploit and a description for mitigations using the provided Send Solution button.


 * Good luck!!