[plug] Microsoft ask users to crack win2000 site (fwd)

John Menzies ccm01 at tpg.com.au
Sat Aug 7 01:22:05 WST 1999 

Yeah but you probably have to register first with full family details-
telephone number etc!



At 06:17 PM 05/08/1999 , you wrote:
>
>Thought this was interesting... Not that it's an original idea or anything
>
> - Matt
>
>The day Microsoft makes something that doesn't suck,
>is probably the day they start making vacuum cleaners.
>
>---------- Forwarded message ----------
>Date: Tue, 3 Aug 1999 19:05:33 +0200
>From: Peter Lowe <pgl at TI.CZ>
>To: BUGTRAQ at SECURITYFOCUS.COM
>Subject: Microsoft ask users to crack win2000 site
>
>[ executive summary: Microsoft are asking you to crack their
>  machine running on win2k and iis. ]
>
>I haven't seen anything about this on bugtraq before, and I'm not
>entirely sure if it's appropriate, but this is from
>http://www.windows2000test.com/ground_rules.htm:
>
>
>                    Microsoft Internet Explorer
>   Microsoft Windows 2000 Server with Internet Information Server.
>
>Ground Rules
>
>   1. Make it Interesting
>
>   Good safe computing practices on the Internet involve placing
>   critical systems behind firewall-type devices. For this
>   testing, we are intentionally not putting these machines behind
>   a firewall. This mean that you could slow these machines down
>   by tossing millions of random packets at them if you have
>   enough bandwidth on your end. If that happens, we will simply
>   start filtering traffic. Instead, find the interesting "magic
>   bullet" that will bring the machine down.
>
>   2. Compromise an account
>
>   Windows 2000 computers can have multiple user accounts and
>   groups. See if you can find a way to logon with one of these
>   accounts.
>
>   3. Change something you shouldn't have access to
>
>   See if you can change any files or content on the server. If
>   you manage, no foul or rude statements please.
>
>   4. Get something you shouldn't have
>
>   There are hidden messages sprinkled around the computer. See if
>   you can find them.
>
>   5. Our goal is to configure the system to thwart your attempts
>
>   The goal is to see how a properly secured machine will stand up
>   to attack. These machines are configured to prevent known
>   attacks.
>
>   6. This is a test site
>
>   You are welcome to attempt to compromise this site, and this
>   site only. This is your chance to do a practical test of
>   Microsoft Windows 2000's security.
>
>   7. Tell us about your exploits
>
>   If you find something, send us some email at
>   w2000its at microsoft.com.
>   © 1999 Microsoft Corporation. All rights reserved. Terms of
>   Use.
>
>
>
>--
>Peter Lowe -- System Administrator, Telenor Internet
>http://www.ti.cz/ -- pgl at ti.cz
>
>Everything I know in life I learnt from .sigs.

More information about the plug mailing list