Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hackers Get Their Own Scoreboard and Rankings

samzenpus posted about 3 years ago | from the and-the-winner-is dept.

Security 106

wiredmikey writes "Sometimes hacking is about money; other times, it's about competition, and when that happens, it is also about getting a little credit. Enter RankMyHack.com. The site is described as the world's 'first elite hacker ranking system,' and invites people to submit proof of their Website hacks in exchange for points — the higher the points, the higher the place on the leader board. In order to get ranked, hackers need to prove they have indeed hacked a site – by inserting a predetermined text into the hacked site page. Rankmyhack then scans for the text in the page and gives score based on how popular the website is, with lower points awarded for XSS attacks. Assuming the site is real – and early reports indicate that it is – hackers can now see where their hacks stack up against those of their peers. Will this morph into a playground for hacktivists to hone their skills?"

cancel ×

106 comments

Sorry! There are no comments related to the filter you selected.

This is ridiculous (2, Insightful)

Anonymous Coward | about 3 years ago | (#37119840)

No true hacker does it for points.

Re:This is ridiculous (1)

sakdoctor (1087155) | about 3 years ago | (#37119880)

You got first post! You should definitely submit that.

Re:This is ridiculous (1)

Zaiff Urgulbunger (591514) | about 3 years ago | (#37120072)

Following that train of thought.... if I signed up to that site, got my unique code and then posted it as a comment here, would I show as having hacked slashdot?

Re:This is ridiculous (1)

cjb658 (1235986) | about 3 years ago | (#37120380)

How many points will I get if I hack rankmyhack.com?

Re:This is ridiculous (1)

knappe duivel (914316) | about 3 years ago | (#37121326)

How many points will I get if I hack rankmyhack.com?

48

Re:This is ridiculous (0)

Anonymous Coward | about 3 years ago | (#37122174)

More importantly how long before the sites ISP is court ordered to turn over IP access records.

Re:This is ridiculous (3, Funny)

Guignol (159087) | about 3 years ago | (#37119990)

Yes it is, and I am counting the minutes until rankmyhack.com is hacked to begin with so as to show bogus (well not that bogus in the end) scores...

Re:This is ridiculous (1)

AngryDeuce (2205124) | about 3 years ago | (#37120026)

I suspect that this site is going to be of the "pissing in an ocean of piss" variety in about 3 days.

Re:This is ridiculous (1)

Canazza (1428553) | about 3 years ago | (#37120278)

I suspect someone will find an XSS attack vector within 2

Re:This is ridiculous (0)

Anonymous Coward | about 3 years ago | (#37120616)

No true hacker does it for points.

The hell you say [introversion.co.uk] :)

Once again, life imitates art.

Re:This is ridiculous (1)

blair1q (305137) | about 3 years ago | (#37121396)

Mod parent up. He's a l4m3r.

Re:This is ridiculous (1)

PRMan (959735) | about 3 years ago | (#37121522)

And the first rule of getting away with a hack is never discussing it with anyone. Not that I hack, but I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.

Re:This is ridiculous (1)

hedwards (940851) | about 3 years ago | (#37121816)

That was my thought, I'd be surprised if this particular site wasn't set up by law enforcement.

Re:This is ridiculous (4, Insightful)

Anonymous Coward | about 3 years ago | (#37121858)

I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.

No, you've had friends who claimed they were very good hackers.

Re:This is ridiculous (0)

Anonymous Coward | about 3 years ago | (#37125238)

I would think that the REALLY interesting sites wouldn't have a domain name or even an IP Address. Think private networks, non-standard protocols, or even transferring packets via removable media. I wonder if anyone has ever built an IP gateway, based on concealing packets on removable media? Latency would be extreme, but it might work.

Hmmm (0)

WrongSizeGlass (838941) | about 3 years ago | (#37119846)

I guess I'll be visiting them to see where *I* should be looking on our clients' websites for these newer, praise-worthy shenanigans.

Well, well, well... (4, Insightful)

fuzzyfuzzyfungus (1223518) | about 3 years ago | (#37119874)

I'm going to express my full confidence that this site couldn't possibly be a trap.

Re:Well, well, well... (2)

elsurexiste (1758620) | about 3 years ago | (#37120042)

My thoughts exactly :) . It would be insane to submit your hacks.

Re:Well, well, well... (1)

GameboyRMH (1153867) | about 3 years ago | (#37120170)

What if I post from behind 7 proxies?

Re:Well, well, well... (0)

Anonymous Coward | about 3 years ago | (#37120222)

proxies are a trap 2.

Squidink (1)

GodInHell (258915) | about 3 years ago | (#37121024)

It's a trap.

Run.

Re:Well, well, well... (1)

phantomfive (622387) | about 3 years ago | (#37120316)

At the same time, if you can't post something on the internet without being traced, maybe you shouldn't be hacking websites to begin with.

Relatedly: I hereby announce that I am the greatest hacker in the world, and announce hereby IN FULL PUBLIC, that I shall HACK THE FRONT PAGE of Slashdot, and it shall never be traced back to me. You will know it was me, because I will post a story titled, "Customer Email Address Leaks," or "Graphene in Space Offers Clues to Life on Earth." I shall continue the hack indefinitely, posting stories randomly selected from this page. [slashdot.org] You have been warned. We are numerous blah blah blah

Re:Well, well, well... (1)

phantomfive (622387) | about 3 years ago | (#37120328)

That is, though I am the greatest hacker in the world, I cannot form HTML correctly. I meant, I shall post stories randomly selected from this page [goo.gl] .

Re:Well, well, well... (0)

Anonymous Coward | about 3 years ago | (#37123522)

Great hackers don't make stupid mistakes like that.

Re:Well, well, well... (0)

Anonymous Coward | about 3 years ago | (#37126406)

At the same time, if you can't post something on the internet without being traced, maybe you shouldn't be hacking websites to begin with.

Fail. The problem is not that you can be traced, the problem is that by including a little digital signature on each site you hack, you have effectively tied each hack to the account on RankMyHack. If the RankMyHack site it a trap set up by the cops then they can just dedicate as many resources as possible at tracking down the top 100 and you have effectively built their case for them by signing each site.

It would be stupid on the level of tagging your name in spray paint on the wall of every house you robbed, if/when the law catches up, they can connect you to every place you ever robbed. If you weren't that stupid then they may only be able to effectively connect you to a few big heists and that's it.

Re:Well, well, well... (0)

Anonymous Coward | about 3 years ago | (#37120832)

Queue Admiral Ackbar!

Re:Well, well, well... (1)

blair1q (305137) | about 3 years ago | (#37121404)

And there's no fighting in the war room.

Sounds like a hacker honeypot (0)

flagg9483 (940242) | about 3 years ago | (#37119890)

And if it isn't then it should be.

Re:Sounds like a hacker honeypot (2)

blair1q (305137) | about 3 years ago | (#37121432)

One court order later, it will be.

Whois rankmyhack.com (1)

Anonymous Coward | about 3 years ago | (#37119912)

Current Registrar: FBI (Friendly-to Blackhat Institute)

I love this! (3, Funny)

MyLongNickName (822545) | about 3 years ago | (#37119922)

In fact, I posted my first hack there fifteen minutes ago. Wait... why's my doorbell ringing? No one ever visits...

I'll give it a week (1)

uigrad_2000 (398500) | about 3 years ago | (#37119950)

I'll bet that the site remains unhacked for no longer than a week.

Re:I'll give it a week (1)

cervesaebraciator (2352888) | about 3 years ago | (#37119976)

... and is then promptly restored so the perpetrator can get points for taking it down.

Re:I'll give it a week (1)

Psylok (1526433) | about 3 years ago | (#37120326)

"rankmyhack.com is worth 48 Ranking Points.
XSS attacks against rankmyhack.com are worth 0 points. "

not really worth it. (if not for the fun of it)

Re:I'll give it a week (1)

hedwards (940851) | about 3 years ago | (#37121838)

XSS attacks yield more lulz though.

Re:I'll give it a week (0)

Anonymous Coward | about 3 years ago | (#37120182)

That would be worth 48 points, according to the site.

Re:I'll give it a week (2)

Amouth (879122) | about 3 years ago | (#37120446)

it's funny they give them selves a very very low point value compared to other sites.. they must not think much of them selves.

honeypot (0)

shentino (1139071) | about 3 years ago | (#37119958)

ITSATRAP

Re:honeypot (1)

Anonymous Coward | about 3 years ago | (#37120090)

# dig rankmyhack.com ns

;; ANSWER SECTION:
rankmyhack.com. 264 IN NS ns1.fbi.gov.
rankmyhack.com. 264 IN NS ns3.fbi.gov.
rankmyhack.com. 264 IN NS ns2.fbi.gov.

Re:honeypot (2)

shentino (1139071) | about 3 years ago | (#37120442)

shentino@localhost 1 ~ $ dig rankmyhack.com ns

; > DiG 9.7.3 > rankmyhack.com ns ;; global options: +cmd ;; Got answer: ;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 43444 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;rankmyhack.com. IN NS ;; ANSWER SECTION:
rankmyhack.com. 83829 IN NS ns24.underhost.com.
rankmyhack.com. 83829 IN NS ns23.underhost.com. ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Aug 17 09:43:28 2011 ;; MSG SIZE rcvd: 80

And I run BIND on my computer.

Either we have access to different name servers or you're a fakeposting bullshitter.

Re:honeypot (1)

kernelphr34k (1179539) | about 3 years ago | (#37120676)

What a silly site! I lol'ed. You sir are correct! dude = bullshitter

Anyone can get it, but here:

Domain Name: rankmyhack.com
Registered at http://www.dynadot.com/ [dynadot.com]

Registrant:
UnderHost Networks Ltd
UnderHost Networks Ltd
1744 Laverendrye Road
Trois-Rivieres, Quebec G8Z 2E2
Canada

Administrative Contact:
UnderHost Networks Ltd
UnderHost Networks Ltd
1744 Laverendrye Road
Trois-Rivieres, Quebec G8Z 2E2
Canada
privacy@underhost.ca
+1 8004657440

Technical Contact:
UnderHost Networks Ltd
UnderHost Networks Ltd
1744 Laverendrye Road
Trois-Rivieres, Quebec G8Z 2E2
Canada
privacy@underhost.ca
+1 8004657440

Record expires on 2012/07/18 UTC
Record created on 2011/07/18 UTC

Domain servers in listed order:
ns23.underhost.com
ns24.underhost.com

Re:honeypot (0)

Anonymous Coward | about 3 years ago | (#37120746)

I guess DNS isn't something to joke about.

Re:honeypot (1)

shentino (1139071) | about 3 years ago | (#37121772)

Maybe, maybe not.

Setting up a scoreboard to attract hackers with big egos would be rather convenient if it was a trap. Maybe humor wasn't actually part of the question.

Re:honeypot (1)

Inda (580031) | about 3 years ago | (#37121594)

A fakeposting bullshitter?!!??!!?

On Slashdot?!?!?!?

Posting as AC?!?!?

On the internet?!?!?!?

Shut up!

Re:honeypot (0)

Anonymous Coward | about 3 years ago | (#37125934)

Here on Earth we usually call that a "joke". You should try it sometime. I recommend fart jokes since you wouldn't understand more complicated jokes.

Anyone else read this as "Hookers get their ..." ? (1)

ccandreva (409807) | about 3 years ago | (#37119962)

I was kinda disappointed when I saw the article.

Re:Anyone else read this as "Hookers get their ... (0)

Anonymous Coward | about 3 years ago | (#37120018)

A hooker ranking site would actually be a pretty useful public service for those into that kind of thing. I think there is already a popular escort ranking site.

Re:Anyone else read this as "Hookers get their ... (0)

Anonymous Coward | about 3 years ago | (#37120060)

So why do we need another website to do the same thing?

Re:Anyone else read this as "Hookers get their ... (0)

Anonymous Coward | about 3 years ago | (#37121538)

Hookers already have their own ranking site.

It's in my pants.

Re:Anyone else read this as "Hookers get their ... (0)

Anonymous Coward | about 3 years ago | (#37125184)

Pro-tip: Most cities in Canada and Europe have such sites (and I'd assume the USA too), dig around.

Good (1)

i_ate_god (899684) | about 3 years ago | (#37119978)

I'd rather it be for karma then for lulz

YUBO FAIL IT! (-1)

Anonymous Coward | about 3 years ago | (#37120004)

NetBsD user marketing surveys

OH you mean.... (1)

Lumpy (12016) | about 3 years ago | (#37120016)

My DCI ranking is pretty high... Oh wait... Hacker not nerd....

Nevermind...

Re:OH you mean.... (1)

sakdoctor (1087155) | about 3 years ago | (#37120070)

Rank my epenis

Re:OH you mean.... (1)

webmistressrachel (903577) | about 3 years ago | (#37120464)

Oh :-( Nobody can rank my epenis, because I'll never have one.

I once posted to a discussion here in which people were bragging about their gaming laptop specs, complete with link to a HP product page, and they referred to it as e-penis envy.

So even though I never thought about cocks, I was still a "lamer" cos my machine outspecced the boys' machines and I'm a woman, therefore don't qualify. :-(

I bet if I was a boy, I'd probably have a bigger one than half of you, or just a little less... </obviousgendertroll>

Re:OH you mean.... (0)

Anonymous Coward | about 3 years ago | (#37121440)

So even though I never thought about cocks, I was still a "lamer" cos my machine outspecced the boys' machines and I'm a woman, therefore don't qualify. :-(

No, it was because you were a whiny bitch about it.

Re:OH you mean.... (1)

webmistressrachel (903577) | about 3 years ago | (#37121572)

Lol... 1st bite...

On a serious note, how is posting my specs in reply to other similar posts being a whiny bitch about it?

Hope it keeps the twerps occupied (0)

Anonymous Coward | about 3 years ago | (#37120040)

and out of here

Oh that Mudkip (0)

Anonymous Coward | about 3 years ago | (#37120086)

I knew he was the best

Re:Oh that Mudkip (1)

webmistressrachel (903577) | about 3 years ago | (#37120474)

Mudkip is a Pokemon! It's a Mud-type pokemon, with Water and Ground-like attributes.

Internets, assemble! (0)

Anonymous Coward | about 3 years ago | (#37120098)

High school kids will get "pwned."

In the meantime, who's checked out who owns the site?

Ackbar says (0)

Pond823 (643768) | about 3 years ago | (#37120108)

"It's a trap"

Classic Hacks? (0)

Anonymous Coward | about 3 years ago | (#37120132)

Until I see Mitnik, Captain Crunch, and DeathVegetable on the scoreboard, my enthusiasm will be tepid at best....

Lemme guess... (2)

AngryDeuce (2205124) | about 3 years ago | (#37120138)

Aaron Barr's new site?

An image is worth a thousand word (1)

Zen-Mind (699854) | about 3 years ago | (#37120224)

If that site doesn't ring an alarm, them perhaps you should teach your children right-way to stay away from vans like this one [photobucket.com] as common-sense doesn't seem to be in your genes.

Fake (0)

Anonymous Coward | about 3 years ago | (#37120368)

I have big doubts that some of the sites on the top of the list were hacked. Someone hacked google.com? Yeah, right.

Re:Fake (0)

Anonymous Coward | about 3 years ago | (#37123884)

Yeah that is what I thought... Either that or couple people just found the way to deceive the verification of the hack.

how much to hack rankmyhack.com? (1)

XaXXon (202882) | about 3 years ago | (#37120384)

48 points.

Surprised it doesn't have some smart-ass message when you type that in at the bottom to get how much it's worth.

Re:how much to hack rankmyhack.com? (1)

Sir Realist (1391555) | about 3 years ago | (#37120462)

And the text you have to insert? "This site sponsored by the FBI." So apparently they're constrained by truth in advertising laws.

How many points to... (2)

Randwulf (997659) | about 3 years ago | (#37120394)

How many points to hack rankmyhack.com? :-)

Re:How many points to... (0)

Anonymous Coward | about 3 years ago | (#37120522)

48

Re:How many points to... (0)

Anonymous Coward | about 3 years ago | (#37120592)

Depends on whether you hit the reset button on everyone on the board.

Then give yourself 9000+!

Re:How many points to... (1)

houghi (78078) | about 3 years ago | (#37120644)

42. The real hack would be to know what base was used to calculate that.

Re:How many points to... (1)

archer, the (887288) | about 3 years ago | (#37120724)

13. Also an amusing character on House.

Re:How many points to... (0)

Anonymous Coward | about 3 years ago | (#37121162)

As many as you feel like awarding yourself, obviously.
Might be me, but looking at the #1 track record [rankmyhack.com] , apparently it only takes about 3 minutes between hacking sites that are worth over 1 million points...

Re:How many points to... (0)

Anonymous Coward | about 3 years ago | (#37121946)

StackOverflowError

We forgot to mention... (0)

Anonymous Coward | about 3 years ago | (#37120420)

We forgot to mention, the site is run by the government.....

Re:We forgot to mention... (0)

Anonymous Coward | about 3 years ago | (#37120752)

We also forgot to mention which government.

We forgot to mention (0)

Anonymous Coward | about 3 years ago | (#37120504)

We forgot to mention.... the site is run by the govt. Please submit your code to gain bonus points and your name for combo points.

Deleted internet (0)

Anonymous Coward | about 3 years ago | (#37120546)

sudo rm -rf http://*

/. not worth a lot :( (1)

dufachi (973647) | about 3 years ago | (#37120628)

slashdot.org is worth 110132 Ranking Points. XSS attacks against slashdot.org are worth 1101 points.

Wow, real stupidity (1)

hesaigo999ca (786966) | about 3 years ago | (#37120850)

So technically, you are placing all the information of who hacked what and which site, so that someone can not only get a signed confession,
but also can let that webmaster know he has been hacked. Come on...I hope no real hax0r falls for this....
FBI head my warning, anonymous i r me, will reveal you to the world......

Won't it be constant question of.. (1)

landofcleve (1959610) | about 3 years ago | (#37120974)

Whether the number one ranked entity earned for hacking another website or this one?

honeynet (0)

Anonymous Coward | about 3 years ago | (#37121196)

time to go play with Christopher Robin in the hundred acre woods..

so... (0)

Anonymous Coward | about 3 years ago | (#37121462)

1. hack cia.gov
2. post about it on the forums
3. go to prison

sounds like a plan...

Self Incriminateing (0)

Anonymous Coward | about 3 years ago | (#37121530)

The best part is that the cops only have to raid one service and bam all hackers are nabbed.

One stop shopping (2)

DarthVain (724186) | about 3 years ago | (#37121656)

for all your hacking prosecution needs...

if ever there was a website for the FBI etc... to hack and infiltrate that would be it.

Problem is, you are only going to get the hackers stupid enough to post there, which are likely too stupid too do anything too bad.

Maybe rename it scriptkiddies.com, of course then the FBI would really be all over you...

Re:One stop shopping (1)

gl4ss (559668) | about 3 years ago | (#37123232)

just name it rootshell.

oh the times when you could play warbirds with a generated cc and all you needed for root was to do an altavista search on the boxes version strings and instead of torrent you had just lists of ftp sites of public organizations with bad configs.

Achievements (0)

Anonymous Coward | about 3 years ago | (#37121748)

They need achievements like on Xbox Live.
“Achievement Unlocked: You Hacked the PSN!”

NSA.gov is Only Worth 2,497 Points?!?! (1)

InitZero (14837) | about 3 years ago | (#37121934)

Points are awarded based on the wrong algorithm. For example, NSA.gov is only worth 2,497 points but HomeDepot.com is worth 219,941? The Department of Homeland Security (dhs.gov) is worth 17,068 while facebook.com is 75,000,000? Really? Until the rankings better reflect the underlying difficulty and associated risk, I refuse to participate in this sham. Cheers, Matt

Re:NSA.gov is Only Worth 2,497 Points?!?! (1)

Georules (655379) | about 3 years ago | (#37122794)

What exactly do you think would be interesting on the public webservers of the NSA or DHS government websites? I'd be willing to bet, not much. A few HTML files, some images. Pretty much everything you could get without hacking it.

This seems like a Gov fishing ploy! (1)

Paracelcus (151056) | about 3 years ago | (#37122282)

Think about it!
Get the immature, young, reckless wannabes to turn themselves in so that Eric Holder can trumpet his triumph over the EEEVILE hakorzz!

Re:This seems like a Gov fishing ploy! (1)

DangerOnTheRanger (2373156) | about 3 years ago | (#37122466)

Think about it!

That's asking too much of most people.

how about points are based on... (1)

PJ6 (1151747) | about 3 years ago | (#37122636)

how many you give yourself after hacking the site itself?

Hack Rank My Hack (1)

Tim12s (209786) | about 3 years ago | (#37123874)

Well it will be a very short time until someone hacks that site to come out with billions of points.

Honeypot?

Points (0)

Anonymous Coward | about 3 years ago | (#37124208)

Facebook is the most rewarding one i've found so far, 75M points.

This isn't the 'first elite hacker ranking system' (2)

Neurotrace (2382180) | about 3 years ago | (#37124562)

because first off, you wouldn't call it "elite." Also, ever heard of Hack This Site? [hackthissite.org]

escaped subject (0)

Anonymous Coward | about 3 years ago | (#37125140)

When you make an advertising enquiry, you get a webmail type interface with the subject including an escaped single quote thus:
\'Advertising

Funny!

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>