Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hackers Get Their Own Scoreboard and Rankings

samzenpus posted more than 2 years ago | from the and-the-winner-is dept.

Security 106

wiredmikey writes "Sometimes hacking is about money; other times, it's about competition, and when that happens, it is also about getting a little credit. Enter RankMyHack.com. The site is described as the world's 'first elite hacker ranking system,' and invites people to submit proof of their Website hacks in exchange for points — the higher the points, the higher the place on the leader board. In order to get ranked, hackers need to prove they have indeed hacked a site – by inserting a predetermined text into the hacked site page. Rankmyhack then scans for the text in the page and gives score based on how popular the website is, with lower points awarded for XSS attacks. Assuming the site is real – and early reports indicate that it is – hackers can now see where their hacks stack up against those of their peers. Will this morph into a playground for hacktivists to hone their skills?"

cancel ×

106 comments

This is ridiculous (2, Insightful)

Anonymous Coward | more than 2 years ago | (#37119840)

No true hacker does it for points.

Re:This is ridiculous (1)

sakdoctor (1087155) | more than 2 years ago | (#37119880)

You got first post! You should definitely submit that.

Re:This is ridiculous (1)

Zaiff Urgulbunger (591514) | more than 2 years ago | (#37120072)

Following that train of thought.... if I signed up to that site, got my unique code and then posted it as a comment here, would I show as having hacked slashdot?

Re:This is ridiculous (1)

cjb658 (1235986) | more than 2 years ago | (#37120380)

How many points will I get if I hack rankmyhack.com?

Re:This is ridiculous (1)

knappe duivel (914316) | more than 2 years ago | (#37121326)

How many points will I get if I hack rankmyhack.com?

48

Re:This is ridiculous (0)

Anonymous Coward | more than 2 years ago | (#37122174)

More importantly how long before the sites ISP is court ordered to turn over IP access records.

Re:This is ridiculous (3, Funny)

Guignol (159087) | more than 2 years ago | (#37119990)

Yes it is, and I am counting the minutes until rankmyhack.com is hacked to begin with so as to show bogus (well not that bogus in the end) scores...

Re:This is ridiculous (1)

AngryDeuce (2205124) | more than 2 years ago | (#37120026)

I suspect that this site is going to be of the "pissing in an ocean of piss" variety in about 3 days.

Re:This is ridiculous (1)

Canazza (1428553) | more than 2 years ago | (#37120278)

I suspect someone will find an XSS attack vector within 2

Re:This is ridiculous (0)

Anonymous Coward | more than 2 years ago | (#37120616)

No true hacker does it for points.

The hell you say [introversion.co.uk] :)

Once again, life imitates art.

Re:This is ridiculous (1)

blair1q (305137) | more than 2 years ago | (#37121396)

Mod parent up. He's a l4m3r.

Re:This is ridiculous (1)

PRMan (959735) | more than 2 years ago | (#37121522)

And the first rule of getting away with a hack is never discussing it with anyone. Not that I hack, but I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.

Re:This is ridiculous (1)

hedwards (940851) | more than 2 years ago | (#37121816)

That was my thought, I'd be surprised if this particular site wasn't set up by law enforcement.

Re:This is ridiculous (4, Insightful)

Anonymous Coward | more than 2 years ago | (#37121858)

I've had friends who were very good hackers that wouldn't tell me ANYTHING they had done.

No, you've had friends who claimed they were very good hackers.

Re:This is ridiculous (0)

Anonymous Coward | more than 2 years ago | (#37125238)

I would think that the REALLY interesting sites wouldn't have a domain name or even an IP Address. Think private networks, non-standard protocols, or even transferring packets via removable media. I wonder if anyone has ever built an IP gateway, based on concealing packets on removable media? Latency would be extreme, but it might work.

Hmmm (0)

WrongSizeGlass (838941) | more than 2 years ago | (#37119846)

I guess I'll be visiting them to see where *I* should be looking on our clients' websites for these newer, praise-worthy shenanigans.

Well, well, well... (4, Insightful)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#37119874)

I'm going to express my full confidence that this site couldn't possibly be a trap.

Re:Well, well, well... (2)

elsurexiste (1758620) | more than 2 years ago | (#37120042)

My thoughts exactly :) . It would be insane to submit your hacks.

Re:Well, well, well... (1)

GameboyRMH (1153867) | more than 2 years ago | (#37120170)

What if I post from behind 7 proxies?

Re:Well, well, well... (0)

Anonymous Coward | more than 2 years ago | (#37120222)

proxies are a trap 2.

Squidink (1)

GodInHell (258915) | more than 2 years ago | (#37121024)

It's a trap.

Run.

Re:Well, well, well... (1)

phantomfive (622387) | more than 2 years ago | (#37120316)

At the same time, if you can't post something on the internet without being traced, maybe you shouldn't be hacking websites to begin with.

Relatedly: I hereby announce that I am the greatest hacker in the world, and announce hereby IN FULL PUBLIC, that I shall HACK THE FRONT PAGE of Slashdot, and it shall never be traced back to me. You will know it was me, because I will post a story titled, "Customer Email Address Leaks," or "Graphene in Space Offers Clues to Life on Earth." I shall continue the hack indefinitely, posting stories randomly selected from this page. [slashdot.org] You have been warned. We are numerous blah blah blah

Re:Well, well, well... (1)

phantomfive (622387) | more than 2 years ago | (#37120328)

That is, though I am the greatest hacker in the world, I cannot form HTML correctly. I meant, I shall post stories randomly selected from this page [goo.gl] .

Re:Well, well, well... (0)

Anonymous Coward | more than 2 years ago | (#37123522)

Great hackers don't make stupid mistakes like that.

Re:Well, well, well... (0)

Anonymous Coward | more than 2 years ago | (#37126406)

At the same time, if you can't post something on the internet without being traced, maybe you shouldn't be hacking websites to begin with.

Fail. The problem is not that you can be traced, the problem is that by including a little digital signature on each site you hack, you have effectively tied each hack to the account on RankMyHack. If the RankMyHack site it a trap set up by the cops then they can just dedicate as many resources as possible at tracking down the top 100 and you have effectively built their case for them by signing each site.

It would be stupid on the level of tagging your name in spray paint on the wall of every house you robbed, if/when the law catches up, they can connect you to every place you ever robbed. If you weren't that stupid then they may only be able to effectively connect you to a few big heists and that's it.

Re:Well, well, well... (0)

Anonymous Coward | more than 2 years ago | (#37120832)

Queue Admiral Ackbar!

Re:Well, well, well... (1)

blair1q (305137) | more than 2 years ago | (#37121404)

And there's no fighting in the war room.

Sounds like a hacker honeypot (0)

flagg9483 (940242) | more than 2 years ago | (#37119890)

And if it isn't then it should be.

Re:Sounds like a hacker honeypot (2)

blair1q (305137) | more than 2 years ago | (#37121432)

One court order later, it will be.

Whois rankmyhack.com (1)

Anonymous Coward | more than 2 years ago | (#37119912)

Current Registrar: FBI (Friendly-to Blackhat Institute)

I love this! (3, Funny)

MyLongNickName (822545) | more than 2 years ago | (#37119922)

In fact, I posted my first hack there fifteen minutes ago. Wait... why's my doorbell ringing? No one ever visits...

I'll give it a week (1)

uigrad_2000 (398500) | more than 2 years ago | (#37119950)

I'll bet that the site remains unhacked for no longer than a week.

Re:I'll give it a week (1)

cervesaebraciator (2352888) | more than 2 years ago | (#37119976)

... and is then promptly restored so the perpetrator can get points for taking it down.

Re:I'll give it a week (1)

Psylok (1526433) | more than 2 years ago | (#37120326)

"rankmyhack.com is worth 48 Ranking Points.
XSS attacks against rankmyhack.com are worth 0 points. "

not really worth it. (if not for the fun of it)

Re:I'll give it a week (1)

hedwards (940851) | more than 2 years ago | (#37121838)

XSS attacks yield more lulz though.

Re:I'll give it a week (0)

Anonymous Coward | more than 2 years ago | (#37120182)

That would be worth 48 points, according to the site.

Re:I'll give it a week (2)

Amouth (879122) | more than 2 years ago | (#37120446)

it's funny they give them selves a very very low point value compared to other sites.. they must not think much of them selves.

honeypot (0)

shentino (1139071) | more than 2 years ago | (#37119958)

ITSATRAP

Re:honeypot (1)

Anonymous Coward | more than 2 years ago | (#37120090)

# dig rankmyhack.com ns

;; ANSWER SECTION:
rankmyhack.com. 264 IN NS ns1.fbi.gov.
rankmyhack.com. 264 IN NS ns3.fbi.gov.
rankmyhack.com. 264 IN NS ns2.fbi.gov.

Re:honeypot (2)

shentino (1139071) | more than 2 years ago | (#37120442)

shentino@localhost 1 ~ $ dig rankmyhack.com ns

; > DiG 9.7.3 > rankmyhack.com ns ;; global options: +cmd ;; Got answer: ;; ->>HEADER- opcode: QUERY, status: NOERROR, id: 43444 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;rankmyhack.com. IN NS ;; ANSWER SECTION:
rankmyhack.com. 83829 IN NS ns24.underhost.com.
rankmyhack.com. 83829 IN NS ns23.underhost.com. ;; Query time: 1 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Wed Aug 17 09:43:28 2011 ;; MSG SIZE rcvd: 80

And I run BIND on my computer.

Either we have access to different name servers or you're a fakeposting bullshitter.

Re:honeypot (1)

kernelphr34k (1179539) | more than 2 years ago | (#37120676)

What a silly site! I lol'ed. You sir are correct! dude = bullshitter

Anyone can get it, but here:

Domain Name: rankmyhack.com
Registered at http://www.dynadot.com/ [dynadot.com]

Registrant:
UnderHost Networks Ltd
UnderHost Networks Ltd
1744 Laverendrye Road
Trois-Rivieres, Quebec G8Z 2E2
Canada

Administrative Contact:
UnderHost Networks Ltd
UnderHost Networks Ltd
1744 Laverendrye Road
Trois-Rivieres, Quebec G8Z 2E2
Canada
privacy@underhost.ca
+1 8004657440

Technical Contact:
UnderHost Networks Ltd
UnderHost Networks Ltd
1744 Laverendrye Road
Trois-Rivieres, Quebec G8Z 2E2
Canada
privacy@underhost.ca
+1 8004657440

Record expires on 2012/07/18 UTC
Record created on 2011/07/18 UTC

Domain servers in listed order:
ns23.underhost.com
ns24.underhost.com

Re:honeypot (0)

Anonymous Coward | more than 2 years ago | (#37120746)

I guess DNS isn't something to joke about.

Re:honeypot (1)

shentino (1139071) | more than 2 years ago | (#37121772)

Maybe, maybe not.

Setting up a scoreboard to attract hackers with big egos would be rather convenient if it was a trap. Maybe humor wasn't actually part of the question.

Re:honeypot (1)

Inda (580031) | more than 2 years ago | (#37121594)

A fakeposting bullshitter?!!??!!?

On Slashdot?!?!?!?

Posting as AC?!?!?

On the internet?!?!?!?

Shut up!

Re:honeypot (0)

Anonymous Coward | more than 2 years ago | (#37125934)

Here on Earth we usually call that a "joke". You should try it sometime. I recommend fart jokes since you wouldn't understand more complicated jokes.

Anyone else read this as "Hookers get their ..." ? (1)

ccandreva (409807) | more than 2 years ago | (#37119962)

I was kinda disappointed when I saw the article.

Re:Anyone else read this as "Hookers get their ... (0)

Anonymous Coward | more than 2 years ago | (#37120018)

A hooker ranking site would actually be a pretty useful public service for those into that kind of thing. I think there is already a popular escort ranking site.

Re:Anyone else read this as "Hookers get their ... (0)

Anonymous Coward | more than 2 years ago | (#37120060)

So why do we need another website to do the same thing?

Re:Anyone else read this as "Hookers get their ... (0)

Anonymous Coward | more than 2 years ago | (#37121538)

Hookers already have their own ranking site.

It's in my pants.

Re:Anyone else read this as "Hookers get their ... (0)

Anonymous Coward | more than 2 years ago | (#37125184)

Pro-tip: Most cities in Canada and Europe have such sites (and I'd assume the USA too), dig around.

Good (1)

i_ate_god (899684) | more than 2 years ago | (#37119978)

I'd rather it be for karma then for lulz

YUBO FAIL IT! (-1)

Anonymous Coward | more than 2 years ago | (#37120004)

NetBsD user marketing surveys

OH you mean.... (1)

Lumpy (12016) | more than 2 years ago | (#37120016)

My DCI ranking is pretty high... Oh wait... Hacker not nerd....

Nevermind...

Re:OH you mean.... (1)

sakdoctor (1087155) | more than 2 years ago | (#37120070)

Rank my epenis

Re:OH you mean.... (1)

webmistressrachel (903577) | more than 2 years ago | (#37120464)

Oh :-( Nobody can rank my epenis, because I'll never have one.

I once posted to a discussion here in which people were bragging about their gaming laptop specs, complete with link to a HP product page, and they referred to it as e-penis envy.

So even though I never thought about cocks, I was still a "lamer" cos my machine outspecced the boys' machines and I'm a woman, therefore don't qualify. :-(

I bet if I was a boy, I'd probably have a bigger one than half of you, or just a little less... </obviousgendertroll>

Re:OH you mean.... (0)

Anonymous Coward | more than 2 years ago | (#37121440)

So even though I never thought about cocks, I was still a "lamer" cos my machine outspecced the boys' machines and I'm a woman, therefore don't qualify. :-(

No, it was because you were a whiny bitch about it.

Re:OH you mean.... (1)

webmistressrachel (903577) | more than 2 years ago | (#37121572)

Lol... 1st bite...

On a serious note, how is posting my specs in reply to other similar posts being a whiny bitch about it?

Hope it keeps the twerps occupied (0)

Anonymous Coward | more than 2 years ago | (#37120040)

and out of here

Oh that Mudkip (0)

Anonymous Coward | more than 2 years ago | (#37120086)

I knew he was the best

Re:Oh that Mudkip (1)

webmistressrachel (903577) | more than 2 years ago | (#37120474)

Mudkip is a Pokemon! It's a Mud-type pokemon, with Water and Ground-like attributes.

Internets, assemble! (0)

Anonymous Coward | more than 2 years ago | (#37120098)

High school kids will get "pwned."

In the meantime, who's checked out who owns the site?

Ackbar says (0)

Pond823 (643768) | more than 2 years ago | (#37120108)

"It's a trap"

Classic Hacks? (0)

Anonymous Coward | more than 2 years ago | (#37120132)

Until I see Mitnik, Captain Crunch, and DeathVegetable on the scoreboard, my enthusiasm will be tepid at best....

Lemme guess... (2)

AngryDeuce (2205124) | more than 2 years ago | (#37120138)

Aaron Barr's new site?

An image is worth a thousand word (1)

Zen-Mind (699854) | more than 2 years ago | (#37120224)

If that site doesn't ring an alarm, them perhaps you should teach your children right-way to stay away from vans like this one [photobucket.com] as common-sense doesn't seem to be in your genes.

Fake (0)

Anonymous Coward | more than 2 years ago | (#37120368)

I have big doubts that some of the sites on the top of the list were hacked. Someone hacked google.com? Yeah, right.

Re:Fake (0)

Anonymous Coward | more than 2 years ago | (#37123884)

Yeah that is what I thought... Either that or couple people just found the way to deceive the verification of the hack.

how much to hack rankmyhack.com? (1)

XaXXon (202882) | more than 2 years ago | (#37120384)

48 points.

Surprised it doesn't have some smart-ass message when you type that in at the bottom to get how much it's worth.

Re:how much to hack rankmyhack.com? (1)

Sir Realist (1391555) | more than 2 years ago | (#37120462)

And the text you have to insert? "This site sponsored by the FBI." So apparently they're constrained by truth in advertising laws.

How many points to... (2)

Randwulf (997659) | more than 2 years ago | (#37120394)

How many points to hack rankmyhack.com? :-)

Re:How many points to... (0)

Anonymous Coward | more than 2 years ago | (#37120522)

48

Re:How many points to... (0)

Anonymous Coward | more than 2 years ago | (#37120592)

Depends on whether you hit the reset button on everyone on the board.

Then give yourself 9000+!

Re:How many points to... (1)

houghi (78078) | more than 2 years ago | (#37120644)

42. The real hack would be to know what base was used to calculate that.

Re:How many points to... (1)

archer, the (887288) | more than 2 years ago | (#37120724)

13. Also an amusing character on House.

Re:How many points to... (0)

Anonymous Coward | more than 2 years ago | (#37121162)

As many as you feel like awarding yourself, obviously.
Might be me, but looking at the #1 track record [rankmyhack.com] , apparently it only takes about 3 minutes between hacking sites that are worth over 1 million points...

Re:How many points to... (0)

Anonymous Coward | more than 2 years ago | (#37121946)

StackOverflowError

We forgot to mention... (0)

Anonymous Coward | more than 2 years ago | (#37120420)

We forgot to mention, the site is run by the government.....

Re:We forgot to mention... (0)

Anonymous Coward | more than 2 years ago | (#37120752)

We also forgot to mention which government.

We forgot to mention (0)

Anonymous Coward | more than 2 years ago | (#37120504)

We forgot to mention.... the site is run by the govt. Please submit your code to gain bonus points and your name for combo points.

Deleted internet (0)

Anonymous Coward | more than 2 years ago | (#37120546)

sudo rm -rf http://*

/. not worth a lot :( (1)

dufachi (973647) | more than 2 years ago | (#37120628)

slashdot.org is worth 110132 Ranking Points. XSS attacks against slashdot.org are worth 1101 points.

Wow, real stupidity (1)

hesaigo999ca (786966) | more than 2 years ago | (#37120850)

So technically, you are placing all the information of who hacked what and which site, so that someone can not only get a signed confession,
but also can let that webmaster know he has been hacked. Come on...I hope no real hax0r falls for this....
FBI head my warning, anonymous i r me, will reveal you to the world......

Won't it be constant question of.. (1)

landofcleve (1959610) | more than 2 years ago | (#37120974)

Whether the number one ranked entity earned for hacking another website or this one?

honeynet (0)

Anonymous Coward | more than 2 years ago | (#37121196)

time to go play with Christopher Robin in the hundred acre woods..

so... (0)

Anonymous Coward | more than 2 years ago | (#37121462)

1. hack cia.gov
2. post about it on the forums
3. go to prison

sounds like a plan...

Self Incriminateing (0)

Anonymous Coward | more than 2 years ago | (#37121530)

The best part is that the cops only have to raid one service and bam all hackers are nabbed.

One stop shopping (2)

DarthVain (724186) | more than 2 years ago | (#37121656)

for all your hacking prosecution needs...

if ever there was a website for the FBI etc... to hack and infiltrate that would be it.

Problem is, you are only going to get the hackers stupid enough to post there, which are likely too stupid too do anything too bad.

Maybe rename it scriptkiddies.com, of course then the FBI would really be all over you...

Re:One stop shopping (1)

gl4ss (559668) | more than 2 years ago | (#37123232)

just name it rootshell.

oh the times when you could play warbirds with a generated cc and all you needed for root was to do an altavista search on the boxes version strings and instead of torrent you had just lists of ftp sites of public organizations with bad configs.

Achievements (0)

Anonymous Coward | more than 2 years ago | (#37121748)

They need achievements like on Xbox Live.
“Achievement Unlocked: You Hacked the PSN!”

NSA.gov is Only Worth 2,497 Points?!?! (1)

InitZero (14837) | more than 2 years ago | (#37121934)

Points are awarded based on the wrong algorithm. For example, NSA.gov is only worth 2,497 points but HomeDepot.com is worth 219,941? The Department of Homeland Security (dhs.gov) is worth 17,068 while facebook.com is 75,000,000? Really? Until the rankings better reflect the underlying difficulty and associated risk, I refuse to participate in this sham. Cheers, Matt

Re:NSA.gov is Only Worth 2,497 Points?!?! (1)

Georules (655379) | more than 2 years ago | (#37122794)

What exactly do you think would be interesting on the public webservers of the NSA or DHS government websites? I'd be willing to bet, not much. A few HTML files, some images. Pretty much everything you could get without hacking it.

This seems like a Gov fishing ploy! (1)

Paracelcus (151056) | more than 2 years ago | (#37122282)

Think about it!
Get the immature, young, reckless wannabes to turn themselves in so that Eric Holder can trumpet his triumph over the EEEVILE hakorzz!

Re:This seems like a Gov fishing ploy! (1)

DangerOnTheRanger (2373156) | more than 2 years ago | (#37122466)

Think about it!

That's asking too much of most people.

how about points are based on... (1)

PJ6 (1151747) | more than 2 years ago | (#37122636)

how many you give yourself after hacking the site itself?

Hack Rank My Hack (1)

Tim12s (209786) | more than 2 years ago | (#37123874)

Well it will be a very short time until someone hacks that site to come out with billions of points.

Honeypot?

Points (0)

Anonymous Coward | more than 2 years ago | (#37124208)

Facebook is the most rewarding one i've found so far, 75M points.

This isn't the 'first elite hacker ranking system' (2)

Neurotrace (2382180) | more than 2 years ago | (#37124562)

because first off, you wouldn't call it "elite." Also, ever heard of Hack This Site? [hackthissite.org]

escaped subject (0)

Anonymous Coward | more than 2 years ago | (#37125140)

When you make an advertising enquiry, you get a webmail type interface with the subject including an escaped single quote thus:
\'Advertising

Funny!

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...