Hack CompojoomComment and win a prize!

The idea

Last week I had a client that had his site hacked. The usual story – outdated Joomla version and outdated extensions… The work that I invested on that website fixing the damage that the cracker did was tough. It made me realize that I prefer to prevent possible cracker attacks, than to spend hours repairing the broken pieces left.

Security is important

At Compojoom we invest a lot of time writing secure software, but we also are well aware of the fact that we don’t know everything. We want to make sure that CompojoomComment is as secure as possible, that is why we are starting this small hacking competition. pus

When?

Starting from now till the end of August 2010.

Rules

On this site http://hackme.compojoom.com You will find a standard Joomla installation with just one article and CompojoomComment installed. Try to breach into the system, try to overcome the captcha protection, try to make an SQL or XSS attack. If you succeed and can explain to us what you did and how you did it, then you are going to be rewarded.

Keep in mind

Try to concentrate only on CompojoomComment. If you find a linux or apache bug, then perhaps you want to report that problems to them :). We want only to push CompojoomComment to the limit!

Prizes

Right now we’ve gathered 200€. This money will be divided between all participants that have found a security problem in CompojoomComment. In the case that there is no security hole in our software (what I really hope for :)) we will donate the money to the Joomla project.
In addition to our money prize, the first 5 users to find a security hole in CompojoomComment will get a 1 year subscription to SalvusAlerting.com .(the subscription costs 197$ per year!)

Can you sponsor the competition?

Of course you can! Right now our prize fund has 200€ in it. But if you wish to motivate the participants even more you can send money to This email address is being protected from spambots. You need JavaScript enabled to view it. and we will add your donation to the prize and will list you in the sponsors below.

FAQ

Sponsors

Here we would like to thank our sponsors: