Tuesday, June 14, 2011

Metasploit Exploit Bounty - $5,000.00 in 5 weeks

The Metasploit team is excited to announce a new incentive for community exploit contributions: Cash! Running until July 20th, their Exploit Bounty program will pay out $5,000 in cash awards (in the form of American Express gift cards) to any community member that submits an accepted exploit module for an item from their Top 5 or Top 25 exploit lists. This is their way of saying thanks to the open source exploit development community and encouraging folks who may not have written Metasploit modules before to give it a try.

All accepted submissions will be available under the standard Metasploit Framework license (3-clause BSD). Exploit selection is first-come, first-serve; please see the official rules for more information.


Contributors will have a chance to claim a vulnerability from the Top 25 ($100) and Top 5 ($500) lists. Once a vulnerability has been claimed the contributor will be given one week to work on a module. After a week the vulnerability will be open again to the community. Prizes will only be paid out to the first module contributor for a given vulnerability. The process of claiming a vulnerability is an attempt at limiting situations where multiple contributors submit modules for the same vulnerability. To stake a claim, send an email to bounty@metasploit.com with the name of the vulnerability from the list below. All claims will be acknowledged, so please wait until receiving the acknowledgement before starting on the exploit. Each contributor can only have one outstanding claim at a time.

If you need help with the Metasploit module format, feel free to drop by the IRC channel (#metasploit on irc.freenode.net), and take a look at the some of the community documents:


Rules and claim status of the 2011 Metasploit Exploit Bounty program.

Submission

1. Choose an exploit from the list below that has an empty Owner field.
2. Email bounty@metasploit.com and wait for an ackknowledgement of your claim.
3. Within one week, submit an exploit module to the Metasploit Redmine tracker as a new ticket with attachment.
4. Receive feedback on the module via Redmine and acceptance status.

Rules

  • All submissions must come from the Top 25 or Top 5 lists below
  • All exploits should be submitted to Metasploit Redmine.  1 ticket per exploit.
  • Modules MUST conform to the HACKING style guidelines
  • Should work reliably on all targets listed in the module.
  • Should bypass ASLR/DEP when applicable (ROP)
  • English-based targets should be included
  • Denial-of-service modules do not count
  • Contributors may not be residents of a US embargoed country

Payment
The program ends July 20th, this is the submission deadline for modules to be considered for the contest. Payment will be in the form of American Express gift cards sent within 60 days from the end of the program.

TOP 5 List ($500 bounty)


CVEDescriptionOwner
2011-1807Google Chrome before 11.0.696.71 does not properly handle blobs execution of arbitrary code.
2011-1218Lotus Notes - Autonomy Keyview(.zip attachment)Alino
2011-1206IBM Tivoli Directory Server
2011-0657Vulnerability in DNS Resolution Could Allow Remote Code Execution
2011-0041Vulnerability in GDI+ Could Allow Remote Code Execution

TOP 25 List ($100 bounty)


CVE/ZDIDescriptionOwner
2011-0663Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution
2010-3757IBM Tivoli Storage Manager (TSM) FastBack Server _Eventlog Function Format String Arbitrary Code Execution
2011-0065Mozilla Firefox OBJECT mChannel Remote Code Execution Vulnerability
2010-3708JBoss Enterprise Multiple Products JBoss Drools Deserialization Static Initializer Remote Code Execution
2011-0682Opera Large Form Input Handling Crafted HTML Document Memory Corruption
2010-3972Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution
2011-0975IBM Informix Dynamic Server SET ENVIRONMENT Remote Code Execution Vulnerability
2011-0917IBM Lotus Domino nLDAP.exe LDAP Bind Request Remote Code Execution (poc)
2010-0111Symantec Alert Management System Intel Alert Handler Service (HDNLRSVC.EXE) Remote Code Execution
ZDI-10-128ZDI-10-128 Ipswitch Imail Server Queuemgr Format String Remote Code Execution Vulnerability
2010-3582Oracle VM ovs-agent XML-RPC Multiple Function Remote Command Execution
2011-0116Apple Safari WebKit htmlelement Library setOuterText Method Handling Memory Corruption
2011-1248Microsoft Windows WINS Service Failed Response Data Reuse Memory Corruption Remote Code Execution
2011-0918IBM Lotus Domino NRouter Service Calendar Request Attachment Name Parsing Remote Code Execution
2011-0807Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability
2011-0073Mozilla Firefox nsTreeRange Dangling Pointer Vulnerability (POC)
2011-0647EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability
2011-0034OpenType Compact Font Format driver in Microsoft Windows allows remote attackers to execute arbitrary code
2011-1290Integer overflow in WebKit allows remote attackers to execute arbitrary code
NoneSiemens Tecnomatic FactoryLink logging function stack based buffer-overflow caused by the usage of vsprintf
NoneIconics GENESIS32 and GENESIS64 Integer overflow during allocation of the memory used to create an array
NoneDATAC RealWin On_FC_CONNECT_FCS_LOGIN packet containing a long username.B|H
TBA( This entry is being updated )
ZDI-11-023Citrix Provisioning Services streamprocess.exe Remote Code Execution Vulnerability
2011-1804Google Chrome Floats Rendering Stale Pointer Remote Code Execution


 Via -

https://community.rapid7.com/

metasploit-exploit-bounty-30-exploits-500000-in-5-weeks

Greetz and Thank - Amal bro

No comments:

Post a Comment