VERT Challenge #1 Progress

The folks at nCircle Blog have posted a VERT Challenge, and hopefully more to come. You can check out the details at their blog, but I'll be posting my progress here and we'll see how far I can get before I either a.) give up, or b.) someone else gets it, or c.) hopefully win!

Anyways the requirements are as so:

• Locate the WinNY application Online (Both Versions 1 and 2)
• Determine how to perform proper WinNY detection. (remotely -- via the listening TCP port)

What you need to provide in order to win:

• Any encryption, authentication or hashing used for communication.
• A breakdown of the information provided by WinNY when you connect to it.
• The unencrypted strings that distinquish between WinNY 1 and WinNY 2.
• Bonus Points for providing a script or source code to perform the detection.

I have located both versions 1 and 2 of the the p2p software... I'll begin working on identifying them on the network soon. Stay tuned for further progress and good luck to anyone else participating.

Posted by Marcin on Wednesday, March 7, 2007 in Security.