Hacking Extra Credit

This opportunity is open to all members of the class.  The goal is to
hack into the server of one of the other teams.  The restriction is
that you cannot physically touch their machine.  That would be too
easy.  It is a simple matter to reboot the machine, bring it up in
single-user mode, and obtain root access.  In the real world machines
are kept in locked rooms because physical access is almost always
sufficient to allow someone to compromise the machine.

You must attack through the network.  There are two types of attacks.

Class A: Change something important, such as their web home page, or
such as creating an account for yourself on the target server.  Your
change must clearly identify you as the intruder.

Class B: Learn something important, such as the contents of their
password file, or one or more of their CGI scripts, or one or more of
their database tables.

To get credit for your conquest, you must email me or visit me with
details.  Bring a printout of the information you obtained, or email
it to me.  I will verify it with the team and give you your credit.
Or point out their compromised web pages.

I will award ten points per verified conquest, for a maximum of three
conquests, during the approved window of opportunity.  Once you
conquer a machine, you must wait two business days before conquering
it again for credit.

There is a time limit.  Class A conquests must occur between the tenth
and twelfth week (specific dates will be posted later).  Class B
conquests can happen any time (earlier or later), but credit is only
earned between weeks ten and twelve.