A PHDays 9 a karon farko a matsayin wani ɓangare na yakin cyber An yi hackathon ga masu haɓakawa. Yayin da masu karewa da maharan ke fafatawa na tsawon kwanaki biyu don samun iko da birnin, masu haɓakawa dole ne su sabunta aikace-aikacen da aka riga aka rubuta da turawa tare da tabbatar da cewa sun yi tafiya cikin sauƙi a fuskantar hare-hare. Za mu gaya muku abin da ya faru.
Ayyukan da ba na kasuwanci ba ne kawai waɗanda marubutansu suka gabatar da su an yarda su shiga cikin hackathon. Mun karbi aikace-aikace daga ayyuka hudu, amma daya kawai aka zaba - bitaps (). Ƙungiyar tana nazarin blockchain na Bitcoin, Ethereum da sauran madadin cryptocurrencies, aiwatar da biyan kuɗi da haɓaka walat ɗin cryptocurrency.
Bayan 'yan kwanaki kafin fara gasar, mahalarta sun sami damar yin nisa zuwa kayan aikin wasan don shigar da aikace-aikacen su (an shirya shi a cikin wani yanki mara kariya). A The Standoff, maharan, ban da abubuwan more rayuwa na birni mai kama-da-wane, dole ne su kai hari kan aikace-aikacen kuma su rubuta rahoton bug bounty akan raunin da aka samu. Bayan masu shirya sun tabbatar da kasancewar kurakurai, masu haɓakawa na iya gyara su idan sun ga dama. Ga duk rashin lahani da aka tabbatar, ƙungiyar masu kai hari sun sami lada a bainar jama'a (kuɗin wasan The Standoff), kuma an ci tarar ƙungiyar haɓakawa.
Har ila yau, bisa ga sharuɗɗan gasar, masu shirya za su iya saita ayyukan mahalarta don inganta aikace-aikacen: yana da mahimmanci don aiwatar da sababbin ayyuka ba tare da yin kuskure ba wanda zai shafi tsaro na sabis. A kowane minti na daidaitaccen aiki na aikace-aikacen da kuma aiwatar da gyare-gyare, an ba masu haɓaka kudaden jama'a masu daraja. Idan an sami rauni a cikin aikin, da kuma kowane minti na raguwa ko aiki mara kyau na aikace-aikacen, an rubuta su. Robots ɗinmu sun sanya ido sosai akan wannan: idan sun sami matsala, mun kai rahoto ga ƙungiyar bitaps, muna ba su damar gyara matsalar. Idan ba a kawar da shi ba, ya haifar da asara. Komai yana kamar a rayuwa!
A ranar farko ta gasar, maharan sun gwada sabis. A ƙarshen ranar, mun sami rahotanni kaɗan ne kawai na ƙananan lahani a cikin aikace-aikacen, waɗanda mutanen bitaps suka daidaita da sauri. Da misalin karfe 23 na dare, lokacin da mahalarta zasu gaji, sun sami shawara daga gare mu don inganta software. Aikin bai kasance mai sauƙi ba. Dangane da tsarin biyan kuɗin da ake samu a cikin aikace-aikacen, ya zama dole don aiwatar da sabis wanda zai ba da damar canja wurin alamu tsakanin walat biyu ta amfani da hanyar haɗi. Mai aikawa da biyan kuɗi - mai amfani da sabis ɗin - dole ne ya shigar da adadin akan wani shafi na musamman kuma ya nuna kalmar sirri don wannan canja wuri. Dole ne tsarin ya samar da hanyar haɗi na musamman wanda aka aika zuwa mai biyan kuɗi. Mai karɓa ya buɗe hanyar haɗi, shigar da kalmar wucewa don canja wuri kuma ya nuna jakarsa don karɓar adadin.
Bayan sun karbi aikin, mutanen sun yi nasara, kuma da karfe 4 na safe an shirya sabis don canja wurin alamu ta hanyar haɗin gwiwa. Maharan ba su sa mu jira ba kuma a cikin ƴan sa'o'i kaɗan sun gano ƙaramin lahani na XSS a cikin sabis ɗin da aka ƙirƙira kuma sun ba mu rahoto. Mun duba kuma mun tabbatar da samuwarsa. Ƙungiyar ci gaba ta yi nasarar gyara shi.
A rana ta biyu, masu satar bayanan sun mayar da hankalinsu kan sashin ofis na birni mai kama-da-wane, don haka babu sauran hare-hare kan aikace-aikacen, kuma masu haɓakawa za su iya huta daga dare marar barci.
A karshen gasar ta kwanaki biyu, mun ba da aikin bitaps kyautuka masu mantawa.
Kamar yadda mahalarta suka yarda bayan wasan, hackathon ya ba su damar gwada ƙarfin aikace-aikacen kuma tabbatar da babban matakin tsaro. "Shigar da hackathon babbar dama ce don gwada aikin ku don tsaro da samun gwaninta a ingancin lambar. Mun yi murna: mun yi nasarar yin tsayayya da harin maharan, - ya raba ra'ayoyinsa memba na kungiyar ci gaban bitaps Alexey Karpov. - Kwarewar da ba a saba gani ba ce, tunda dole ne mu tsaftace aikace-aikacen a cikin yanayin damuwa, don sauri. Kuna buƙatar rubuta lambar inganci, kuma a lokaci guda akwai haɗarin yin kuskure. A irin wannan yanayi za ku fara amfani da duk fasaharku.".
Muna shirin sake gudanar da hackathon a shekara mai zuwa. Bi labarai!
source: www.habr.com