Vicnum (Hacking Game)
This is the vicnum project ("vicnum")
This project was registered on SourceForge.net on Jan 27, 2009, and is described by the project team as follows:
A flexible web app showing vulnerabilities such as cross site scripting, sql injections, and session management issues. Helpful to IT auditors honing web security skills and setting up 'capture the flag' . Play the game at http://vicnum.ciphertechs.com
Vicnum (1.5) is an OWASP project consisting of multiple vulnerable web applications based on games commonly used to kill time. These applications demonstrate common web security problems such as cross site scripting, sql injections, and session management issues. The goal of this project is to strengthen security of web applications by educating different groups (students, management, users, developers, auditors) as to what might go wrong in a web app. And of course it's OK to have a little fun. There are currrently three applications (or challenges) in this version of Vicnum. Guessnum, a game to guess a number the computer has picked. Jotto, a game to guess a word the computer has picked. And the Union Challenge which is new to version 1.5 Besides untarring the tar into the right folder and some Apache webserver tweaking, three MySQL tables will need to be created.