Monday, October 23, 2017

Words of Wisdom from Wasabi's Corner


I had a blast.  There were lots of new faces, some old, some familiar, and some only scored 10 points and left.  As usual I walked the floor and tried to help everyone from veteran wctf person to all the new people.  But I think the WCTF team just loves watching the blind leading the blind so they keep inviting me back to help.  HAHA 

We had a great turnout and competition was tough for the top individual score until the wireless fox was found.  Congratulations to all the winners and I hope the new people saw the fun and will be back next time.  The following are my observations and suggestions for the next time you participate in the WCTF.

Ask for help
Yes I know I was vague lots of time when you asked me something.  Sometimes I knew the answer and could not tell you or I had no idea.  I am not told the exact answers to all the problems.  And I only know the ways I would attack it or attempt to find the solution.  Dont sit and stew.   I will help you get on the scoreboard.  I won't do it for you and I won't tell you the exact thing to type into your terminal but I will suggest tools and or reasons why you are having a hard to impossible time with what you are working on.  And BTW it's not like I'm quiet or anything, if you hear me helping someone listen in and write stuff down because it will probably help you too.

People getting stuck on what they thought was easy
I saw a lot of people get stuck on WCTF_01 (WEP).  WEP is not easy stop saying that.  WEP is vulnerable and can only be defeated if you do the right things and collect enough of the right things to exploit the vulnerability.  If what you are doing is not working it might not be broke and you should try something else because that one thing from that one article you read that one time is not working.


Running in VM’s
I will give you the short answer on this.  DONT.  Ok now here is why.  Myself nor anyone else wants to figure out why your system is not working right, not capturing traffic right and any other little quirk or hiccup because you are running in a VM.  (I take that back yes I will help you troubleshoot your IT problem but you won't like my IT Consulting rate and I make no promises it will work)  Yes, I know you don't do this all the time.  So make two bootable USB drives and an extra copy of the ISO.  Do you have to install Pentoo or kali on your laptop? No you don't I have run off a live USB to compete in the WCTF before.  People found out real quick if you don't give enough resources to the VM that using aircrack or SDR is really really really terrible and slow.  And even if you did give tons of resources to your VM USB passthrough and virtualization will still be a problem.
           

Build your own wireless cheat sheet
Again I know you don't do this all the time.  So why are you still Googleing the same things at every WCTF.  Open the note pad or note taking app of your choice and start writing stuff down and add the link in case you want to do further searching.  Those 30-45 minutes you have to keep Googeling you could be looking for foxes or getting another WPA2 Flag and it could mean the difference between winning or coming in second place.
           

Hostile Air
I feel bad that two people left out of frustration of the networks intermittent issues.  And while there is no correct answer or solution for this all I can say is welcome to wireless hacking.  The wireless in the room is kinda wonky and all over the place.  People are hacking, cracking, Deauthing, and some new people have no idea what they are doing and might just be flooding the air with craziness. Plus you are at a INFOSEC Security Conference and there are super leet and super script kiddy bull crap going on too.  We saw different things going on and the WCTF team used a little magic of our own and fixed them.  Just be aware this is a thing.

Conclusion
If this is something you wish to pursue personally or professionally then give it a little time, do it legally, and have fun. The WCTF is a competition, it is a game, it is not impossible.  With a little prep work I can't guarantee winning but you will be less frustrated and have lots of success.  Even (insert local sports ball team here) has planning, strategy meetings, and preparation for the next game.  How much would it suck to know that given a little more preparation you would not have lost by 100pts or less.  Just saying.  But what would I know.  And I'm not your supervisor.  You do what you want.  Im sure you know better.  I would agree with you but then we would both be wrong.

Sunday, October 8, 2017

2017

Well BSidesDC 2017 has concluded and we had a great time!  Hope all our players and visitors did as well.  
We were treated to a great presentation by Wasabi covering great information for newbies and veterans alike. 
Thanks brother for all the work and support you gave the Village!








Wiresharknado   2485 Points


  • $250 Gift card to Micro Center
  • 2 x WCTF Challenge Coins
  • 2 x BSidesDC black badges





Crimson Agents  1512 points

  • $100 Micro Center gift card
  • 1 x BSidesDC black badge








 








Root_Acquired   1375 points

  •  1 x BSidesDC black badge

Sunday, July 30, 2017

DEFCON 25 Wireless Village CTF


Final scores




Thank you soooooooo much to our awesome sponsors who donated the awesome prizes below.




And the winners are......



What does the fox say?

WiFi Pineapple Tetra
5 ESP board
Lock Picks
Telefreaks pager watch
Ettus b200 with metal case
Lan Turtle
Bash Bunny
Hak5 long range amp
WiFi Card
HackRF
No Starch T-shirt
HFC Shirt
Wide Band
Wireless Village 2017 coin for each member



DiPolarBears

WiFi Pineapple
3 ESP boards
US Go
Hackers for Charity shirt
No starch t-shirt
Aerohive AP
cables and pig tails
4 caffeine vape pens
Pager watch
Wireless Village 2017 coin for each member



DalesPaleAles

Hak5 Everything kit
Hackers for charity shirt
Variety of four No Starch Press Books
Caffeine vape pens
3 ESP boards
Simple WiFi small antenna
Wireless Village 2017 coin for each member



Friday, July 28, 2017


We're winding down to the end of Wireless CTF Day 1 here at DEFCON 2017.

Here are the current scores and challenges status:





WELCOME to the 1980's


DEFCON 25 is on!!!

In-brief is underway and talks begin at 11:30am today.
Check out the schedule here.




Wednesday, July 5, 2017

Calling all sponsors, call all sponsors....


Hey there!  Wireless Village here.

Do you enjoy the fun, learning, antics, and prizes of WCTF?

Want to help WCTF remain a strong presence at all your favorite cons?

You can!

We are currently looking for corporate sponsorships.


Many of the people who participate in the WCTF work with network security, signals analysis, and general INFOSEC.  Maybe you're one of them?  Regardless of your employers sector in INFOSEC, odds are your employer has benefitted from the skills and practice you experienced at WCTF.  If so, do you think your employer might be interested in supporting our team?

  1. How can you help?
    1. Speak to your employer and ask if they would like to have their name on WCTF swag, such as, our team t-shirts, team website, and acknowledgement during WCTF announcements at all the cons we attend.
  2. What will it cost?
    1. Thats up to them.  
    2. Your employer can sponsor us with a cash donation or a gift in kind of products.  Company products, such as Hak5 WiFI Pineapples, Great Scott Gadget Hack RFs, Pwnie Express Pwn-Pads, and Aruba APs (just to name a few) are examples of gifts in kind which become the awesome WCTF sweet prizes teams can win!
  3. How do they sponsor WCTF?
    1. Contact us through our website.  You can download the sponsor information and participation form here WCTF Sponsors.  Here you will find a list of the awesome companies that sponsored us last year and in years prior.  Download a copy of our sponsor information documents to share with your employer.
Remember without sponsors WCTF can't happen!

Thursday, June 15, 2017



Kismet is a wireless network detector, sniffer, and intrusion detection system. Kismet works predominately with Wi-Fi (IEEE 802.11) networks, but can be expanded via plug-ins to handle other network types.


A BIT ABOUT ITS ORIGINS

Many of us who work or play in the wireless world have come to know and love Kismet.  If you have ever competed in the Wireless Village WCTF I am willing to bet you used Kismet for some of the challenges.
Kismet is the creation of Dragorn, a long time member of the INFOSEC and hacker communities.  Dragorn created this out of both need and a passion.  Lucky for us, he chose to make it readily available to everyone.

WHY SUPPORT DRAGORN'S WORK


It takes time, effort and skill to maintain Kismet and enhance its features.  Dragorn has never charged for this tool and shares it freely with the community.  But! wouldn't it be great if you could show him your appreciation for his work and effort?  Well, you can!  Click the link below to become a patron of Dragorn and his Kismet creation.  It doesn't matter if you do a one time donation or a monthly.  If you use Kismet then show a little love and appreciation to the talented and generous Dragorn!