Tuesday, October 18, 2016

BSides DE First Place winner tells his story!

This week, we bring you another guest post from our players.  This time, the great and powerful Wasabi shares his experience about winning at BsidesDE...

void main ()
So BSIDES DE is the first stop for the new version of the WCTF after it gets a makeover that starts at DEFCON.   There is some tough competition at BSIDES DC so I wanted to get a leg up and get a sneak peek at the challenges.  So I made the short trip up from Maryland and had a great time.  It was my first time going to BSIDES Delaware I really enjoyed the small laid back feeling of the conference.  My team and I thought the trip was a great idea after seeing the DEFCON in-brief and looking at the new challenges.  It became clear I need to step my game up after many things that stumped me like a chump that I will be preparing to beat at the next WCTF.  They are now doing Individual scores as the overall winner.  No teams for now, they are trying this out for a while to see how it goes.  There was no Hide and Seek or Foxes at this conference the square footage did not allow for proper hiding and difficulty.


First I was a speaker at the convention giving a talk on competing in the WCTF.  And even though I was full of good advice I could not even get out of my own way.  I failed to test my gear, I had been using Pentoo for an SDR class I was taking.  I had issues with installing standard and hardened and finally got the dev build to install.  Well at least is was not the night before right.  I even ran BT and used blue_hydra.  But not once did I try anything with Wifi.  Guess where the problem was.  I bet you can't guess.  Ok maybe you can.

Well there is a bug that kernel panics your system when you put your wifi card into monitor mode.  Go figure it literally does this on every single computer in the world except for Zero’s.  So now I’m sitting here at my table having to download an older version of Pentoo to live boot for the competition.  People stopped by to see things after my talk and all they saw was me struggling to get started.  Times ticking and I haven't even started yet.

After flying disks, plenty of “EXTREMELY” encouraging help, and giving up on installs and just going with a live boot I was up and going.  So now some time after 2pm I was rocking and rolling starting on the Wifi Challenges.  I turned in 5 flags for Wifi and got hung up on the last few.  They had been created in such a way that normal scans were not effective in discovering their secrets.  They were just a little out of my scope for now.

There were a few people that came and went that saw my talk some stayed and played.  The CyberRedneck was a very cool guy who also had the hunger for flags and points and I helped him along the way for his first WCTF.  He got third place at his first WCTF.  I might have created a monster. 


 We got in nice and early to get a start on the game enjoying bagels and coffee.  I switched to SDR to try out a few things.  To say I was frustrated was an understatement.  These guys are creative.  Some things are staring you right in the face and you couldn't even tell.  Other times you think you have it and it's a false flag.  Things got a little more serious as more people started to play on Saturday.  So there was definitely a change in pace and stress as I saw another person start to rise up the point list.

So I fell back to Wifi as my strong suite.  The last few challenges were epic to say the least.  After digging through pcaps and a little assistance from Zero he said they may be a little harder than anticipated.  So again I am now scrambling on SDR to get some more points.  I was able to get one flag begrudgingly after having to install more apps on my phone to figure it out because GQRX was not showing me what I needed.  I am still haunted by the music.  Who even does AOL dial up Dubstep?  Why is that even a thing?  I tried for one last flag as time was running out.  But as always I fell into the category of it will not work for me the first time.  I was having software issues and codex problems that had everyone's head scratching.

In the end I was able to hold out and made top score.  I had a great time.  I met some new people.  Learned some new things.  I even met a former San Antonio Spurs player.  BSIDES DE is now a permanent conference on my calendar.  Thank you to the WCTF crew, the BSIDES DE crew,  and the Sponsors. 

We would like to sincerely thank Wasabi for his great write-up of the BSides experience.  We run this game to provide a safe space to practice and test your skills, but above all we do it to share our passion with others.  As Wasabi mentioned above regarding CyberRedNeck, the WCTF is a great place to pass on your knowledge and experience and make new friends.  We sincerely hope the Wireless Village's efforts help keep your interest fired up and maybe ignites a new love in first time attendees and contestants.  Many previous winners, near winners, and people who play have stories just like this.  Please, come in, sit down, play, make friends, and join a welcoming group of your new friends.

Many thanks to our AWESOME sponsors whose generous donations sweeten the pot for our contestants.

-The Wireless Village and Wireless CTF Team

No comments:

Post a Comment