Announcement

Collapse
No announcement yet.

[Defcon 16] Welcome to the DEFCON Badge Hacking Contest

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • [Defcon 16] Welcome to the DEFCON Badge Hacking Contest

    Well, here we are again! For the 3rd year in a row, I've had the honor of designing the DEFCON badge. And, for the 3rd year in a row, DT has been gracious enough to let me host a contest around hacking the badge. This is the first year that it will be an official contest announced in advance, etc., as previously we've kept the whole thing under wraps until the first day of the con.

    Here's a little description of the contest...

    The DEFCON Badge Hacking Contest awards the top 3 most ingenious, obscure, mischievous, obscene, or technologically astounding badge modifications created over the weekend. No longer just a boring piece of passive material, the badge is now a full-featured, active electronic product, and it exists for your hacking pleasure.

    We've had some amazing hacks in previous years. For info on the past badges and badge hacking contest entries, check out:

    http://www.grandideastudio.com/portf...fcon-15-badge/

    and

    http://www.grandideastudio.com/portf...fcon-14-badge/

    I can't release much information on the particular badge design until the first day of DEFCON, for various security purposes, but I'll be posting some clues and information in this forum every once in a while to make sure you guys (and girls) are prepared for the contest and don't have to waste the weekend installing tools and messing with drivers (like people had to do in previous years).

    Unlike last year, where I staged a "badge hacking table" in the corner of the vendor area (complete with a real-life engineer from Freescale providing support), this year people are more than welcome to use the Hardware Hacking Village up in the Skybox area to hack the badges. There will be some equipment there for public use and I'll be spending much of my unused time there hanging out, helping out, etc. So, even if you don't bring your own soldering iron, multimeter, or whatever, lots of tools and resources will be available to you.

    As for prizes, no black badges as far as I'm aware, but we'll still have some cool swag that you can't get from any other contest. Plus, bragging rights that can earn you "cool" points all over the world (somehow).

    That's it for now. More later.

    -Joe Grand (Kingpin)
    http://www.kingpinempire.com (will be up by DEFCON)

  • #2
    Re: Welcome to the DEFCON Badge Hacking Contest

    Some questions to help start off this for people that would want to compete:
    1) Do you have suggestions of online resources for novices that will want to read before going to Defcon?
    2) Do you know of locations in Las Vegas that are close to the Riviera, helpful or cheap or a desired mix of these, when parts are desired?
    3) What tools should a person looking to compete bring with them to Defcon? (You provided an answer to this above:) "people are more than welcome to use the Hardware Hacking Village up in the Skybox area to hack the badges. There will be some equipment there for public use and I'll be spending much of my unused time there hanging out, helping out, etc."
    4) Will expansion kits be offered again this year? If so, where?

    Hey! Maybe we can put the Q in a new FAQ for you.
    tiny font: _. ___ _... ___ _.. _.__ .._ ... . ... __ ___ ._. ... . _._. ___ _.. . ._ _. _.__ __ ___ ._. .

    Comment


    • #3
      Re: Welcome to the DEFCON Badge Hacking Contest

      Originally posted by TheCotMan View Post
      Some questions to help start off this for people that would want to compete:
      1) Do you have suggestions of online resources for novices that will want to read before going to Defcon?
      2) Do you know of locations in Las Vegas that are close to the Riviera, helpful or cheap or a desired mix of these, when parts are desired?
      3) What tools should a person looking to compete bring with them to Defcon? (You provided an answer to this above:) "people are more than welcome to use the Hardware Hacking Village up in the Skybox area to hack the badges. There will be some equipment there for public use and I'll be spending much of my unused time there hanging out, helping out, etc."
      4) Will expansion kits be offered again this year? If so, where?

      Hey! Maybe we can put the Q in a new FAQ for you.
      Answering Number 2 above, there is a Fry's Electronics store a little way past the Luxor way at the end of the strip. It's this HUGE ass warehouse looking building, go around back and you'll see the big FRY's sign in red.
      anything and EVERYTHING you'd ever need is in there and is certainly worth the trip just to check it out if you've never been to a Fry's before..


      Exibar

      Comment


      • #4
        Re: Welcome to the DEFCON Badge Hacking Contest

        What color is the PCB solder mask for the various type of badges this year?

        Also are you sticking with 0603 LEDs?

        Comment


        • #5
          Re: Welcome to the DEFCON Badge Hacking Contest

          I can neither confirm nor deny the existence of soldermask colors on the PCB.

          Yes, there are a few 0603 LEDs on board. I had a bunch leftover from last year so I designed them in :)

          Joe


          Originally posted by DCFluX View Post
          What color is the PCB solder mask for the various type of badges this year?

          Also are you sticking with 0603 LEDs?

          Comment


          • #6
            Re: Welcome to the DEFCON Badge Hacking Contest

            * The most important thing to take from this post is that this isn't a hardware hacking contest, it's a badge hacking contest. Modifications can come in all sorts of shapes and sizes. If you look at the previous year's entries and winners, you'll see that the more varied your hacks, the better. The further away from the obvious and the more people say "Damn, that's cool," the more likely you are to win.

            * The design this year is based around a Freescale Flexis MC9S08JM60 processor. Other notable features include a SecureDigital socket and infrared transmitter and receiver.

            * The DEFCON CD will contain all of the development tools, a licensed version (valid through August 20, 2008) of Freescale Codewarrior 6.1 for MCUs Professional Edition with unlimited code size (which normally costs $1995, but the folks at Freescale were kind enough to give DEFCON attendees a free license in order to promote badge hacking and microprocessor experimentation), and source code, schematics, etc.

            * If you want to set up the IDE in advance to save time, you can get the public, freely available version of Freescale CodeWarrior 6.1 Special Edition, which is limited to 32KB of code space and can be downloaded from:

            http://www.freescale.com/webapp/sps/...?nodeId=012726

            * Bring an SD card for maximum enjoyment and benefit (minimum 64MB, *must* be FAT16 formatted)

            * There will a USB bootloader available on the badge, so all you need is a PC and the Freescale bootloader software/GUI (available on the DEFCON CD, I can't seem to find it online anywhere) No special debugging or programming hardware is required as was in previous years. A Freescale BDM port is still provided if you do have such tools, which will give you the benefit of single stepping and debugging. I use a P&E Microsystems HCS08 Multilink, but the SPYDER08 modules we gave out last year for the Freescale MC9S08QG8 *might* work with a little finesse and hacking around.

            * The only "expansion hardware" we will be giving away this year are USB connectors and some 2x3 headers for the BDM port.

            * If you have hacked the DC14 or DC15 badges over the past year and want to submit those to the contest, I'll award one as an Honorable Mention.

            * Other than what I am posting publicly to this forum and what might be leaked via the media a few days before the con, no details of the badge will be released until my talk at the opening of DEFCON.

            Comment


            • #7
              Re: Welcome to the DEFCON Badge Hacking Contest

              The Hardware Hacking Village will also have some supporting materials available....

              LosT

              Comment


              • #8
                Re: Welcome to the DEFCON Badge Hacking Contest

                Originally posted by Kingpin View Post
                * The design this year is based around a Freescale Flexis MC9S08JM60 processor. Other notable features include a SecureDigital socket and infrared transmitter and receiver.
                Thank you for the heads up. Skimming the datasheet, there are at least two particular features of that processor that could be a lot of fun... (This is so much easier than the PIC. *shudder*)

                As for the infrared, I'm curious. I know an obvious thing to do (beside the assumed functionality), but I'll have to think about the non-obvious applications. I'm all a-tingle at the prospect of an intentional buffer overflow.

                Originally posted by Kingpin View Post
                * If you want to set up the IDE in advance to save time, you can get the public, freely available version of Freescale CodeWarrior 6.1 Special Edition, which is limited to 32KB of code space and can be downloaded from:
                Windows-only, huh? At least PCs are now fast enough to run VirtualBox (which allows USB pass-through). (Just a heads-up in case someone reading the forums is waiting for the Defcon CD to start work.)

                Thanks for the heads-up. I'm working furiously on a 65C02 project at the moment, but I hope to have enough prep work in place that I don't spend all my time at Defcon playing with the blinking lights. And, yes, I know it doesn't have to be technical, but why aim low?

                Comment


                • #9
                  Re: Welcome to the DEFCON Badge Hacking Contest

                  Originally posted by Voltage Spike View Post
                  Windows-only, huh? At least PCs are now fast enough to run VirtualBox (which allows USB pass-through). (Just a heads-up in case someone reading the forums is waiting for the Defcon CD to start work.)
                  Yeah, the development tools are PC only. I'm not sure if they're planning on porting to any other platforms. All of my firmware development was done on a MacBook Pro running VMWare Fusion with a Windows XP SP2 install, which worked great, even with the USB-based P&E Multilink BDM.

                  Joe

                  Comment


                  • #10
                    Re: Welcome to the DEFCON Badge Hacking Contest

                    noob question: Does one receive the DEFCON CD with the badge at registration?

                    Comment


                    • #11
                      Re: Welcome to the DEFCON Badge Hacking Contest

                      Originally posted by Demo View Post
                      noob question: Does one receive the DEFCON CD with the badge at registration?
                      Yup. All of the info will also be on my website here on the first day of the con:

                      http://www.grandideastudio.com/portf...fcon-16-badge/

                      Joe

                      Comment


                      • #12
                        Re: Welcome to the DEFCON Badge Hacking Contest

                        Another suggestion: could we leave the instructions for the badge out of the program this year? I was really excited when I got my badge, played with it, figured out the behavior, and then started sharing with others what I had found out. It was a fun puzzle, and it encouraged communication with new people.

                        When I found out a few hours later that the instructions were in the program I was disappointed. The badge wasn't a fun Defcon-themed puzzle; it was a toy.

                        Perhaps if people were encouraged to "feel out" the badge a bit more they might become emotionally invested. The process of figuring out the badge may lead them to paths of what they imagine the badge could do. Knowing that help and the tools are available (courtesy the HHV), they could then implement that potential.

                        Just a thought.

                        Comment


                        • #13
                          Re: Welcome to the DEFCON Badge Hacking Contest

                          You can propose that to DT, but in reality, only a small percentage of the thousands of DEFCON attendees will ever really get "emotionally invested" in the badge and most have other things at the con that they're interested in (and just want a quick peek into how the badge functions). So, I think there needs to be a basic user guide. Otherwise, many of the features I spent dozens of hours designing in will never be taken advantage of other than the mighty few who feel like poking and prodding at the badge.

                          So, if the "user manual" ends up in the program, just pretend it's not there...

                          Joe


                          Originally posted by Voltage Spike View Post
                          Another suggestion: could we leave the instructions for the badge out of the program this year? I was really excited when I got my badge, played with it, figured out the behavior, and then started sharing with others what I had found out. It was a fun puzzle, and it encouraged communication with new people.

                          When I found out a few hours later that the instructions were in the program I was disappointed. The badge wasn't a fun Defcon-themed puzzle; it was a toy.

                          Perhaps if people were encouraged to "feel out" the badge a bit more they might become emotionally invested. The process of figuring out the badge may lead them to paths of what they imagine the badge could do. Knowing that help and the tools are available (courtesy the HHV), they could then implement that potential.

                          Just a thought.

                          Comment


                          • #14
                            Re: Welcome to the DEFCON Badge Hacking Contest

                            Originally posted by Kingpin View Post
                            So, I think there needs to be a basic user guide. Otherwise, many of the features I spent dozens of hours designing in will never be taken advantage of other than the mighty few who feel like poking and prodding at the badge.
                            That could be the case, and if it were my baby, I might feel the same way. All that work and nobody doing anything with it?

                            On the other hand, Defcon attendees should be more curious about the electronics they are forced to carry with them. I wonder how many other people deciphered that damn binary stream that ran across every page of the program last year.

                            Originally posted by Kingpin View Post
                            So, if the "user manual" ends up in the program, just pretend it's not there...
                            My will is weak. If I know the instructions are at hand, I'll use them. I'll save my time for reverse engineering information that isn't readily available.

                            Thanks, Joe.

                            Comment


                            • #15
                              Re: Welcome to the DEFCON Badge Hacking Contest

                              Some questions from w1nt3rmut3:

                              1) Will some kind of reflashing of the bootloader be readily available if we really trash the uC?

                              2) If my hack works out (I am prototyping now), it would be useful to have a decent oscilloscope around, > 20Mhz sampling. Will something be available?

                              thanks,
                              -mut3



                              #1: Yes. If you accidentally kill the bootloader, I'll have my P&E Multilink BDM with me and we can reload the entire badge firmware.

                              #2: I'm not planning to personally provide any oscilloscope, but there might be one in the Hardware Hacking Village. A good portable, personal scope would be the USBee (http://www.usbee.com/) or Parallax Oscilloscope (http://www.parallax.com/Store/Microc...%2cProductName)

                              -kp

                              Comment

                              Working...
                              X