Re: OpenCTF will be returning to Defcon 22

V& is proud to announce the return of OpenCTF to Defcon 22. Pre-Registration is online at http://openctf.com

Registration is not neccessary, but helps us plan Layer 1 capacity at the con. We will be running the game all day Thursday, Friday and Saturday. Unlike past years and organizers, we are not opening Sunday. This is for a few reasons; One, a few hours of play until 1pm when the contest area closes on Sunday is not worth giving up your Saturday night. Two, we'll probably be too hung over to do math and calculate a winner. Three, Saturday night is for one of many defcon related parties, not for compiling GPU clusters to bruteforce wordlists. (not a hint).

Our game has been designed to allow ALL skill of players to join and have some fun, while allowing the more serious teams to spend their con fighting for points. We will have a good mix of challenges including Forensics, Crypto, and good ol' fashion shell scripts.

Register (or not), and see you at DC22!


-Kajer
Angry Drunken Admin

Re: OpenCTF will be returning to Defcon 22

Any advice for the n00bs? This is my first time at Defcon and a first time for a CTF. This sounds like a lot of fun and great place to learn.

Specifically, I'm wondering if I need to bring a switch/server/UAV... I have diligently searched and read articles, but most have been 3-9 years old. I'm sure these things have evolved somewhat.

Any suggestions would be nice, thanks!

Re: OpenCTF will be returning to Defcon 22

Mystery is the spice of life... :)

Actually, if you read the last few years writeups for games like Ghost in the Shell code, and PPP CTF, you shoud get an idea of what to expect. I will say when playing a CTF at a con, an ethernet hub can be common courtesy as each table usually gets one or two hardlines. As far as laptop? Standard con rules also apply. DO NOT BRING A LAPTOP WITH INFORMATION YOU WANT TO KEEP PRIVATE. Go get a spare HDD and copy of ubuntu 10.04 for the con, and promptly set the disk on fire after you get home.

ctftime.org has links to most all writeups over the last few years.

Re: OpenCTF will be returning to Defcon 22

If you want to see examples of previous CTF challenges and solutions, check out the following: http://www.defcon.org/html/links/dc-ctf.html

These CTF challenges can range all over the map, anywhere from basic web stuff, to reverse engineering application binaries. It nothing else, you can speak with other people at the game and ask to join them. You will learn something new before the end of con and might even meet people you stay friends with long after.

As to what you need to bring, our CTF team always had decent infrastructure with us (server/switch/wiki/chat/VM hosts) so we could adapt to whatever challenge was presented. Since you are solo, if you have a laptop with decent specs, thats a good start. Just be sure to back your shit up before the con. A lot of people have dedicated hard drives they swap out so they dont have to worry about personal stuff being owned while at con. Challenges from previous groups 'ahem' DC9... had a few malicious challenges that fucked a few people. :) lulz

Re: OpenCTF will be returning to Defcon 22

I admit nothing >:)

Re: OpenCTF will be returning to Defcon 22

37 teams registered so far, here's a clue to help prepare.

https://twitter.com/open_ctf/status/...647617/photo/1

Re: OpenCTF will be returning to Defcon 22

If you don't have a team, please come anyway, my team has a couple members that we acquired as drop-ins during previous years.

Generally, the rules for these contests are limited to

* Don't run denial of service attacks against contest infrastructure

* Don't physically damage other peoples gear.

* Don't threaten or put into practice any violence or blackmail.

Generally, attempting to exploit contest infrastructure *is* permitted, as is attacking other teams. At the very least, back up all your data and throughly wipe your system before and after. Preferably, buy a cheap used laptop (2GB+ of RAM and pretty much any CPU is usually fine) and sell it after. I've intentionally rendered opponents computers unbootable (overwrote MBR with a nyancat animation demo) in a previous CTF, though I am nice enough to neither steal nor destroy data. You should assume that all contest binaries have nasty backdoors in them. Another option is to use VMWare player with a Kali Linux ISO and play from there.

Look into CTF writeups, there are a lot of them, and they give a decent idea of what to expect.

Generally, well prepared teams bring their own internet access somehow, preferably several ways, such as mobile broadband devices with multiple providers, and possibly also a router. The DEFCON wireless also works, though I advise you access that through a router that VPN tunnels all traffic using OpenVPN (*not* a PPTP VPN).

Re: OpenCTF will be returning to Defcon 22

I am really surprised nobody has used the alternate registration method yet. Let's get this ball rolling; First team to use the alternate registration method will get something at defcon.

Re: OpenCTF will be returning to Defcon 22

Pre-reg closes on July 25th. 60 teams and counting. Do you have wvdial working yet?

https://twitter.com/open_ctf/status/488061968498958338

Re: OpenCTF will be returning to Defcon 22

Congratulations to JustTheFax. Bring what you have learned to defcon, it will come in useful.