Tweet
Announcing The DefCon 15 Wireless Contest
(queue Thus Spake Zathrustra)
Are you a freq-geek? Think your WiFiFu is hot? Get high from sniffing packets on the ether? Think you're a great lover? We can't help you with the last one, but get ready because here's your chance to prove the rest of those outlandish claims to the world.
Compete in the Wireless Contest, and we can validate you self esteem, at least in the geeky stuff.
The Wireless Contest, following the format for the past few years, will be a series of "Mini-Contests". You can compete in only a single mini-contest or all of them. We recommend that teams be formed to fill in different skill areas.
We are allowing a unlimited number of Teams -subject to resources- limited to 3 people each.
First Place winners of individual mini-contests events get prizes and with a top prize will be awarded for the best overall of the contests.
A common problem with the Wireless Contest in the last few years, is that some potential competitors felt that they didn't have the skills to even try. As a result, fewer competitors kept signing up. To elevate this, the Wireless contest this year is tied in heavily with the Wireless Village. If you want to compete in the contest, but feel you don't have a needed skill, you can come to the Wireless Village before a mini-contest and learn the needed skill at the one of the Wireless Village's world-famous Breakout Sessions. You walk in having no skills but a willingness to learn, learn a skill in an exciting breakout session taught by an expert, then go out and compete and the beat the pants at those loudmouth teams who said they'd pwn you.
Learn + Touch = DO!
If you've been visiting relatives on Mars or otherwise occupied so that you're not reading through the DC Fora and don't know about the Wireless Village, you should look here:
https://forum.defcon.org/forumdisplay.php?f=326
The schedule for the Mini-Contests is still being worked out and will be posted here when finalized.
Now, on to the Mini-Contests:
WEP Cracking Breakout Session and Mini-Contest
WEP cracking is so...2002...or is it? This breakout session and mini-contest is especially designed for the newbies whose wireless ability is limited to using your neighbor's open access point! Whether you have never used wireless before (there might be a few of you) or just want to brush up on your skills, if you're interested in WEP cracking, then this breakout session and mini-contest are for you.
The fun begins in the Wireless Village with a breakout session entitled "WEP Cracking 101." Don't fear if you've never heard of Shamir; by the end of this breakout your Wi-Foo will include Fluhrer and Mantin, too!
We'll start with a brief history of the 802.11x standards, including the development of WEP. We'll move on to its weaknesses and vulnerabilities, and discuss how to implement attacks. Finally, we'll demonstrate some basic WEP attacks.
The mini-contest will follow in the Contest area, with a series of WEP cracking challenges. The ultimate goal, of course, will be to recover the WEP key for each challenge. The first challenge might be easy, however, expect a few roadblocks in your quest for succeeding keys.
================================================== ===================
Tiered Wireless Challenge
Are you prepared for the Tiered Wireless Challenge? After the practical wireless breakout you just might be. This breakout will give you the basic knowledge and tactics to gain a deeper understanding of Wireless 802.11 uses and misuse. The breakout will take you from hidden SSID through WPA2 cracking as well as the out of the box tactics that are necessary to survive.
How fast can you break into all of our access points? Want to find out? Teams of up to 3 competing against each other to break everything from WEP to WPA2. Highest number with the fastest overall time wins. Do you have what it takes?
Rules: No DDoS of the Access Points. this will cause a DOS on you and disqualify your team.
Minimum Requirements: Computer with wireless 802.11 capabilities. Wireless scanning capabilities using Kismet or NetStumbler. Ability to run CoWPAtty and other Linux tools (Live CD acceptable).
================================================== ===================
Direction Finding breakout and contest
Can you find a needle in a hay stack blindfolded while locked in a trunk? Or can you literally not find your ass with both hands? Either way, the fundamental skill of finding rogue access points to apply the IT cluebat is direction finding.
Even if you don't know anything about radio propagation or reflection, never fear. Things begin with a breakout session in the Wireless Village by Renderman, veteran of the Defcon wardriving contests, who will teach you everything you need to know or ever wanted to know (and some things you probably didn't want to know) about radio direction finding.
Put your newly acquired skills to to the test. An hour after, the direction finding contest will pit teams against each other to locate a number of access points in the shortest time. Be prepared though, finding them is one thing, finding the next one will require some puzzling.
Recommended minimum system: Laptop/PDA capable of running some wardriving app (NetStumbler, MiniStumbler, kismet, etc) and compatible card. Directional antenna not necessary.
================================================== ===================
WPA breakout and contest
WPA may have replaced the bug ridden WEP as the defacto 'secure' standard for wireless but that doesn't meant that it doesn't have it's own problems.
There will be a breakout, run by RenderMan in the Wireless Village that will go over all you need to know. Even if you don't know what WPA stands for, by the end you'll know everything you need to audit WPA and WPA2 networks and recover weak passphrases with ease. Even if you know all about WPA, come by and bring a 40+GB USB hard drive and get a free copy of the Church of Wifi WPA hash tables and save yourself the download time.
Afterwards, apply your new l33t skillz and join in the WPA cracking contest and take a whack at recovering passphrases 'in the wild'.
Prizes to the first teams to recover passphrases and login get the glory.
Recommended minimum system: Laptop with WPA2 cracking capable software (CoWPAtty 4.0) and compatible wireless card, Backtrack 2 Live CD recommended.
================================================== ===================
RFID Mini-Contest
Do you think you know your ID from your RF? This is your chance to search through the mere mortals of DefCon and figure out who are the cyborgs transmitting their ID numbers out into the void.
The RFID mini-contest will require the contestants to track down DefCon attendees who have secreted an RFID tag someone on, about, or perhaps even in their person. The winner will be the first team to locate the all the correct tags and present a list of all those tag numbers and the names/nicknames of those carrying those tags to the organizers.
Several special conditions will be announced at the start of the RFID mini-contest that are guaranteed to make it exciting.
To compete in this contest, you will need a reader capable of reading low-frequency (125 kHz) passive RFID transponder tags and displaying the tag's number. You will also need some way to record those numbers. We don't care how you record the numbers, and we'll honor anything from a MySQL database to a pencil and paper as long as you can show us a list of the ID numbers. The tags used will be the Parallax 50 mm passive RFID Round World Tag or equivalent. We suggest using the Parallax RFID Reader Module. MAKE Magazine Issue 06 has a great article by Joe Grand on how to construct an easy-to-build RFID wand using the Parallax RFID and a minimum amount of other components.
If you don't know about much about RFID technology but are excited about it, the Wireless Village will be hosting an RFID breakout session before this contest. Participants will be shown how to construct an RFID wand similar to the design in the MAKE article mentioned above. The session will be hosted by Thorn, who was the lead author of the book "RFID Security" by Syngress Publishing. Parallax, Inc. has generously provided RFID readers and LCD displays for the breakout session.
Registered teams that have not been able to obtain their own RFID readers may be able to borrow an RFID breakout session kit from the contest organizers. This offer is limited to the first 8 teams that register. These kits must be returned intact to the contest organizers at the completion of the contest.
In other words, you can come to the Wireless Village breakout session, learn about some RFID tools and techniques and then borrow everything you need to compete in and own the contest! Conceivably, the winning team could be comprised of people who knew nothing about RFID two hours before they started!
50 mm passive RFID Round World Tag
http://www.parallax.com/detail.asp?product_id=28142
Parallax RFID Reader Module.
http://www.parallax.com/detail.asp?product_id=28140
MAKE Magazine
www.makezine.com
Rules:
1) Contestants must be able to detect and read low-frequency (125 kHz) passive RFID transponder tags. These tags are the Parallax 50 mm passive RFID Round World Tag or equivalent.
2) Contestants must stay within the DefCon convention area. Leaving the DefCon area is grounds for disqualification.
3) There are a minimum 10 RFID tags scattered among the convention area.
Some of those tags are red herrings. Other (non-contest) tags may be present. The contest organizers may not have any control over these tags.
4) The winning team will be the first team to locate the all five (5) _correct_ tags and present a list of all those tag numbers and the names/nicknames of those carrying those tags to the contest organizers.
5) The contest organizers may impose several special conditions to keep the contest interesting, challenging and fun. If used, these special conditions will be announced at just prior to the start of the RFID mini-contest.
(queue Thus Spake Zathrustra)
Are you a freq-geek? Think your WiFiFu is hot? Get high from sniffing packets on the ether? Think you're a great lover? We can't help you with the last one, but get ready because here's your chance to prove the rest of those outlandish claims to the world.
Compete in the Wireless Contest, and we can validate you self esteem, at least in the geeky stuff.
The Wireless Contest, following the format for the past few years, will be a series of "Mini-Contests". You can compete in only a single mini-contest or all of them. We recommend that teams be formed to fill in different skill areas.
We are allowing a unlimited number of Teams -subject to resources- limited to 3 people each.
First Place winners of individual mini-contests events get prizes and with a top prize will be awarded for the best overall of the contests.
A common problem with the Wireless Contest in the last few years, is that some potential competitors felt that they didn't have the skills to even try. As a result, fewer competitors kept signing up. To elevate this, the Wireless contest this year is tied in heavily with the Wireless Village. If you want to compete in the contest, but feel you don't have a needed skill, you can come to the Wireless Village before a mini-contest and learn the needed skill at the one of the Wireless Village's world-famous Breakout Sessions. You walk in having no skills but a willingness to learn, learn a skill in an exciting breakout session taught by an expert, then go out and compete and the beat the pants at those loudmouth teams who said they'd pwn you.
Learn + Touch = DO!
If you've been visiting relatives on Mars or otherwise occupied so that you're not reading through the DC Fora and don't know about the Wireless Village, you should look here:
https://forum.defcon.org/forumdisplay.php?f=326
The schedule for the Mini-Contests is still being worked out and will be posted here when finalized.
Now, on to the Mini-Contests:
WEP Cracking Breakout Session and Mini-Contest
WEP cracking is so...2002...or is it? This breakout session and mini-contest is especially designed for the newbies whose wireless ability is limited to using your neighbor's open access point! Whether you have never used wireless before (there might be a few of you) or just want to brush up on your skills, if you're interested in WEP cracking, then this breakout session and mini-contest are for you.
The fun begins in the Wireless Village with a breakout session entitled "WEP Cracking 101." Don't fear if you've never heard of Shamir; by the end of this breakout your Wi-Foo will include Fluhrer and Mantin, too!
We'll start with a brief history of the 802.11x standards, including the development of WEP. We'll move on to its weaknesses and vulnerabilities, and discuss how to implement attacks. Finally, we'll demonstrate some basic WEP attacks.
The mini-contest will follow in the Contest area, with a series of WEP cracking challenges. The ultimate goal, of course, will be to recover the WEP key for each challenge. The first challenge might be easy, however, expect a few roadblocks in your quest for succeeding keys.
================================================== ===================
Tiered Wireless Challenge
Are you prepared for the Tiered Wireless Challenge? After the practical wireless breakout you just might be. This breakout will give you the basic knowledge and tactics to gain a deeper understanding of Wireless 802.11 uses and misuse. The breakout will take you from hidden SSID through WPA2 cracking as well as the out of the box tactics that are necessary to survive.
How fast can you break into all of our access points? Want to find out? Teams of up to 3 competing against each other to break everything from WEP to WPA2. Highest number with the fastest overall time wins. Do you have what it takes?
Rules: No DDoS of the Access Points. this will cause a DOS on you and disqualify your team.
Minimum Requirements: Computer with wireless 802.11 capabilities. Wireless scanning capabilities using Kismet or NetStumbler. Ability to run CoWPAtty and other Linux tools (Live CD acceptable).
================================================== ===================
Direction Finding breakout and contest
Can you find a needle in a hay stack blindfolded while locked in a trunk? Or can you literally not find your ass with both hands? Either way, the fundamental skill of finding rogue access points to apply the IT cluebat is direction finding.
Even if you don't know anything about radio propagation or reflection, never fear. Things begin with a breakout session in the Wireless Village by Renderman, veteran of the Defcon wardriving contests, who will teach you everything you need to know or ever wanted to know (and some things you probably didn't want to know) about radio direction finding.
Put your newly acquired skills to to the test. An hour after, the direction finding contest will pit teams against each other to locate a number of access points in the shortest time. Be prepared though, finding them is one thing, finding the next one will require some puzzling.
Recommended minimum system: Laptop/PDA capable of running some wardriving app (NetStumbler, MiniStumbler, kismet, etc) and compatible card. Directional antenna not necessary.
================================================== ===================
WPA breakout and contest
WPA may have replaced the bug ridden WEP as the defacto 'secure' standard for wireless but that doesn't meant that it doesn't have it's own problems.
There will be a breakout, run by RenderMan in the Wireless Village that will go over all you need to know. Even if you don't know what WPA stands for, by the end you'll know everything you need to audit WPA and WPA2 networks and recover weak passphrases with ease. Even if you know all about WPA, come by and bring a 40+GB USB hard drive and get a free copy of the Church of Wifi WPA hash tables and save yourself the download time.
Afterwards, apply your new l33t skillz and join in the WPA cracking contest and take a whack at recovering passphrases 'in the wild'.
Prizes to the first teams to recover passphrases and login get the glory.
Recommended minimum system: Laptop with WPA2 cracking capable software (CoWPAtty 4.0) and compatible wireless card, Backtrack 2 Live CD recommended.
================================================== ===================
RFID Mini-Contest
Do you think you know your ID from your RF? This is your chance to search through the mere mortals of DefCon and figure out who are the cyborgs transmitting their ID numbers out into the void.
The RFID mini-contest will require the contestants to track down DefCon attendees who have secreted an RFID tag someone on, about, or perhaps even in their person. The winner will be the first team to locate the all the correct tags and present a list of all those tag numbers and the names/nicknames of those carrying those tags to the organizers.
Several special conditions will be announced at the start of the RFID mini-contest that are guaranteed to make it exciting.
To compete in this contest, you will need a reader capable of reading low-frequency (125 kHz) passive RFID transponder tags and displaying the tag's number. You will also need some way to record those numbers. We don't care how you record the numbers, and we'll honor anything from a MySQL database to a pencil and paper as long as you can show us a list of the ID numbers. The tags used will be the Parallax 50 mm passive RFID Round World Tag or equivalent. We suggest using the Parallax RFID Reader Module. MAKE Magazine Issue 06 has a great article by Joe Grand on how to construct an easy-to-build RFID wand using the Parallax RFID and a minimum amount of other components.
If you don't know about much about RFID technology but are excited about it, the Wireless Village will be hosting an RFID breakout session before this contest. Participants will be shown how to construct an RFID wand similar to the design in the MAKE article mentioned above. The session will be hosted by Thorn, who was the lead author of the book "RFID Security" by Syngress Publishing. Parallax, Inc. has generously provided RFID readers and LCD displays for the breakout session.
Registered teams that have not been able to obtain their own RFID readers may be able to borrow an RFID breakout session kit from the contest organizers. This offer is limited to the first 8 teams that register. These kits must be returned intact to the contest organizers at the completion of the contest.
In other words, you can come to the Wireless Village breakout session, learn about some RFID tools and techniques and then borrow everything you need to compete in and own the contest! Conceivably, the winning team could be comprised of people who knew nothing about RFID two hours before they started!
50 mm passive RFID Round World Tag
http://www.parallax.com/detail.asp?product_id=28142
Parallax RFID Reader Module.
http://www.parallax.com/detail.asp?product_id=28140
MAKE Magazine
www.makezine.com
Rules:
1) Contestants must be able to detect and read low-frequency (125 kHz) passive RFID transponder tags. These tags are the Parallax 50 mm passive RFID Round World Tag or equivalent.
2) Contestants must stay within the DefCon convention area. Leaving the DefCon area is grounds for disqualification.
3) There are a minimum 10 RFID tags scattered among the convention area.
Some of those tags are red herrings. Other (non-contest) tags may be present. The contest organizers may not have any control over these tags.
4) The winning team will be the first team to locate the all five (5) _correct_ tags and present a list of all those tag numbers and the names/nicknames of those carrying those tags to the contest organizers.
5) The contest organizers may impose several special conditions to keep the contest interesting, challenging and fun. If used, these special conditions will be announced at just prior to the start of the RFID mini-contest.
Comment