SecuraBit

Before It Bytes!

Press Release: The BSides Las Vegas Innovation Challenge

Aka “The Science Fair”

Produced by: A.P. Delchi

OVERVIEW: 

Remember the heady days of the science fair? Demo parties? People coming together to show off the amazing bits of awesome that they had made in their basement? It’s time to revive this tradition and bring it to the modern day security conference. From an open call to the world, twelve teams representing hackerspaces and maker groups will be selected to come to Las Vegas to compete in four categories in front of a panel of  judges to demonstrate what they have accomplished. Awards will be based on cash and hardware provided by sponsors and donations from across the industry. 

THE CHALLENGE: 

Get your hackerspace, maker group, or team of friends who tinker in your basement and prepare your best projects and innovations to be presented to the BSides Las Vegas conference. This is an open call to groups that have established themselves, or are up and coming and ready to amaze the world. Submission methods are up to the group, but videos, pictures and live demonstrations are suggested. The call for submissions will be seeking entries for the following categories: 

Category One: Things that make things.

Did your group build a 3D printer, laser cutter, CNC device or some other piece of awesome that helps you make other things? What did you do with it after you built it? For example some folks have built 3D printers and used them to fabricate parts from skateboard wheels to carrying cases. Show us what you built, and what you built with it!

Category Two: Biohacking

Has your group experimented in gene splicing, implants, aeroponics, automated hydroponics, biofuels or other such biologically inspired projects? Bring your beakers and your Jacobs ladders to the people who rarely hear about such things. Innovations such as a kit to test food to see if it contains GMOs, Innovative home farming methods using automation and chemistry are what we are after.

Category Three: Vehicles

Get out of the garage and in front of the people! Have you turned your ordinary car into a hackmobile? Converted an old school bus into a rolling data center? Does your car have more storage space than your home computer? We are talking more than just thumpy bumpy sound systems – we want to see your home made Batmobile. Atomic engines to power! Nessus scanners active, rolling Wi-Fi hotspots activated! Make it so!

Category Four: Demos

From the good ‘ol days of demo parties, show us what you’ve got! You will have your moment on stage to display your awesome. Remember the talent show scene from Revenge of the Nerds? We now have EL wire and wearable MIDI. Take us on a magic carpet ride of awesome that shows what your team can do. Unlike the other categories, you will perform at the awards party and no one will know until it’s over who will win this category. Clap your hands everybody, and everybody clap your hands!
 
Open submissions start NOW. Submissions can be anything from photographs, videos, live streaming or wherever your imagination takes you. send your YouTube links or other submissions to: [email protected]
 
Six months out from the event a panel of judges will select three submissions from each category for a total of twelve groups who will be invited to come to BSides Las Vegas and make their presentations. From there a second panel of judges hand-picked from the old , new, and weird school will judge the submissions with the winners being announced at an open party during the conference. 

THE PRIZES: 

Prize packages will be determined based on sponsor and donor contributions. At this time hundreds of trained squirrels are working to contact potential sponsors and contributors to make the rewards the best we can muster. As this develops we will keep you updated. 
 
In each of the four categories, the prizes will be : 
  • 1st place : Amazing package of stuff and things, to further your awesome and make your innovations come true. 
  • 2nd place : A not as amazing as first place but still enough to give you toys to take back and build, innovate and make things happen.
  • 3rd place: Guaranteed entry into the competition next year without having to go through preliminary judging. 
Prizes for the first three categories will be awarded at an awards party to be held after judging. The demo competition and awards will happen as part of that party. Plans for live bands, DJ’s and sponsor demonstrations are in the works!

SPONSORS & DONORS: 

Does the idea of a show of awesome and supporting hackerspaces & maker group innovation make you feel warm and fuzzy inside? Do you want to donate hardware from your company, or sponsor the event in other ways?  Let us know! We will be reaching out in every way we can to ensure that the sponsors and donors as well as the participants are recognized in the forward march of human driven innovation. Security BSides Las Vegas, Inc. is a registered Nevada non-profit educational and charitable organization and the contest organizers are ready to work with you to help make this an amazing competition. 

NOW GET OUT THERE AND START BUILDING!

SecuraLabs Challenge #2

This time around we are giving away books!

The contest officially starts NOW and will run until 11:59PM on 11/19.  We will announce winners promptly after that.

Prizes will be awarded to 1st and 2nd place.  Everyone else who scores any amount of points will be entitled to a free sticker mailed to them if they so choose.

You can submit as many times as you wish.  Please do so under ONE email address.  The first person to hit maximum points will win 1st place.  The 2nd person to hit maximum points will be 2nd place.  If no contestant hits maximum points, we will take the highest two scores, in order of submission if there is a tie.

 

Submit to our [email protected]

 

1st place: @binarybitme, completed all 3 challenges and bonus points. Congrats!

2nd place: @zed_0xff, completed all 3 challenges and bonus points.  Congrats!

 

Part 1:  Packet Capture Analysis. (2 points)

Please download this file.  What is the name of exploit kit being used in this pcap (not the verison, you may include the entire string on that line)?  BONUS (1 point):  What is the CVE associated with this?

Part 2: Steganography (3 points)

Please download this file.  You’ll have to have the answer to part 1 in order to fully finish Part 2.  The decryption key will be the main name of the exploit kit all in lower case without spaces, and without the version or anything else on that line in the file (if you email us with what you think it is and it’s close enough i’ll confirm it).  Your answer should be the name of the person whose phone number isn’t like the others.  BONUS (1 point):  Answer the pre-recorded question by emailing us.

Part 3: Reverse Engineering (4 points)

Please download this file.

Submit a working key and serial.  BONUS (1 point): Write a working keygen with dynamic keys.

 

Thanks to Syngress and No Starch our winners will receive a book of their choosing!  We will provide instructions to the winners.

Derbycon Challenge and Attendance Wrap-Up

Hey folks,

This is a wee bit late but we wanted to post the answers to our challenge that we had up before Derbycon.  Fortunately for all, there were enough tickets that nobody actually needed ours.

We had a great time meeting folks and talking security, as well as meeting up with you, our valued listeners on Friday night at Bluegrass Brewing Company (along with fake Russell Crowe!).

Here are the answers to our challenge:

 

1.)  The phrase was “[email protected]” and was inside of a .txt file that was embedded into the PDF we made available.  I utilized a program called wbStego which I believe one or two people figured out and used to find the flag.

For #2 and #3, please see this zip file for the source to both.

2.) The username was user “Jonny Doe” and the password was “Louisville”

3.) The phrase was “I want my derbycon ticket!”.

Derbycon Meetup Friday Night at 10pm!

Join us this Friday 9/30 at the Bluegrass Brewing Company @ 10pm eastern time.  Come by and grab a beer, hang out, and let us throw stickers at you!

The location is:

Bluegrass Brewing Company

2 Theater Sq, Louisville, KY 40202(502) 568-2224 

Here are walking directions as well.  It’s 0.5 miles to walk it, and the weather should be decent enough.

 

**Update:  Check out http://blog.tottenkoph.com/2011/09/28/derbycon-meetups/ for more Derbycon meetups!  Thanks for the mention!!

If you need to contact us follow us on twitter:

@secbitchris
@myne_us
@corykennedy
@mpbailey1911

Derbycon Ticket Challenge!

Challenge closed. tuts for solutions will be submitted soon.

Congrats to our winners who completed all the challenges.

  1. Andrew Fastow              – 13 points
  2. jgor      @indiecom        – 13 points

Thanks to all that participated

Look forward to seeing you next month for our #SecurabitChallenge

 

Read More