More words of Wisdom from Wasabi's Corner BSides Delaware Recap
Another Bsides and WCTF is in the books. We had a great time and the winner was _r from Team1 with 1910pts. I will give a brief overview and talk about some of the things I saw. Thank you for having us Bsides DE and we look forward to next year.
Thank you Dragorn for sitting in on the WCTF and showing off Kismet it looks freaking awesome.
Thank you to all the competitors who came out and gave it a try. I was glad to see new faces really getting into it. I will see you next time when your skills are better and you get more points.
It as two days of fun indoors listening to a strange mix of music and banter. The usual crew were on-site running the WCTF. The challenges ranged from basic to epic rage quit. Bribes were accepted and points were awarded. The cookies and energy drinks were so very much appreciated.
Now onto the beating of the overly dead horse.
A lot of points were left on the table. Lots. A metric ton. Looking below the scoreboard you can see the available flags and which ones were taken by competitors. All of the SDR flags are still there and the second day foxes were not captured. While _r was at the top of the board on the first day he was unable to attend the second day and while it was possible to catch up, and even pass _r no one did. Between some wifi, a few SDR, and a fox or two another competitor could have crushed the scoreboard easily. The WCTF is a timed event and there are enough points and varying types of wireless flags to choose your own adventure to be successful. Get the most bang for your buck. If something is strange or hard move on and keep trying other things because you might be able to get lots of points instead of pulling out your hair on why WEP is weird and you can't figure it out.
I am not sure what happened. I can’t tell if it's a lack of gear or a lack of proper explanation. The foxes were really not on anyone's priority list. Each fox is 750pts. And on Saturday no one found a fox. There were three foxes out at a relatively small conference. I know not everyone does the WCTF so often that they have all kinds of gear falling out of their bags just ready to do a fox hunt. If this is something you wish to start doing and winning then a fox hunt must be apart of your plan. And it will only get harder at conferences that get bigger such as Shmoocon. Testing your gear and practicing will give you a damn good advantage. Dont skip out on these huge chunks of points. Finding a rogue device is a absolute.
Cheat Sheets and Guides
Make your own cheat sheets and don't over depend on a cookie cutter guide you found on the internet or got from a class. A few people used some wireless guide and it was causing lots of grief. I have heard of reading between the lines but some were skipping right over the text and getting right to the command line parts.
The challenges are set up in very specific ways to be challenging and emulate things seen in the wild. Your cookie cutter article for how to crack wep or get a handshake may not and will not work. Make your own guide so that you don't have to google for all the same articles you have googled at every WCTF. The aircrack-ng suite has many tools and many ways to use the tools. A classroom wifi class has a clear order to things, if you do X and Y you will get Z. A live scenario like the WCTF helps train your creativity that will be helpful on a real engagement. If the standard way to get WEP is not working it’s time to try something different, or take a deeper look at what you are seeing besides the encryption type. Just like pentesting a Windows system you have to properly Enumerate these challenges to be successful.
I will repeat something I said a few times in the WCTF. WEP is not easy. It is vulnerable. You have to do the right things to collect the right things to get the key. No, the challenges are not broken and yes they are working. You need to scan, identify, and notice the “thing” that makes that challenge special and try something and fail. Then try something else.
We try to help and we have to find ways to help that don’t immediately give away the answer. I have sat in your chair and cursed the WCTF team for their vague hints. But I am better at it now because I was forced to get my lightbulb moments to nail the challenge and get the flag.