WCTF Magic as told by a clumsy Magician

the b-sides DC 2016 videos are brought to you by clear jobs net and cybersex jobs.com tools for your next career move and Antietam technologies focusing on advanced cyber detection analysis and mitigation I am wasabi and this is w CTF magic as told by a clumsy magician are there any children in here if your parents brought you hi I'm sorry so I might drop an f-bomb I accidentally say [ __ ] once and well so and I'm not sorry so join the Navy 2001 did 11 years Navy IT some of the coolest cool stuff I did was a mobile comms team one SEAL team one test unit three I did Nyak Maryland just you know pansy IT guy he turned it off and

back on again then I helped stand up Compton fleet which is the Navy's newest cyber command I worked for Admiral McCulloch who stood it up and then I worked for Admiral Rogers as his flag IT for a year before he went and got real cool and got his extra star over at NSA we're did a couple of different places with Raytheon did a couple of stints at DISA worked on CF BL net I was the HBS SP for operationalization of the HB SS across the DoD gig

I was too good at cuddling they kicked me out so who is wasabi so I actually started doing real crap in like 2010 wireless hacking oh [ __ ] I'm on the Chris thanks thanks doctor I'm crimson agents member I go to unallocated I was a keyholder I'm still a volunteer proud tinfoil hat wearer I do fun cool things I also most recently started at American fireworks and I'm actually licensed by the ATF to blow [ __ ] up I am able to store transport and explode [ __ ] the other handsome gentleman on this is mr. Casper himself who is my team lead for blowing [ __ ] up so yes we launched like six inch shells

like I hold up my hand it's like bigger than your head and sometimes [ __ ] catches on fire now that was fourth of July at secrets in Ocean City the whole front of that barge right there is on fire and when we went up there to put out the fire sumit unexploded ordnance actually went off right in front of our face so the objective of this talk so while I'm not going to give you tea GPS and SOPs on how to beat me I'm going to give you everything that I have learned from my perspective of sitting across from the table of the the W CTF guys struggling failing and then winning so this is I mean this is from the the

point of yeah I still lose hardcore I was trying to reflash a raspberry pie last night and I Dede Dover my image I [Applause] wrote from the USB to me

so speaking of failing the very first time I ever went to a freakin b-side security conference anything was b-sides 2013 DC and showed up at the hacker space forgotten was there he's the guy in the bowler hat and the steampunk goggles very great guy sometimes he's like hey I've got an extra ticket I want to split a room I was like I ain't got nothing to do this weekend let's go to a hacker conference right I'm installing Kali Linux on a computer on the drive down it had never had Linux on it before I mean like I'm going from Windows to Kali I'd ran Reaver once I followed the life hacker tutorial on how to crack a WEP

key so I know everything right so I get in there I'm in a room full of hackers they have never done any of this stuff before I don't even know anybody I'm in the back corner I'm watching the presentation that the in dog briefed and I'm just like [ __ ] so then I try to play and my networking doesn't work none of it does it believes it's Hardware disabled I have but I think it's because I'm hacked I'm sitting there and I'm like well that didn't take long so you know you're in a room full of like people that like wear hoodies and live in their mom's basement so of course I've already been owned because I don't

really did not know what I'm doing I was not 400 pounds at the time and where I'm working on it I'm working on my Qualls so after three days of googling after running through forums about Asus and all the cards and adapters the network manager when you first boot it up believes that it's Hardware disabled there's no button it just thinks it's Hardware disabled if you close the lid wait a minute for it to go to standby and open it back up networking starts again

that time it was only three days so in point with that story the only reason I have as a team and an individually I have one now 6wc tf's all along all along the East Coast because I'm not cool enough to go to Def Con or black hat or any of that stuff so I have failed failed a little bit more fail miserably right before conferences up late reinstalling pen two and I'm going to tell you about all this fun so the overview I'm gonna talk a little bit about the game talk about the challenges the methodology team and solo strategy offense defense and of course everybody's favorite gear so

so the W CTF when you go in there you'll see that they've got projected up the scoreboard same style as all kinds of other CTF s'right opponent's points prizes it's a jeopardy style because when you go onto the scoreboard you can see down at the bottom like all the styles of flags you don't have to go in any particular order it's wireless so there's lots of wireless things in the air it's it's not like another CTF where you plug into a switch and you start going this is way more fancy and way more fun so not everybody wins ha you may not beat me this year either it's literally going on right now and there's a bunch of people

in that room scoring points and I'm not there so I'm not to catch up so for the game it's not your standard it's not your mom and dad's freaking CTF if you've got questions ask me sitting in the corner having problems I probably could have got help like I was just too scared and too embarrassed like I literally closed my laptop and went back up to my room hung out for a second you know contemplated life put my laptop away because you know it's ruined because some dirty hacker got me and then I came back down and wandered the hallways of besides DC just kind of you know I'm open to myself but uh look

don't nuke it I've never ran into somebody in that room that's not been like hey I'm having a problem they wouldn't help you if you have a problem today come ask me and I'll help you so don't get stuck don't be like me and spend eight hours of the wireless CTF trying to figure out why I can't break WEP I went down the rowdiest of rabbit holes and nothing would work freaking Rick melon dick came sat down right next to me with the slides that he teaches people how to do this with and it still wouldn't work don't hang there's so many challenges go try something else there are too many things to get you know

caught up on one thing lesson learned so the challenges you've got your Wi-Fi SDR ZigBee bluetooth they've just introduced way more bluetooth they don't have SCADA setup for this one but that's now more involved with it if it's Wi-Fi they're trying it like they've got just like nine access point set up so try some things there are like 15 SDR challenges so don't get stuck on the first one I swear there's more fun to be had so it's wireless think outside the box Internet of Things is becoming a thing sexy time toys are now Bluetooth

there is and I just turned yours up you're welcome so there's actually a point to like you will scan and you will see things and on purpose you will actually not see things like it's these guys are super creative it's staring you in the face and you don't even know it so like try things and if you don't know ask so methodology there's some resources out there do your homework W CTF taught us tons of links tons of resources all their previous presentations all the talks that they've given different conferences everything is there from every single conference SD our ninja what is it sig sig ID wiki there's another one that you can find things i just i have the book hacking

expose for wireless you know I don't have the Windows one because I'm not a cool Red Team guy but uh local hacker spaces we just did classes we did an SDR class Corey from the crimson agents puts on a really great class his presentations for that are actually online at rtl-sdr blog or you could be like me and build row and lab in your basement because you're single and nobody tells me what I can do in my house I

your mom's a really nice lady great cook so I have been paying way too much attention to the gear that they have and I have actually almost completely emulated their lab in our their game in my basement with like the same access point and the same gear I saw what the Wi-Fi Fox was when I find finally found it and I went and bought one of those off of Amazon so I could train with my gear to their gear I lost my son at the Annapolis mall for an hour and a half because I didn't know there was a sleep timer on the USB

we lost my son at the end he was real good at fox fighting so what do you do now I mean you show up you sit down you set up your radios you scan the air see what you see I mean you have the different kinds of challenges so it's whether it's SDR you scan the frequencies if it's Wi-Fi you scan the we fees you know what are you saying what don't you see and take notes take notes take notes take notes because if you've got seven antennas set up like I do and then you do want WLAN one mine for this w land two Mun for that W land three months for that and then I go to

do something else and I come back and I go oh I want to do this thing too so now I've reset w land one Mon to do something else and now all the stuff I was collecting and doing on one is now gone like it's not collecting all the things anymore and I'm not going to get enough IVs so get on this site get registered settle in set up your stuff it's a go only go only after what you're really going after at that exact second you're do not over multitask cuz it's not just that you can't keep up with it your system may not be able to keep up with it if you've got fifteen and Tenace

hooked up you're gonna over saturate your USB bus and you're not gonna be collecting anything so you're not gonna get handshakes you're not gonna get IVs you're not gonna get anything break it down maybe just try out the SDR stuff that way you're only focused on it mmm Google is your friend Google is still my friend I was still googling stuff this morning so I don't know anybody that's literally gone in and cleared the board so there are there's 50 challenges go in there and try it have fun know what you're good at try out the Wi-Fi if Wi-Fi is your thing but you know what I just I went from Wi-Fi to now I'm doing Bluetooth I just

but you'll see some pictures it's inappropriate the amount of gear I have so what if you get stuck use your teammates use other people in the room try a different challenge don't stay on the same one maybe go take a walk maybe go harass the vendors steal pens bags get some swag come back don't don't be like me and spend your entire conference in the W CTF room it's a pretty lame all right so don't be shy you have to actually talk to people because if you're gonna go out and look for the Fox they've natan they named it foxy and I had to walk around and ask grown men and women as myself are you

foxy that's because they're not going to come up and go oh you're in the W CTF here's that thing you're looking for know they're there hiding from you and you've got to find them what signal so I have to go up to people and go are you foxy I kind of use that to my advantage a little bit but don't be this guy at shmoocon I was walking around asking who foxy was with a shirt that says bearded for her pleasure

yeah the looks on people's faces I mean they don't know who I am they don't know that I'm like you know not stranger danger and I'm walking up to them are you foxy alright so team and solo strategy join a team [Music] so as my first story went like if I die I've had I had like one teammate like they could have helped me they could have blown me gear they could have helped me like life boot from something to maybe get my cards working don't don't go at it alone like it's it don't go huddle in a corner but if you're going to try it on your own get the most bang for your buck

there's different score values for all the different things mmm go for the good points go find some foxes go do this go do that because if you're stuck on the 50-point challenge everybody else is scoring all kinds of other points you're not gonna catch up so team strategy break things up use your goods Str guy you have your good Wi-Fi guy or gal have all the things to bring too much gear like I did if you don't whisper and you say a flag I will steal your flag I swear

when you go searching for the Fox that means somebody's still back in the room scouring other points so that you can rise on the board don't show up with 60 people don't be that guy or gal jerks so all my crimson agents had the flu the second day because of the party

so I was by myself and people people I know were really cool somebody went out and got sandwiches I'm also was thoroughly beverage too at charm so I was miserable and somebody went and got me food and they were on their way back with food they released the Wi-Fi hide-and-seek and I wanted my sandwich and it just showed up so I went running through the halls of the Convention Center to find this thing because I was determined I was going to get it it was at the registration table and I was not nice at a registration table I'm glad they tolerated me because I literally pulled up the skirt of the table I was rolling around rolling

around on the floor looking for this thing it was in a paper cup behind a table leg in the back I I was taking up shirts like they did him on nicely stacked and stuff you know like at a store I was the guy that did the water included so offense and defense Josh and general pulled off something cool at shmoocon where he was replaying like DNS where if you went to WC TF taught us on their Wi-Fi he was sending you to their old website and you had none of the current information none of the lists none of the points no scoreboard so offense and defenses in play you're not allowed to do stuff that will get

you in trouble with the FCC like jamming or anything but uh you can absolutely just go in not score any points and just harass everybody with doing stuff it's possible but defenses in play learn how to counteract that learn how to if somebody does do that how to avoid it so somebody was red teaming and I had to figure dit out because I'm looking for the S Wi-Fi fox and I'm looking at my my Wi-Fi analyzer and the signal is getting really strong but it's a competitor and he's walking right by me and it's good oh what's going off and then as he's walking away it starts the signal starts going back down again he's replaying the Fox in his

pocket so now on my side I have to every time I see a good quality signal I have to not look at look around to see that he's not around so that I know it's not him so I found the Fox and I turned it off and then stuck it in my pocket and then went back in the room and of course the WCT f team was harassing me the whole time oh you're gonna find the Fox well everybody thought the Fox was still out because the other guy so everybody was still seeing the signal for that man to dress I I can play dirty too but uh know how to counteract things know that other things

are going on in the room and the reason you're probably having problems are getting the wrong IVs is because somebody else is being a jerk which is allowed gear so

nothing I have is expensive you can go to Micro Center and get most of the stuff to participate Amazon is I like my friend said I need a like to have a breathalyzer on Amazon to make sure that I'm like sober before I go on no your gear know what it can do if you show up with a TP links to to n you're only going to see BG n you're not gonna see AC you might also need an AC card so know that your alpha does this know that your antenna is a nine DVI as opposed to a 3d bi it matters all these things matter test your gear don't do like me and show

up to Delaware with the brand new pen to installed and had not I used it for the SDR class so I had not done any Wi-Fi on it get told by the pen to developer that morning that if I put my wireless card in monitor mode it will kernel panic do you know how hard it is to get pen to downloaded off a hotel Wi-Fi in Delaware they don't even have real internet in Delaware I only know if it's a real state are they the first state that is account no seriously don't take it out of the box that warning from Micro Center and and think that it's gonna do you a lot of good test things beforehand to know

what it can do for you know how far it can see things so I was walking around looking for the SDR Fox and I've got my tablet I've got the RTL SDR and I've got like this telescoping antenna that's up over the top of my head and I've got like this booming great signal and it's the exact same signal no matter where I am in the building so first trick lets me know I'm an idiot because my intent is too good he's you can't find something that's this small right in front of your face with an antenna that's over your head it's not good so he sent me on a scavenger hunt for a paperclip we actually unrolled a

paperclip stuck in the end of my art trtl rtl-sdr and all of a sudden that that giant waterfall I was getting went and I was walking around and it started getting bigger and redder and I found the freaking Fox with a with a paperclip stuck in the end so test your gear know your gear because having the proper antenna a the proper crappy antenna helps you find the stuff actually you don't need the gigantic period log periodic freaking it's you don't need them allegedly so I went from literally nothing like when I showed up at the very first b-sides I showed up with my laptop and my charming personality like that's was it and then I started

acquiring a little bit more and a little bit more you can you can participate relatively cheaply because the Wi-Fi dongles are cheap the SDR like it's all in like the 18 dollar range so you can you don't have to get all of them at the same time pick one and then figure it out but you can you can get up and running with not considering the cost of a laptop you can get up and going for under $100 so random bits and bobs that I've discovered battery packs are great because you're using your phone to go around and look for the foxes and stuff and if you run out of battery you're not gonna find a fox so the

battery packs are great USB hub so the rtl-sdr that the the tp-link the alpha cards all these things when you sew on the laptop when you've got like the ports right next to each other and you're trying to shove all this in like the dongles are too big for the slot so yeah that's what she said so I have never heard that if you've seen my truck

different radios so a theros intel ralink different radios act differently and sometimes people are specifically attacking specific so if it's not working on your tp-link switch over to your alpha card phone or tablet there's really cool apps on the app store pwned pads and/or net hunter all those things you can get cool apps to help you find things and then homemade stuff so because I didn't feel like always having to hold on to that a paper clip on the end of my RTL I took a RP SMA to BNC connector and I hot-glued a paper clip into the end so now I have a professional-grade paperclip antenna it helped me find the SDR foxes it was in a tree for Corey's

class like we're in a park area and I found it in the tree cuz like when I when you're far away the signal really sucks but when you start getting up closer like it it's it starts focusing in your waterfall starts opening up like you're in there so there's not a picture from my first B sized DC because I didn't take anything so I can't take a picture of nothing for 2014 that's my little cool set up there with a little Pelican and Mike that's actually the laptop of the networking problems by the way and that's dan from the W CTF team he has a USB hub with a bunch of antennas stuck in it so the next year what do I have I

have a USB hub with a bunch of antenna stuck in it because don't reinvent the wheel if somebody he went in there and won the competition so why don't I just get the stuff he's got to win the competition so my gear progressed so now the gear I brought to here today

actually there's not enough laptops in that picture I actually have four laptops here so the bottom right corner is now all the SDR stuff cuz I'm trying to do SDR those are for Wi-Fi pineapples why don't I need four

I'm an adult I do I'm single nobody tells me not to buy crap so my mom is a nice lady how dare you so uh there's AC cards there's Alfa cards there's the TP links get those really cool bags in the front with all the bungees and stuff because it holds your gear real nice like and keeps it keeps it safe from the bottom of your bag I'm also currently working on something really cool right now with war collar to make a war walking rogue device detection thing that's going to go in like a an Xbox controller that you can walk around and find things so

so limit limitations do not do the 20 hub USB thing because your processor can't take it the bus can't take it don't lose track your work know what you're working on know what you're doing focus in your computer may just crash you do not have the resources unless you brought your gaming rig to do everything at the same time know what your gear will do for you I keep talking about that soon you know like it like college like when they stomp when they're telling you the answer so this one's fun I had it on good Intel that the SDR Fox was going to be at the shmoocon party and Cori let me borrow his

hack RF with the Porta pack and had a little floppy VHF antenna on it and I'm walking around looking and I mean I'm working but I'm playing as well so I had like 9 ciders we were doing all the things for a fallen comrade so I had had a plethora plethora of White Russians [Music] I was thoroughly beverage and about an hour after not finding anything the W CTF team came up to me and goes have you been looking at Twitter I'm not looking at Twitter I'm trying to find this stupid fox so the Fox left an hour ago so I'm literally walking around looking for nothing so I'm the weirdo with this stupid weird

gear in my hand so I decide it's time for trolling so like the TSA I started wandering people so this is that weird gizmo and I'm walking up like literally visa

the looks on people's faces adela where there was a guy that had heard about me from other friends about the guy at the party stealing people's credit card information this does not do that but it's just this gizmo that like not everybody does Wireless so they don't know that that's a hack RF or the Porta Pak is some weird guy at a hacker con party that said huh Master Card I

was thoroughly beverage I don't recommend doing some of this stuff because people might get mad and I'm fluffy so I might be able to take a punch to the face so that was my protege for b-sides charm when we won give back help other people bring everybody into the fold let's do this in the hacker community all right thank you thank the Wi-Fi Village Thank You b-sides thank you to everyone [Applause]