Friday, August 15, 2014

Booty Wireless CTF

[This is a write-up of Wasabi's experiences at the 24 hours of Booty, wireless CTF at Unallocated Space. This Wireless CTF was organized by @rmellendick of Defcon's Wireless Village fame. Rick and @DaKahuna2007 also organized last year's wifi CTF for BSides-DC. In fact many of the challenges are the same (Write-up here).]

This version was a sprint of what will be done at DEFCON.

There were 8 challenges

PGP Keys used to submit flags

The team who won had the guy that placed 2nd at DEFCON last year.

I was on a team with Cryptos

Challenge 1
WCTF01 (access point)
  • Open
  • Very specific nmap scan to get .100 to answer it did not respond to quick scans
  • Narrowed search to just port 80 to shorten scan
  • Went to site flag was on the web page
Challenge 2
WCTF02 (access point)
  • Same situation as Challenge 1 but it was on channel 13 for Japan
  • This was not a problem running linux with a alpha card. People using different set ups had to think out of the box.
Challenge 3
WCTF03 (access point)
  • WEP Crack problem
  • Ran Airmon, Aircrack, Airiodump.
  • **Problems getting enough IVs while people were doing other challenges and deauthing.
Challenge 4
WCTF04 (access point)
  • WPA2 challenge
  • did not complete
Challenge 5
WCTF05 (access point)
  • did not complete
Challenge 6
WCTF06 (access point)
Challenge 7
WCTF07 (access point)
  • Hardware specific challenge needed AC card to complete then same as challenge 1
Challenge 8
WCTF08 (access point)

did not complete via technology. Got by seeing other people screens


Power Set up
3 prong plug $3.00

Belkin 6 outlet plug X2 $19.99 each

Attack Setup
12 port powered USB HUB $24.99

TP LINK External Wifi X5 or more $13.65 each

ASUS AC Card $66.99

No comments:

Post a Comment