Overview

Invisible Threats

For a long time networks have been representing an opportunity for attackers to get initial access to corporate environment. In this challenge, you will be required to take the attacker perspective and try to crack different network passwords, in order to get access to the target. You will be asked to analyze network packages, understand different encryption methods used by 802.11 protocol.

Contestants will be able to earn points by completing challenges and submitting the flags. The challenges have various levels of difficulty, and you will start from the easiest flags that require some basic linux knowledge. The challenges will gradually get harder, as you will be asked to analyze packages in Wireshark, monitor for client-AP handshakes and crack them in order to get access to the network. The hardest challenge will require you to crack a WPA2 Enterprise network.

The wordlist used to crack hashes will be provided by the organizer.

Previous Experience

You should be familiar with:

-basic networking concepts
-basic linux usage
-WiFi package structure
-WiFi encryption
-basic hash cracking (john, hashcat etc.)


For WiFi challenges cheatsheet, we recommend the following GitHub repo:

https://github.com/V0lk3n/WirelessPentesting-CheatSheet.

Goal

Goal of the Competition

/ Collect multiple points by solving the WiFi challenges. WiFi related challenges will require you to crack the password of the network, connect to it, then retrieve the flag from the gateway IP.
/ Enrich your knowledge regarding 802.11 protocol and it’s related attacks.
/ Think out of the box and analyze everything.
/ Sharpen your Linux skills.

Rules

Rules of Engagement

/ Scope Definition: The scope of the competition will be explicitly defined and communicated by the organizers prior to the start of the event. Contestants must adhere to the defined scope, which may include specific targets, systems, or applications within the simulated online banking environment. Any attempts to access systems beyond the scope are strictly prohibited.
/ Denial of Service (DoS) Prohibition: Participants are strictly prohibited from engaging in any form of Denial of Service (DoS) attacks against the competition environment. This includes but is not limited to flooding, overloading, or otherwise disrupting the availability or functionality of systems.
/ Fair Play and Non-Disruption: The spirit of the competition is based on fair play and ethical hacking. Any actions intended to disrupt the competition, such as hiding or tampering the flags once found, engaging in cheating, or sabotaging the progress of other participants, will not be tolerated and may lead to immediate disqualification.
/ Compliance with Laws and Regulations: All participants are required to comply with local, national, and international laws and regulations related to computer security and ethical hacking. Any illegal activities or actions that could potentially harm the competition environment, participants, or external systems are strictly prohibited.
/ Respect for Privacy: Contestants must respect user privacy, and any personal data discovered during the competition must not be disclosed or exploited in any way. Participants are expected to handle sensitive information with the utmost care and ethics.
/ Responsible Disclosure: If participants discover unknown vulnerabilities during the competition, they should report them to the organizers. Exploitation of undisclosed vulnerabilities that were not part of the competition’s scope is prohibited.
/ Time Limitation: The competition is time-limited, and participants must adhere to the specified start and end times. All activities must cease at the conclusion of the competition.
/ Sportsmanship: Participants are expected to maintain a high level of sportsmanship throughout the competition. Any disrespectful or unsportsmanlike behavior towards fellow participants, organizers, or sponsors will not be tolerated.
/ Organizer’s Authority: The organizers have the final authority in all matters related to the competition. Their decisions are binding, and any disputes or rule violations will be addressed by the organizing committee.
/ Consequences of Violations: Violations of these rules may result in penalties, disqualification, or other actions as determined by the organizers, which may include banning participants from future competitions.
/ Invisible Threats is designed to be a challenging but fair cybersecurity competition, and adherence to these rules ensures a positive and ethical environment for all participants.

PRIZES

1st Place – WIFI PINEAPPLE MARK VII
2nd Place – Keylogger ascuns in tastatura USB AirDrive KL02
3rd Place – Keylogger USB Airdrive KL10

REGISTRATION

  1. You need to have an account on CyberEDU. Register here or login here.
  2. Authenticate in your account and click on this link (this is required only the first time). This will give you access to a private space called “DefCamp”. See the picture below.
  3. Register on the contest.
  4. Have fun! 
SPONSORED BY

Sponsors & Partners

They help us make this conference possible.

POWERED BY

Orange Romania is part of the Orange Group, one of the largest global telecommunications operators that connects hundreds of millions of customers worldwide. With over 11 million local customers and an annual turnover exceeding 1.5 billion euros, Orange Romania connects 1 in 2 Romanians and offers an extensive range of communication solutions for both individual and corporate customers, from basic connectivity services to complete mobile, fixed internet, TV packages, and complex IT&C solutions through Orange Business

Orange Romania is the number 1 operator in terms of network performance, and also holds nine consecutive Top Employer certifications, which confirm that Orange Romania, in addition to the remarkable products and services it offers, pays special attention to its employees and working environment. In the past 3 years Orange has launched two 5G Labs in Bucharest and Iasi, that aim to support researchers, startups and companies to test their 5G solutions in advance. 

In addition, Orange is a long-term supporter of the startup ecosystem through the Orange Fab accelerator program designed to support entrepreneurs in the development of innovative products and their distribution locally and internationally.

PLATINUM SPONSORS

SILVER SPONSORS

HACKING VILLAGE PARTNERS

MOBILITY PARTNER

COMMUNITY & MEDIA PARTNERS