This is a Capture The Flag (CTF) cyber security challenge in Western Australia. A two day event where your skills will be pitted against a range of technical challenges. A cyber security CTF is a type of information security competition where players solve security challenges from categories such as digital forensics, web application exploitation, and cryptography to get flags. Each flag has a points value associated with it based on the difficulty of the challenge. After the success of the first WACTF in 2017, we’ve decided to do it all again with a completely new set of challenges for WACTF 0x02.
This CTF has been built by members of the Perth security community. It’s not a set of theoretical challenges, it’s built from real life examples by people who work in the security field – penetration testers, developers, forensics specialists, etc. – with considerable input from industry. We’ve come together to put this event on to help uplift the profile of cyber security in W.A. – helping not only introduce new people to the field, but also to put industry and individuals together to help stop the brain drain (the exit of talent from WA) that we are seeing.
WACTF is open to individuals and teams up to four players. There are restrictions as to who can claim prizes, see the eligibility section. Registration for all players is necessary. The game will be played onsite where hacker juice and snacks will be provided to players. You will need to bring your laptop with wireless capability.
Prizes - which include a trip to BSides Canberra 2019 - will be awarded to the eligible teams that finish the game in the top places of the scoreboard. The awards ceremony will be a casual event held at the Joint Cyber Security Centre where industry and academic professionals scouting the next generation of Australian cyber security talent are invited to come along.
Registration: Via this form
Open until 24th of November
CTF Time/Date: 09:00 - 17:00 WST
1st & 2nd of December, 2018
Game Location: Level 1, Bankwest Place. 300 Murray Street, Perth
What to bring: Your haxing laptop with wireless capability & ID if you’re eligible for prizes
Awards Ceremony: 17:30 - 19:30 WST 4th of December, 2018
Ceremony Location: Joint Cyber Security Centre
Level 15, 1 William St, Perth
The information security experts who contributed their technical ability to WACTF can be found here.
We also have door prizes – including 10x $50 JB Hi-Fi vouchers thanks to Bankwest – as well as a bunch of other tech swag to give out over the weekend too!
This game is open for people in Western Australia who are starting out or hoping to start out in the information security or penetration testing field. To be eligible for prizes you must fit into one of the following categories:
If you fall outside of the list you’re still welcome to register and play; however, you won’t be eligible for the prizes.Tweets by capture_tf
Registration is closed. Follow us on Twitter to keep informed.
Level 1, Bankwest Place
300 Murray Street, Perth
One of the core aims of WACTF is to bring together industry and individuals. We see too much good talent leaving WA due to an overall low level of awareness of the need for cyber-security related skills, or the inability for entities to find the right talent.
If you would like to come along to WACTF as an observer, or attend our awards and networking session following the event, please register your interest in the form to the right and we’ll keep you informed as we progress.
We are open to additional industry involvement and support to help make WACTF even more successful. If you would like to get involved to support, please get in touch here.
Thanks to the fantastic Bankwest venue, we have a dedicated room (right next to the main game room) where we are able to run talks, panels and other good things for our WACTF competitors. All of the talks are run by people in industry sharing their knowledge with those starting out / wanting to start out. Come along, ask questions, learn things.
Talks are free to attend, and you can come to as many or as few as you like. There’s no need to register for any of them, just show up. We’ll also announce the talks in the main games room before they commence too.
If you’re new to this, we strongly suggest that you attend the very first talk (Saturday 10am) on getting started for your first CTF.
Speaker: Clinton Carpene / @swarley777
An introduction into capture the flag competitions. Bring your laptop along as this talk will address common CTF challenge types, workflows, and (most importantly) appropriate tools and environment setup.
Speaker: Adam Foster / @evildaemond
You've breached the perimeter, you're in :shades: Now what? The account is a low privileged user with very little access. This talk is a quick introduction to privilege escalation - using that low level account to get higher privileged access and eventually, root.
Speaker: Rami Tawil / @drunkrhin0
Passwords have been used for years, but how secure are they REALLY? This talk explores why passwords are actually insecure and why human password culture is so poor.
Speaker: Luke Healy / @I_uuke
Like the sound of buffer overflows and stack smashing but don't quite get it? Want to learn about the way stack memory can be manipulated and programs can be coerced in to running arbitrary code? This is a live, start-to-finish exploitation demo of a buffer overflow vulnerability in the freefloat FTP server. This is aimed at anyone who has heard of "buffer overflow", especially those who have a rough idea about how memory/CPU registers and machine code execution works.
Speaker: Cairo Malet / @caiwrote
As security tech gets better, attackers are moving away from hacking networks and systems and finding an easier target - the soft, gooey humans behind the computers. This talk covers the basics of social engineering concepts, the psychological weapons used by attackers and how to run a typical social engineering engagement for a client (NOT for crime).
Come along and chat with people working in various cyber-security roles across Perth – across areas such as governance risk and compliance, defensive security, advice and consulting. Find out how they got into their roles, what a typical day consists of and more... Who knows, you might just find your niche ;-)
Speaker: Ben Hindmarsh / @snidepiano
What is the mystical Digital Forensics and Incident Response (DFIR) field and what does it entail? A brief look at the DFIR fields and their place in industry. Also a look at Forensics in CTFs (tips, techniques etc.).
Spacecubed have provided us with two complimentary places to their next Pre-Accelerator Sprint to award to two people who are starting out, or who want to start out their own business. Run part-time (one evening per week) over six weeks from March 2019, this accelerator will connect you with business mentors, help you build your business plan and help grow your knowledge and your business idea.
Full details of the programme are available here.
The Competition: To win one of these places (valued at over $1,000 each), come along to this session and give us a 3 minute overview as to why you think that you would benefit from the placement. Pretty simple ;-)
And finally, whilst you need to meet certain criteria to be eligible for the other WACTF prizes, this competition is open to anyone who attends WACTF.
Setting up for your first CTF
Time: 10am - 11am
Difficulty: 0/5 Beginner
Fireside chat: I work in cyber security, ask me anything
Time: 12:30pm - 1pm
Difficulty: 0/5 It's a Q&A session
Is your [email protected]! really secure??
Time: 1pm - 1:20pm
Difficulty: 1/5 No prior knowledge needed
Smashing The Stack: A quick tutorial
Time: 3pm - 4pm
Let's hack humans! A beginner's guide to social engineering
Time: 10am - 10:40am
Difficulty: 2/5 No prior knowledge needed
Intro to forensics
Time: 12pm - 12:30pm
Difficulty: 2/5 Some knowledge of operating systems and file systems will be helpful
Beginner's guide to Linux privilege escalation
Time: 12:30pm - 1pm
Difficulty: 2/5 Some Linux knowledge recommended
A place in Spacecubed’s Plus Eight Pre-Accelerator Sprint
Time: 1pm - 1:30pm
Difficulty: 0/5 If you have a business idea and want a place in an accelerator program, pitch to us and a spot could be yours