We had an amazing time at Hackmiami Hackers Conference 2013. We had a good crowd playing CTF, helped with the screening of REBOOT the film, then we helped at the Hackmiami P0wn OFF. Thanks to all who came to say hi, played and helped us setup the P0wn OFF. Also thanks to those who were covering the event @rollingstone , @lukewearechange , @hackmiamiradio .
We are almost there!. The first ever hacker’s conference in South Florida! and we are proud to be part of it. REGISTER HERE !! hackmiami.com
As a celebration of this event we will be mixing up challenges from all the K&&K CTFs so far… (Around 50) . NO we will not be releasing Kaza B@B1L0N1A yet… (It is almost ready though…) .
We will be having the CTF ALL Saturday until 12. AM or until people leaves for the awesome parties that are planned for the event. On Sunday we will be providing the infrastructure for the Hackmiami 2013 P0wn-Off – Pentest Tools Shootout . We heard some exciting new features on some of the leading commercial pentest tools will be released as well.
Come and join us have some fun and hack away. As always be prepared for combat. Do not bring any personal, corporate, sensitive computer you do not want compromised, but bring your evil toolz of trade
At Kommand && KonTroll CTF anything goes… With exception of 3 clearly defined IP addresses (network is private with no out to internet)the rest is pretty much fair game. If you find a VM that is named ’Yo momma is… or F … YOU… ‘ it is likely that someone put it in there and is not part of the game. In Austin someone cloned a zombie and made it into a honeypot.
In Orlando someone was putting false flags in targets and also someone completely jammed the cellphones at the ctf room and the following object was found under one of the tables …
Red Team in action…
For the first time in K&&K CTF we had a red team pretty much going around the network and tricking players into clicking stuff… here is some of what happened…
We had an incredible time and we hope you did too. Below find some pictures of the event. We will see you next at Hackmiami Hackers Conference 2013 on 05-18 and 05-19. You can always reach out to us at [email protected] if you have any questions. See you then. Prepare for combat…
Awesome time at Bsides Austin, TX. Incredible conference, well organized, great content and most of all some of the best players in the country. We would like to thank Prolexic technologies @prolexic , Michael Gough @hackerhurricane and the team at BsidesAustin for their invitation and hospitality during our time at Bsides Austin.
Last but not least much props to @mauvehed who not only was part of the winning team but provided us with some awesome mixes and mixed live during the CTF. Here is one of his awesome sets at DEFCON 19. Below also find some pictures of the event.
For those who wonder how to have us at your conference, we will go anywhere as long as it is feasible and you give us some time ahead to plan. You can reach out to us at [email protected]
… And the 2013 U.S tour continues… We will see you at Bsides Orlando on April 13-14…
Amazing night at CapitolHillCTF finals! Playing CTF at Mansion O in Washington D.C was an absolute trip. Thanks everybody that attended and helped with the event specially Jim from NimbleSec, Ivy , Nick Farr, and Cassandra Sechler whose video creations were shown during the CTF for those who wonder about some of the videos shown during competition.
CTF was hard fought, most of the teams were scoring one after the other. FDG team won competition by creating a SCADA exploit against one of the targets during the competition. We had some incredible players it was really good to see you all there, thanks again.
Here is the final pic of the scoreboard. We used the PTCORESEC scoreboard for this game.
Here are some pics of the event as well…
Of course much thanks to the Sponsors who made the event possible.
We will be in Washington DC during the ShmooCon weekend running the finals at the retired spy mansion at the Capitol Hill CTF event. We had some great teams at the pre quals and we expect the finals to be even better.
Amazing event at Tampa ISSA!. Congratulations to the winners Hackmiami NG team. Shout-outs to the Whitehatters Computer Security Club. We had the biggest attendance ever during the Tampa CTF. Much thanks to the Tampa bay ISSA chapter specially Joe Partlow who made this event possible. Of course much thanks to the Miami P0wn Machine team. Below some pictures of the event. Stay tuned for future dates.
…oh yes the music
We always get asked about the music. Here are some of the mixes played during the CTF by DJ %27 truly yours
On September 22nd we will be in Tampa at American Legion on the corner of Dale Mabry and Kennedy Blvd (3810 W. Kennedy Blvd. Tampa, FL 33609). Be prepared for another awesome time of p0wning, great music, chili cook off and party.
Remember to read K&&K CTF II before you play so you are ready to play by the time you get there. The Samurai CTF will also be there for those who want to play entry level game.
One more thing… In FLL one of the teams was completely knocked out of the competition as their switch was compromised and rendered useless. Remember… in K&&K CTF all goes including attacking your computer, your switch, your msf pro… hint, hint…
Make sure whatever you put at the K&&K CTF network is hardened. Prepare for combat… Good luck.
Another amazing Hack The Flag!. Thanks to ISSA South Florida. All teams did good and for the first time more people played K&&K CTF than Samurai CTF!. All teams scored and compromised several hosts as for the total number of targets no team got over 30% of the whole game.
Congratulations to Broward Hackerspace the defending champions @n00bznet @arsecroft @d1sc0rd1an . We are of the opinion that Hack The Flag should be a full day event and more frequent. That may actually become a reality in the near future …
We will see you on September 22nd at the ISSA Tampa Capture The Flag event. Stay tuned for future dates below some pictures of the event.
On August 11th we will be at the Ukranian Church (5031 S.W. 100th Avenue, Cooper City, FL 33328) for the release of Kommand && KonTroll CTF 2 “Revenge of the Carders”. Here is the registration link and what you need to know before playing:
We will try to start as early as possible make sure you come early to setup and read carefully about the things you will need to bring to the game. Game has grown in number of challenges, and there will be binary, web app and network type of challenges. Try to have a diverse team.
Rapid 7 will be sponsoring CTF, you should try Metasploit Pro as it may be useful on a few challenges. The rest you will be on your own…
As always the music will be awesome and you’ll notice quite an upgrade on the video setup.
As part of Hackmiami support and contribution to HOPE Number 9 we are taking our new setup of Kommand && KonTroll CTF 1 to the conference. You will be able to see for yourself, attack and defend against some of the most popular malware crimeware tools in the wild. Last chance to play Kommand && KonTroll CTF 1. See you there!.
Awesome time in Tampa at the WCSC. We had a good crowd of players and lots of fun. Broward Hackerspace/303 came back with a VENGEANCE absolutely OWNING IT ALL!!!
It was awesome to see the winning team p0wn target by target, a team composed of great people (Some I’ve played CTFs with..) and with a diverse and rich skills in many different areas. Only a team like that can win K&&K… and they did it.
I would like to congratulate and thank the winning team @n00bznet , @shitroamersays , @kingtuna , @d1sc0rd1an , Pr0xy , Alex and Raj for winning the CTF. All I can say is this… 45 mins before ending game all they had was C&C connected to a BeEF server via firefox…. that was it… from there they went all they way up until completely owning C&C… Once again congratulations. We always learn from players.
Also many thanks to Zak and the people at WCSC that hosted us at their place at USF.
As for the music we had a little of Dubstep backlash!! so I focused on Minimal,Indie dance, Tech House and some break core and Com Truise….
Below some pictures of the event. Stay tuned for future dates…. Hack The Planet!
Tampa-Orlando-The space coast. Home of some of the best CTF players in the country. We cannot wait to have “La Bestia” at their mercy… We will be at the White Hatters Computer Security Club at the University of South Florida on December 17th, 2011.
This is an OPEN event ALL welcome. We will have full setup, new music, videos and of course plenty of targets to P0wn!!!. See you there prepare for combat…
We had an awesome time at Hacker Halted 2011. We had some great players and pretty cool
people stopping by and checking it out.
Thanks and congratulations to @dan_crowley and @jolly for winning the CTF and also winning at the Cyberlimpycs.
Dan was p0wning targets LEFT and RIGHT. Awesome job!. Let’s take a look at the hardware related challenges we featured at this edition of Kommand && KonTroll CTF
In this picture we have the 3 hardware related challenges.
PrintMe Flag. The only way to win this flag was to first compromise the target VM at the ESXi then escalate privileges and finally print the flag.
At the center there is an Arduino UNO/Ethernet shield. This was pretty easy. It consisted of a HTTP parameter that had to be modified in order to turn ON /OFF the LED in a certain sequence. Most players got this one pretty fast.
Then the SheevaPlug server which could be by itself a single CTF. I used this one for Flash M0b CTF at DEFCON but back then this little wonder was running a FULLY functional C&C with two Zombies which were XP SP2s. This time it was running an install of WP that had several vulnerable plugins and the flag was the MD5 hash found at password table. Also notice that there is an USB programmable LED display attached to it. The characters displayed were also modifiable but to do it player had to gain root and compile some code which is actually available on the internet.
Most targets at Kommand && KonTroll CTF have SEVERAL attack vectors as I try to give players with different backgrounds the opportunity to win it, be it a web app or network or binary type of background. Below are some pictures of the event. If you want us to be at your event or you organize these type of competitions and want us to partner up feel free to reach out to us at [email protected] . Thanks again to EC-Council and all the people at Hacker Halted 2011 that stopped by and played. And for the record no one has yet taken over the C&C. Stay tuned for future dates…
P.S: Most people said that the MUSIC was awesome. Well the music was basically hand picked Tech House/Minimal/Dubstep from MIA/NYC/London UNDERGROUND EDM scene which I am an avid follower of … No you won’t be hearing that music on the radio or TV anytime soon…..
We will be at Hacker Halted 2011 on October 26/27 in Miami, FL. We will be bringing the full setup PLUS we will introduce new challenges.
Hardware related challenges. No this will not be about making stuff but probing embedded OSs that will certainly drive hardware behavior once targets are compromised…. Hint.. stuff that goes ON and OFF..
We will also be featuring new multimedia tricks that we are sure you will find entertaining. Of course we will have some awesome selection of underground electronica in our open DJ/VJ station. Also playing Kommand && KonTroll CTF will warm you up for the Cyberlympics at the conference..
We had an incredible time at the ISSA Hack the Flag event and Chili Cook-off in Hollywood, Florida. Thank you very much to ALL who attended, played, and danced with us. Some described the Kommand && KonTroll CTF as a ”COMPUTER RAVE”. We are glad we were able to deliver a multimedia experience beyond common CTFs.
Participants from as far as DC303 and Gainsville came down to participate. A total of 3 teams played this game with a team of 6, a team of 4, and a team of 3 players. The Gainsville guys along with South Florida’s Mike Pella took 1st place by almost twice the points. The two other teams tied at 700 points each. After 4 hours of game play only about 25% of the environment was explored.
Couldn’t get enough? Kommand && Kontroll CTF will be hosted at Hacker Halted later this year.