October 9, 2018 @ 6:00 pm - 8:00 pm AEDT| Free
#1: SecTalks SYD0x29 (42nd) – Bitcoin Honeypot – Leaving a wallet on the floor of the Internet
Developed a Bitcoin Full Node Honeypot that sits on the internet awaiting attackers. The Bitcoin Full Node has a JSON RPC port bound to localhost which I developed a honeypot to open it up to the internet and deceive attackers into connecting and trying to steal money from the wallet. This is a talk about how to develop a honeypot from a deception point of view as well as the results of leaving it sitting on the internet and having attackers try to steal money from it.
Gordon Draper has a background in utilities and electrical engineering and moved to cybersecurity consulting for penetration testing and security architecture. Gordon now runs Fort Safe, a Cybersecurity Consultancy in Australia.
#2: CTF SYD0x26 Walk-through and SYD0x28 CTF (60min)
Solution to the previous CTF will be presented and there will be a CTF game. Whether you are a guru at CTFs or a complete beginner, you will have fun. If you wish to play, follow the steps below, otherwise feel free to come by, listen to the talks and network.
1) Bring your laptop.
B) Internet access may not be provided. You may want to bring your own wifi dongles or tether to your iPwns.
F) Have a hypervisor software, e.g. VMWare player, Virtual box. It is necessary for running some CTF challenges and workshops.
4) Based on the number of participates for the CTF, the group may be divided into teams. PREPARE TO MAKE NEW FRIENDS. We will try to team up beginners with gurus. Those that want to go solo are still welcome to do so.
five: This is a learning exercise for everyone. The idea is to think about problems, make friends and have fun. Don’t treat it like a competition. If this is your first time participating in a CTF, check out LiveOverflow’s video as an introduction lesson to what it’s all about: https://www.youtube.com/watch?v=8ev9ZX9J45A
VI- The winner is the first team who solves the challenge. The winner will win the praise and admiration of fellow attendees. Gentle prods and hints will be offered during the session to move things along if people get stuck. The goal is to learn, not to beat your head against a wall for days on end.
7: Have fun. Learn. Mentor if you are able to. Participate, or just socialise. This is supposed to be a fun, learning event for the security and hacker community.
8. Know how to run OpenVPN client on your system. This may be required to access CTF server(s).
Doors are open from 6:00 pm and the first presentation starts at 6:15 pm. Light refreshments are available at the venue.
Venue and catering
PwC Sydney (https://pwc.com.au)
CTF Servers and online hosting
elttam (https://elttam.com.au): an Australian specialised IT security firm that provides independent security consulting and training services.
Tyro Payments (https://tyro.com): an Australian financial “fintech” institution specialising in merchant credit, debit and EFTPOS acquiring.
Atlassian Sydney (https://atlassian.com): an Australian enterprise software company that develops products for software developers, project managers, and content management.