The OFFICIAL DEF CON 12 WARDRIVING CONTEST
The DEF CON 12 WARDRIVING CONTEST was a huge success. Complete dumps of the traffic captured during the tag contest will be posted in the coming days.
The Winners of the contests were:
Main Drive:
1master
Tag:
1master, Renderman, and Panthera
Running Man:
Eric Smith and Bill Barnes
Fox and the Hound:
Renderman and Deviant Ollam
Congratulations to this year's winners. It was a great contest and a good time was had by all the participants. Good luck next year!
For the first time ever the Def Con WarDriving contest will be divided into two parts. A "Main Drive" that will run for the entire three days and three "Mini-Games" that allow contestants that would like to participate but do not want to invest the entire Con in WarDriving. This page provides information on both facets of the contest.
Persons that sign up for the WarDriving contest are free to participate in all of the contests (Main Drive and all Three Mini Games) or any part.
For instance, if you wanted to only participate in the "Treasure Hunt" Mini-Game, you are free to do so by registering for the contest. If, on the other hand, you wanted to participate in the Main Drive and "The Running Man" your registration affords you this opportunity.
DEF CON 12 - WarDriving Contest ( Main Drive )
=====
Spnsored by
[ Pre DEF CON Registration ]
NEW Check out the Main Drive README
DEF CON 12 WarDriving Contest Pre-Registration is now open on the Def Con Forums(Requires Forum Registration). Once you have registered for the contest the Disclaimer will be sent to the address you used to register for the Def Con Forums within 24 hours. You then have 72 hours to reply to this email accepting the disclaimer. The email you receive with the disclaimer will have instructions for acceptance.
-----
[ DEF CON 12 Check-in ]
Once you arrive at Def Con, you will need to check in at the Def Con 12 WarDriving contest sign in area located in the Def Con Contest Area.
-----
[ DEF CON 12 WarDriving Rules ]
o This year's main contest will be every geek for .self(), beginning at 13:00:00 on Friday and continuing until 13:00:00 on Sunday.
o Contestants are free to drive as much or as little as they choose at any points during the time that the contest is open.
o NOTE: The contest winner will likely invest a lot of time in this contest. Therefore there are mini games open to all contestants that do not rely on the main drive to win.
o Scores are tabulated upon upload of new log files and can immediately effect all wardriver scores and rankings.
o Only ground based transportation is allowed
o Only data submitted during the open contest window will be accepted for scoring and rankings.
o Only access points found within 50 square miles of the Alexis Park will be accepted for scoring. This will be enforced by a set of GPS coordinates that will be made available to all wardrivers at the time of the contest.
o Each contestant is required to follow all local, state and federal laws to include traffic laws.
-----
[ Scoring ]
o 1 point - for each access point found.
o 2 additional points - for APs with WEP enabled.
o 2 additional points - for APs with a non-default ESSID
o 5 bonus points for an ESSID that is shared across multiple BSSIDs or multiple channels
o 5 bonus points for each AP that you were the first to discover. This is based on upload time NOT logs times.
o 5 bonus points for discovering an AP this is unique to ALL other contestants
o Only APs with associated GPS coordinates will be counted.
o Logs that do not fit the specified conventions WILL NOT BE SCORED.
-----
[ Results ]
o Data Dump: The IP address for the DEF CON WarDriving Contest Data Server will be made made available to each contestant at check in on Friday. A username and keypair will be given to each contestant at that time. Each contestant is responsible for uploading their data via SFTP over a wired connection in the allotted time according to the conventions provided to them at check-in. No exceptions! It is each contestant's responsibility to ensure that they have the appropriate equipment, protocols and client software for this data transfer.
o Data must be submitted in ns1 format. The Church of WiFi has developed WarGlue, to aid in data conversion.
o One week before Def Con an 'acceptable version freeze' will go into effect. The supported versions of Kismet, NetStumbler and MiniStumbler will be posted. Any contestant that uses software or version other than those approved by the Def Con 12 WarDriving Contest Staff is responsible to ensure their data converts to NetStumbler .ns1 (for the approved version of NetStumbler) and runs the risk of having their data discarded. WE WILL NOT CONVERT YOUR DATA THIS YEAR. Don't whine, don't complain...because it won't work.
o Scoring scripts and supporting files can be downloaded from this site by July 1st for testing purposes. Questions concerning the scoring script should be directed to converge (converge[at]lostboxen[dot]net)
-----
[ Timeline Of Events ]
Friday July 30th 2004
o 10:00 AM CHECK-IN is open (CONTEST AREA)
o 12:00 PM CHECK-IN is closed
o NOTE: Anyone who has not checked in by that time will not be a participant in the Def Con 12 WarDriving Contest.
o 1:00 PM The tournament will begin and upload capabilities will be enabled.
o 6:00 PM The upload server will be taken down for the night. Driving may continue but no logs will be processed until the server is back up.
Saturday July 31st 2004
o Upload server will be made available as soon as WarDriving Contest Staff is able to confirm functionality. This is may not be a predictable time, so improvise; upload capabilities will be announced at the WarDriving table.
o 6:00 PM The upload server will be taken down for the night. Driving may continue but no logs will be processed until the server is back up.
Sunday August 1st 2004
o Upload server will be made available as soon as WarDriving Contest Staff is able to confirm functionality. This is may not be a predictable time, so improvise; upload capabilities will be announced at the WarDriving table.
o Live scoring will not be done on Sunday. You will have to come to the Awards Ceremony to find out where you finished.
o 1:00 PM All logs must be completely uploaded according to dump specifications provided below to be included in contest results. No Exceptions, No Delays, No Malfunctions, etc...
o Contest winner announced at Awards Ceremony.
-----
[ CHEATING: For those whom are intending to cheat... or even thinking about it... yeah you ]
WarDriver creativity is encouraged, but cheaters never prosper:
o The Def Con WarDriving Contest Staff will take precautions to prevent cheating.
o Logs submitted by multiple persons to help a single wardriver advance in the contest is an activity strictly prohibited by the contest and will be treated as cheating.
o If any member of a team is caught cheating the team will be disqualified without prejudice ("team" applies to mini games only as the main drive is individual).
o Example of what is in store, more to be disclosed after the contest:
Several DSE's will be placed around Vegas. These are Access Points that will be turned off at the start of the contest. If the MAC for a DSE is in your data, you are disqualified.
Conditions
Def Con WarDriving Contest staff will conduct a pre-drive to establish a baseline. If a contestant's data significantly varies from the "baseline" the Def Con WarDriving contest staff will re-drive the area (same day). If the discrepancy still exists you will be disqualified.
[Def Con 12 WarDriving Contest Staff Members]
Chris
Converge
Thorn
AlxRogan
###############################################################################
DEF CON 12 WarDriving Mini-Contests
FUNKSPIEL!
Suggested Equipment List For Playing In The DEF CON WarDriving Mini-Contests.
1) A WiFi enabled laptop or PDA.
2) GPS Receiver
3) Appropriate pigtails
4) Antenna cable(s)
5) An omni-directional antenna (suggested 5dBi to 8dBi)
6) A directional antenna (8dBi to 15dBi)
7) A compass
8) Maps (or mapping programs) of the Las Vegas area.
You are of course welcome to bring other equipment as you see fit. Just remember that some of the games may take place inside buildings. So choose appropriately. Do you really want to be dragging your 24dBi dish around inside a hotel?
===============================================================================
Fox and Hound
Sponsored by
and
Object: Be the first team to locate the "Fox."
Date/Time: Saturday, 31 July 18:00-21:00
1) The "Fox" is an Access Point. It is located someplace in the Las Vegas city limits. Now all you have to do is find it.
2) That AP is sending out an infrastructure SSID: Fox&Hound.
3) Unfortunately for the players, the AP is transmitting on low power, and will take some radio directional equipment to locate.
4) Even more unfortunate is the fact that it is also only transmitting for 15 seconds out of every minute.
5) Using those radio directional finding skills, try to locate the Fox. Players may check that this is the actual Fox by verifying the signature
of a file located on the AP server. It will be carrying a file PGP signed by Chris (roamer).
6) You must physically locate the Fox. Once you think you have it located, a contest organizer staff member should be there to confirm it. That person will alert the other contest organizers that they have been located.
7) In the event that the Fox is not located, the team that comes up with the closest LOGGED Longitude and Latitude wins. (*.ns1 format.)
-Time limit of 3 hours.
-Teams must be at least two people (driver & RF person/navigator) and limited to the total number of people who can safely sit in a single vehicle.
-No multiple vehicle teams.
===============================================================================
Running Man
Sponsored by
Object: Be the first to locate and identify the "Running Man."
Date/Time: Saturday, 31 July, 13:00-14:00
1) The "Running Man" is a person on foot, walking in, around and near the grounds of the Alexis Park, enjoying all the DEF CON atmosphere. Now all you have to do is figure out who she/he/it is...
2) The Running Man is carrying some WiFi equipment that is transmitting an ad-hoc SSID: RunningMan, and is running an Apache Web server. The IP address is 10.10.10.10.
3) The equipment is mobile, but may not be apparent. It could be a laptop, it could be a PDA, or it could be some weird WiFi device concealed on the Running Man's person.
4) Players should set their own WiFi devices to the same SSID, and attempt to open the Running Man's Web page. You know you've got the right one, when you see the web page graphic of the "Running Man" movie poster, with the scowling visage of Gov. Arnold Schwarzenegger. Players may check that this is the actual Running Man by verifying signatures on the files. All of the mini games should be carrying a file/files PGP signed by Chris.
5) The device is transmitting on very low power, and may take some radio directional equipment to locate.
6) The web server will have additional clues to the identity of the person.
But:
a) The clues will not be obvious.
b) You will need to employ some light cryptographic and puzzle solving skills to understand those clues.
7) Using those radio directional finding and puzzle solving skills, try to locate the Running Man. Once you think you have the Running Man located, simply walk up to the 'suspect' and ask them "Are you the Running Man?"
If they are the actual Running Man, they will answer "Yes" and you win! They will confirm this by showing you the items hinted at in the clues.
8) The Running Man will alert the contest organizers that they have been located.
NOTE: If the person you ask is not the Running Man, expect at least a strange look in response to your challenge. If you really annoyed them, they might also punch you.
-Time limit of 1 hour.
-Limited to single players or two-person teams.
-Two person teams must work together, no splitting up allowed.
-Players should realize that this is DEF CON, and than means within 5 minutes of the contest's start approximately 492 spoofed RunningMan web servers will exist. The organizers cannot control this, so don't even bother to ask. Besides, it will add to the challenge. You don't want it to be TOO easy, did you?
===============================================================================
Tag (You're it!)
Sponsored by
Object: The goal is to place a text file (yourname.txt) in a shared directory of a particular machine. The first one that does wins. The text file must be in the format listed below and have your PGP public key so that we may confirm the winner.
Date/Time: Friday 30 July, 18:00-21:00
1) Locate the Tag server. It is on the grounds of the AP.
2) The Tag server the only machine on a infrastructure mode WLAN. SSID: TAGME
3) Unfortunately for the players, the AP is transmitting on low power and has directional antennae/shaped reflectors to limit the signal direction. It will take some radio directional equipment and skills to locate.
4) Using your radio directional finding skills, try to the AP.
5) You will need some skillz to access the AP and server.
6) At the start of the contest an association will take place with the AP. It will then stop and reassociate every 10 minutes for 3 hours.
7) Once having accessed the WLAN, the players must access the shared folder to place the TAG.TXT file. Players may check that this is the actual Tag server by verifying the signatures of a file located on the server. It will be carrying a file GPG signed by Chris.
8) First Person/Team to place the TAG.TXT wins.
-Time limit of 3 hours.
-Limited to single players or two-person teams.
-The name and public PGP key of each player must be submitted before the start of the contest. (Two man teams may choose one team member's PGP key.)
-Two person teams must work together, no splitting up allowed.
-Once again, players should realize that this is DEF CON, and than means within 5 minutes of the contest's start approximately 8.6 million spoofed TAG servers will exist. The organizers cannot control this, so don't even bother to ask. Once again, it will add to the challenge.
TAG.TXT format:
Name: YourScreenNameHere
Contest: TAG DC12 MiniWD Contest
Email: YourAccount [AT] YourISP [DOT] domain (This can be a throw away account. It is just for game verification purposes ONLY.)
Password: (Not really. Just seeing if you're paying attention.)
The winner of the main drive and of each mini-game will also receive a signed copy of WarDriving: Drive, Detect, Defend courtesy of Syngress Publishing
