Mental Health Hackers Village
The Mental Health Hackers Village will be ran by Mental Health Hackers, a 501(c)(3) organization.
The Mental Health Hacker’s (MHH) mission is to educate tech professionals about the unique mental health risks faced by those in our field – and often by the people who we share our lives with – and provide guidance on reducing their effects and better manage the triggering causes. This will be done through numerous talks and speakers conducted within the village during the conference. There will also be fun activities, crafts, coloring, and more to help you reduce stress and take a mental break from the conference activities and attendees.
MHH also aims at providing support services to those who may be susceptible to related mental health issues such as anxiety, depression, social isolation, eating disorders, etc.
Please understand that MHH does not provide counseling or therapy services.
Their website can be found at https://www.mentalhealthhackers.org/
ICS Village
The ICS Village is a 501c3 non-profit that provides education and awareness of industrial control system security. This year at BSidesCharm the ICS Village will be hosting the SEA-TF competition that was chosen as a black badge competition at DEFCON last year. The SEA-TF is a Capture the Flag (CTF) competition based around hacking against maritime Operational Technology (OT) & Industrial Control Systems (ICS) equipment.
Teams will have an opportunity to directly interact with real maritime bridge, propulsion, and hydraulic steering systems at the OT bus level to create specific effects such as taking over rudder or throttle control and spoofing the data presented on the bridge systems. Can you hack the ship? This event is open to all skill levels and teams just need a laptop with USB ports to participate as the staff will provide the OT bus to USB adaptors if teams don’t have their own equipment. Experience with CANBUS will be helpful, but not required.
Teams can preregister at www.sea-tf.com and we will also allow walk-up registrations as space allows. There will be small prizes awarded to the top 3 teams with the winner being recognized at the BSidesCharm Closing Ceremony.
ICS Village staff are also happy to chat with anyone about the importance of OT/ICS cybersecurity so swing by and come check us out.
IoT Village
IoT Village advocates for advancing security in the Internet of Things (IoT) industry through bringing researchers and industry together. IoT Village hosts talks by expert security researchers, interactive hacking labs, live bug hunting in the latest IoT tech, and competitive IoT hacking contests. Over the years, IoT Village has served as a platform to showcase and uncover hundreds of new vulnerabilities, giving attendees the opportunity to learn about the most innovative techniques to both hack and secure IoT.
Learn more about IoT Village here https://www.iotvillage.org/
CTF contestants can head to https://scoreboard.iotvillage.org/ on event day to participate in our CTF!
Lockpick Village
The mission of The Open Organisation of Lockpickers (TOOOL) is to advance the general public knowledge about locks and lockpicking. By examining locks, safes and other such hardware and by publicly discussing our findings, we hope to strip away the mystery with which so many of these products are imbued.
The more that people know about lock technology, the better they are capable of understanding how and where certain weaknesses are present. This makes them well-equipped to participate in sportpicking endeavors and also helps them simply be better consumers in the marketplace, making decisions based upon sound fact and research.
Visit TOOOL and learn how to pick a lock or work on refining your current skills!
The Mobile Hacking Village
We are a group with the goal of teaching, with a security focus, about mobile devices. We cover a range of topics on Android/iOS internals, providing demos for interesting topics, and demonstrating best security practices, to hands-on learning for basic to intermediate topics.
Our village will be available on Sunday only.
Radio Frequency CTF
Do you have what it takes to hack WiFi, Bluetooth, and Software Defined Radio (SDR)?
RF Hackers Sanctuary (the group formerly known as Wireless Village) is once again holding the Radio Frequency Capture the Flag (RFCTF) at BSidesCharm 2022. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.
We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our new virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.
There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, on Twitter @rf_ctf, @rfhackers, and the interwebz, etc. If you have a question – ASK! We may or may not answer, at our discretion.
FOR THE NEW FOLKS
Our virtual RFCTF environment is played remotely over ssh or through a web browser. It may help to have additional tools installed on your local machine, but it isn’t required.
Read the presentations at: https://rfhackers.com/resources
Check out the resources at: http://sdr.ninja/training-events/sdr-wctf/
HYBRID FUN
For BSidesCharm 2022 we will be running in “Hybrid” mode. That means we will have both a physical presence AND the virtual game. All of the challenges we have perfected in the last 2 years in our virtual game will be up and running, available to anyone all over the world (including at the conference), free of charge. In addition to the virtual challenges, we will also have a large number of “in person” only challenges. These “in-person” only challenges will include our traditional fox hunts, hide and seeks, and king of the hill challenges. Additionally, we will have many challenges which we simply haven’t had time or ability to virtualize. It should be clear that playing only the virtual game will put you in a severe available point disadvantage.
Please don’t expect to place if you play virtual only, consider the game an opportunity to learn, practice, hone your skills, and still get on the scoreboard. The virtual challenges which are available will have the same flags as the in-person challenges, allowing physical attendees the choice of hacking those challenges using either (or both) methods of access.
THE GAME
To score you will need to submit flags which will range from decoding transmissions in the spectrum, passphrases used to gain access to wireless access points, or even files located on servers. Once you capture the flag, submit it to the scoreboard right away, if you are confident it is worth *positive* points. Some flags will be worth more points the earlier they are submitted, and others will be negative. Offense and defense are fully in play by the participants, the RFCTF organizers, and the Conference itself. Play nice, and we might also play nice.
To play our game at BsidesCharm 2022:
SSID: RFCTF_Contestant
Password: iluvpentoo
Getting started guide: https://github.com/rfhs/rfhs-wiki/wiki
Helpful files (in-brief, wordlist, resources) can be found on the game web server at http://172.16.100.1 or
https://github.com/rfhs/wctf-files
Support tickets may be opened at https://github.com/rfhs/wctf-support/issues
TL;DR
Twitter: @rf_ctf and @rfhackers
Discord: https://discordapp.com/invite/JjPQhKy
Websites http://rfhackers.com and http://sdr.ninja – play with us
Github: https://github.com/rfhs
Official Support Ticketing System: https://github.com/rfhs/rfctf-support/issues