 What's going on YouTube? We're here at B-Sides Delaware. We just, we just got here it's like 11.30 at night. We'll come back at you tomorrow for the B-Sides Delaware. Yeah. I'm sorry you had to see that. But it was seriously like 11.30 at night. I had been driving for way too long. So this is back in November of last year 2019 where I went over to B-Sides Delaware. My buddy Caleb, my roommate, joined me. You can see him throughout the video and I'm sure you've seen him in plenty of others. At the old B-roll. Coming hot. Speed limit 15. We better slow down. This is the conference where I put on my recent talk, a poor man's pen test. You can go see that video if you're interested. It's on my channel. And that's where I showcased like some stupid cheesy dumb bash techniques and some like X automation things you can do to like automate doing the same things you do every time you get in a machine. Like get your reverse shell and stabilize your shell and then maybe run Lenina or copy some files over or whatever the case may be. And that just showcases some techniques to do that. So anyway, B-Sides Delaware was in the Delaware Technical Community College Stanton campus in Newark. And I was there to play a little bit of prose versus Joe's, although I wasn't able to play much. Give that presentation and talk as a speaker. And I was going to host my very first JHD CTF for kind of the John Hammond digital CTF. Oh, and while I was there, I got to meet Sukoi, who was a moderator on my Discord server, and she was in the area and it was awesome and incredible to meet her. So shout out to you. Thanks for coming to hang out, Sukoi. You were awesome. Okay, so I wanted to talk about my CTF in this video. What I had put together was a capture the flag game that was built using CTFD. Originally I wanted to use the Pico CTF framework for a while, but that took way too long to set up and I just never got it right. So I ended up kind of just caving and going for CTFD, which wasn't that bad. Honestly, it was kind of nice and easy to use and super easy to set up. So I had two servers. So I had one machine that was a digital ocean droplet, both of these are digital ocean droplets. One was the actual front end, like the scoreboard and the CTFD platform. The other was the actual challenge server that would host all the different Docker containers that were running as vulnerable web service or service that you had to connect to a netcat and exploit etc etc. So that was kind of my infrastructure, right? Two machines, simple small stuff. It was honestly a small game. But that's how it was built because I didn't expect a whole lot of players. One challenge or game server and then the actual scoreboard in front of itself. So the way that this worked at B sites Delaware, we actually were given a small time slot just four hours on I think one of the first days. We weren't able to be in that room for the entire duration of the conference. They were just able to squeeze us in for just a little bit like half a day. Honestly, that wasn't an issue. I didn't mind. I wanted to make this kind of a floating game. Sure, we can hang out in that room and they could meet us and talk to us, the players that were kind of working on the challenges. And then if really there's whatever time for the rest of conference, they can hang out in the chill out space if they wanted to play or we would always be available, they can reach out to us. And that's just how we wanted the game to go. So I developed all the challenges. Actually, I made 50 challenges and Caleb made two. But he was kind of late to the party in the development group. And he was really just there to help kind of moderate and support. It was awesome, actually, because he was able to help teach some people and explain some things. And it was really cool. He told me it was like an adrenaline rush because he hadn't seen or known all of my challenges, but we're still kind of like acting as an admin or staff. So whenever someone would ask him for help on something, he'd be like, like, trying to analyze it and process it like as they're explaining it to him. And he would think like, Oh, had you tried this? And then if they were to do that, that would lead them right down the right path. And he was like, Yeah, I kind of could in I could get that insight and figure out the challenge on the fly, which was kind of neat. So that was cool. Anyway, we were only in that specific room for a couple hours. So I tried to give a little bit of publicity for the challenge or the CTF because it wasn't advertised as like, Hey, a competition for this conference. I emailed one of the organizers earlier and asked them, I know this is short notice, but since we don't have a whole lot of advertising out for this thing, can I just put up like flyers or make a little small posters around the conference hall? And they're like, Yeah, that's totally fine. So I had made those small little things and I would put them up all over the conference. I was kind of going gorilla style. I put them on water fountains and put them in the bathroom stalls. I put them in each of the different tables and like a vendor booth right there. And then all of a sudden, I saw them slowly start to disappear. And they were being taken away. And I couldn't catch who would do it. And I was but I would see them just suddenly move and be gone. At one point, I saw one volunteer, I think one staff or organizer, not an organizer, but he put it up, crumpled it up, and just put it in his pocket and walked back down to go like help with the registration. So I followed him down and was like, I'm sorry, what? What are you? What are those? What's happening to those flyers? Where are they going? And he said, Oh, they're not supposed to be up. Go talk to so and so. And I was like, I'm sorry, I asked one of the organizers previous the event and I know that's a CTF we have a have on the schedule. Can I have those publicize? That's what I had permission from earlier. And he's like, Yeah, go. Okay, fine, go talk to this guy. So I went to go talk to that individual, he brought him to me. And then I said, like, hey, I'm sorry, whatever confusion, I'm not trying to be a problem child here. But I thought this was kind of good to go. And he said, Oh, yeah, I'm sorry, you must have spoke with the other organizer. And I said, Yeah, here's the email. Look at my phone. And he said, Okay, okay. Sorry for the trouble. Yes, we can put them all back. And I'm like, Great, I'll take the crumpled up flyer and just get like unroll it and put it on the wall again. Thanks. It honestly wasn't a big deal. It wasn't an issue at all. My fault. Let's blame me. I'm sorry. Anyway, I think the CTF was a lot of fun. It was honestly surreal to just see a group of people kind of look at my challenges and poke at my challenges and explore them and learn new things or ask questions. And that was very, very cool. Setting the mood for the room or like dimming the lights and putting on the music was was really kind of fun and cool. So I like that a lot. I would like to bring this to other conferences. I'd like to bring it to other I don't know, OWASP chapter meetups or events that might happen within the cybersecurity scene. So if you're interested in that kind of thing, there are 50 challenges in all the different categories, cryptography, binary exploitation, forensics, reversing, not as much reversing, I need to work on that web, secondography. And I feel like I'm forgetting a category. Did I say crypto already? I feel like it crypto is like the first thing I say. Alright, thank you guys for watching. If you did like this video, please do like comment and subscribe. I would love to see you guys in the Discord server. Love to see you on Patreon, PayPal, Twitter, LinkedIn. I'm not doing that much on like Instagram yet. I don't know if I should. Can you have a cybersecurity audience and culture on Instagram? Social media is weird. And if you would like to do this capture the flag, I'm leaving it offline until I go to a live event. And then I'll open it up for the conference and we'll kind of market it within that. So if you have any interest in that, please don't hesitate to contact me, please reach out. This is a lot of fun. I really like it. I enjoy it. I love it. I want to bring it to you. So thank you guys for watching. See you later.