Ed Skoudis, START HERE: Welcome and Tips | KringleCon 2020

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello and welcome to the sands holiday hat challenge 2020. my name is ed scotus and i'm the director of cyber ranges at the sands institute as well as the founder of counter hack our team is really excited to share with you this year's sans holiday hack challenge as well as our conference kringle con 3 french hens the purpose of this presentation is to welcome you here to the north pole and to provide some tips so you can get the most out of the holiday hack challenge 2020. i just arrived at the north pole myself i went off of exit 7a on the new jersey turnpike rode up santa's gondola and here we are right now in kringle castle so the sands 2020 holiday hack challenge featuring kringlecon 3 is one of our best ever in fact it's our 17th annual holiday hack challenge sans provides this as a gift to the community so that you can build your skills and have some fun during the holiday season everything that we have here is free and we have a fun quirky storyline where you're going to have to help save the whole holiday season from a nefarious holiday super villain we try to build the whole thing in a family friendly way so if you have kids you can play along with the kids they can work on some of the video game components you can work on the cyber security components and vice versa we have challenges that range from very easy for people who are beginners all the way up to very challenging and we try to tell you in your badge you'll see the badge in just a little bit but we try to tell you in the badge which are the easier challenges and which are the ones that are more difficult so that you can kind of focus on your skill level plus there's lots of hints throughout the challenges so that you can develop your skills while having some good holiday fun now there's various components of the sands holiday hack challenge i mean one of the most important components is these high quality in-depth focused challenges we call them objectives and you're going to see a bunch of objectives in your badge when you arrive at the north pole we also have some great terminal challenges this is where in the game you'll click on a little terminal we call them a cranberry pi terminal you click on the terminal and it'll pop up a command shell for you and you have to help an elf do something in that terminal when you help the elf do something that elf will give you hints to help you with your objectives now the sans holiday hack challenge also features a virtual conference called kringlecon 3 french hens you can see the three french hens on the screen here and you'll see them when you get into the game this virtual conference includes some very fun short talks like this one and many of these talks will give you hints and ideas for you to solve the objectives that's a really unique aspect of kringlecon because it's a conference virtually hosted at the north pole where you will learn things at that conference that you can then directly apply to solving the challenges associated with that conference it's also a virtual world for you to explore and socialize you can interact with other players and have fun we also have a free album of highly engaging customized holiday music created just for the sans holiday hack challenge and we have a whole bunch of mini games included in this these are small video games that teach some important lessons and each of our mini games are inherently hackable so if you don't want to play the game itself you could always hack through it to get to the given objective beyond that game so we do hope you have a lot of fun with this thing the team has been working for over 15 months building this thing to share with you now we have some great speakers at kringlecon3 some of these names you may recognize some you may not but these are just tremendous cyber security professionals that wanted to share with you some of their insight now i'm not telling you that every single one of these talks will give you hints for your objectives but many of them will you might want to look carefully at the different objectives that you're going to face in the holiday hack challenge and then look at these different talks to see where you might be able to pick up some tips and tricks for how to solve that given objective now this year we're more interactive than ever and we have more community support than ever first of all this is the first time that the sans holiday hack channel has ever had an official chat infrastructure people have been asking us about this for years so what we did this year is we set up a 2020 discord channel in fact it's a whole set of channels and you can pop into these channels and interact with other players as well as people from our team we have both voice channels as well as text channels so you can interact with each other we also have channels that are dedicated to specific objectives and challenges so you can focus there so that's a pretty pretty exciting new thing that we have here if you want to get more information about joining the discord sessions for the sans holiday hack challenge you can look at holidayhackchallenge.com look at that webpage and it'll tell you how to join the discord session we've also added another new thing this year we call kringle concierges and what this is is during the first couple of weeks after launch when you log into discord and you're logged into the game you can look inside the general channel within discord and we will have a series of volunteers there that will welcome you into the holiday hack challenge this year now those folks are not there for technical support they're essentially there to kind of greet you and if you need help kind of understanding what to do they can give you some direction on how to get started they're almost like the shopping store greeters that you see it at some retailers during the holiday season oh other things that we have this year uh soundtrack we've been releasing the soundtracks for holiday hack challenge for the last five years but we always released them as mp3s that you could download but very few people download mp3s these days so this year for the first time ever we have uploaded all the holiday hack challenge music from previous years 2016 2017 2018 2019 we've uploaded all of that onto the major streaming channels spotify apple music amazon music and more and i'm also here to tell you the holiday hack challenge 2020 music is uploaded to all of these streaming services as well and i'm really excited about the music this year the music is very heavily integrated into the storyline and theme of the holiday hack challenge so i think you'll have a lot of fun with that you can certainly listen to the music in the game it's been carefully placed at strategic points in the game to help tell the story or you could also listen to it via your favorite streaming service and this year we have more mini games teaching vital skills and as i said they're all hackable as well uh in past holiday hack challenges we might have had one or two mini games this year depending on how you count there are four or five different mini games and i hope you have fun with those now at the end of last year's holiday hack challenge we had a bit of a cliffhanger so what we wanted to do last year was to have you resolve the challenge and get to the final screen in fact this is the final screen that you'd see from the 2019 sans holiday hack challenge and there you have defeated the tooth fairy and her plan for destroying the holiday season yup so there she is in her orange jumpsuit because she's going to prison and krampus he he's a a good helper that helps you and santa claus bring the tooth fairy to justice you can see santa claus there as well but we tried to put in this little cliffhanger thing if you look just behind krampus you can see there's a scrap of paper on the ground i'm talking about that little scrap of paper there yeah if you clicked on that scrap of paper on the closing sequence from last year's holiday hack challenge up would pop this scrap in the tooth fairy's own handwriting saying this thankfully i didn't have to implement my plan by myself jack frost promised to use his wintry magic to help me subvert santa's horrible reign of holiday merriment now and forever in other words at the end of last year's holiday hack challenge you found out that the tooth fairy was working with jack frost and i'm here to tell you jack frost is going to be your villain this year now you might say well if i already know who the villain is what's the point of this year's challenge ah you're going to have to figure out what the villain's nefarious plan is and then you're going to have to thwart that plan we tried to set this up inspired by some of those movies like the incredibles do you remember when the incredibles first defeat syndrome at the end of the original incredibles movie as soon as they defeat him out of the ground comes mole man who announces his plan that was kind of our idea with this inspired by the incredibles you defeat the tooth fairy and then suddenly you realize jack frost is on the loose so more about this year's story if you look in the holiday hack challenge universe back in 2018 we had a kringle con conference it was our first ever inside of santa's castle and it was fun but it got really crowded so in 2019 last year we moved the the kringle con to a new venue we moved it to elf university at the time it was the largest venue at the north pole but even that got kind of crowded so what santa did starting about a year ago was he engaged in a massive construction project all the elves worked on it and the idea was to increase the size of santa's castle to add many more floors and to add an elevator it's a magical elevator so that you could whisk around inside the castle we also added a nice big courtyard out back and tried to make the whole thing even more beautiful so this huge construction project started about a year ago and it's almost done not quite there you might still see some things uh like some ladders around and some of the elves are still wearing hard hats you might see a hammer and some nails here and there um pardon our dust but we're just about finished with this huge new castle that you can participate in so we've got the courtyard the magical elevator there's a networ's room on the roof it's really really cool but i gotta tell you we've gotten some reports from some of the elves that santa is behaving oddly um it might just be stress i mean these are stressful times you know the holiday season coming up um but he is saying some weird things and doing some unusual things you might want to keep an eye on that i'm sure it'll turn out okay though all right now this year's challenges there's a lot of great different technologies associated with this year's challenges we've got some challenges associated with cloud and wireless protocols we've got some web app stuff a really cool network analysis there's some interesting crypto stuff there's cyber defense offense digital forensics incident response and so much more all built into this for you really enjoy it and remember there's hints for all this stuff now i'd like to give you a little bit of insight into game controls and in-game chat when you log into the game and you go to holidayheckchallenge.com create your account log into the game you're going to be presented at the top right of your screen with some of the controls the question mark there that you click on that it'll give you help you can also control audio turning it on or off you can hide the chat or show the chat because we have integrated chat right there on the right hand side you can toggle on or off speech bubbles and then if you click on that little head and shoulders icon that allows you to edit your account including to change your avatar so you can change your avatar's face or head or torso or legs or whatever you'd like and here's another really useful tip this is something i just realized myself a few weeks ago if you want to use the in-game chat the easiest way for you to do that is to hit the enter key and that will pop you down to the chat and then you can type a chat message hit enter and it will send it now if you start typing again it's not going to be inside that chat screen anymore instead you have to hit enter again and that will pop you back down into the chat this makes chat so much more usable just hit enter and boom you're ready to chat hit enter again and it sends it hit enter again and now you're ready to chat some more cool let's talk about the characters and your badge here you can see my character i go by the handle reel ed scotus and in the middle of each character this year we have a badge because you're there at kringlecon 3 french hens so that's your badge for the conference if you click on that badge it looks like a snowflake if you click on that badge you will see that the badge has various elements in it it has the narrative this is the story that unfolds as you work your way through the conference and as you start solving challenges you might want to read that narrative it's kind of whimsical there's also the objectives in there so when you first get into the environment you'll be given a set of objectives and as you solve those objectives additional objectives may appear also you gather hints remember i told you you get hints by helping elves solve their terminal challenges those hints will appear in your badge so you can refer back to them at any time there's also links to all the great talks at kringlecon3 there's items in there the items one is really important because as you walk around santa's castle you'll find different items laying around you just walk right over them and they'll be picked up and placed into your badge so you now have these items that you can then use to help solve future challenges also you can get at your settings via your badge so you can change your audio settings and so forth now these elves you can see on the right hand side of the screen here these elves are placed all over santa's castle here you can see shinny up a tree and the elves usually will have an associated terminal with them here you can see a cranberry pie terminal on shinny's left hand side if you click on that you'll get to help shinny solve some technical problem that that elf has in that terminal once you've solved that problem in the cranberry pi terminal that elf will give you hints about how to solve the objective and those objectives are usually located near the same elf so here you can see investigate s3 bucket right next to shiny upper tree so you can click right on that so as you work your way through this check your badge periodically because you will achieve various things in the game the narrative will expand you'll see objectives appear your hints will grow more populated you'll gather various items and of course you can always watch the talks so the characters in your badge if you look at the objectives i want to zoom in on that one right now you'll see that each of them is numbered here we can see point of sale password recovery we give you an estimate of the difficulty this one has only one christmas tree lit up so it's probably pretty easy the ones with four or five christmas trees are much more complex we'll ask you a question you can then try to solve that question by interacting with the given elf that's associated with it and then you can submit your answers right inside your badge but do keep an eye on the hints in your badge now terminal challenges that's the one with the cranberry pi terminal they're all designed to be solved within a reasonable amount of time just using the terminal in your browser itself most terminal challenges can be solved in five minutes up to maybe 15 minutes or more but not a lot more whereas the objectives some of the objectives might require quite a bit of time many of the objectives you have to download some additional assets or engage in a more rich and complex user experience so um the the terminal challenges are almost kind of like this easy little uh idea popcorn kind of stuff stuff to have fun with right in your browser whereas the objectives they're the more longer term more deeply analytical elements for you to solve as you work your way through and remember there's hints there's plenty hints from the elves oh another thing that we added this year health status and then we've got a facility for reporting bugs so if you go to status2020.com you can see the health of various elements within the holiday hack challenge universe so that'll give you an idea of what's up or heaven forbid if something comes down you'll be able to see that with a red x so you might be working on a challenge and you'll say wait something doesn't seem right here i can't get to the server anymore is it down for me or is it down for everybody you can now simply go to status 2020 and then look and say oh that one's down we also have a git repository so that you can file bug reports we've actually done this the last couple of years but we're doing it again this year you just go to github.com counter hack go to holiday hack 2020 and if you notice a bug in the game or have some issue in there you can simply report it there and the whole team will see it we have a whole team of elves that are watching all right so how to participate you register at holidayhackchallenge.com and when you go there you'll also find information about how to join the discord channels with respect to twitter you can follow at kringlecon or if you'd like you can follow me at edscodus for updates and we'll use the hashtag of holidayhack for each one of those you should also watch some of these kringle con videos in game they're in the game itself they're also linked to in your badge or you could go to youtube's kringle con channel one of the the neatest parts of the sans holiday hack challenge for me is all these different components that come together right you've got the virtual conference you've got the challenges you've got the great talks you've got the music you've got the storyline that unites it all all this stuff coming together and we really do hope you'll enjoy it so i'd like to to wish you a happy holiday season i hope you have fun with the sans holiday hack challenge as well as kringlecon 3 french hens i'd like to thank you on behalf of the whole holiday hack challenge team as well as the sands institute and please enjoy
Info
Channel: KringleCon
Views: 13,156
Rating: 5 out of 5
Keywords: Holiday Hack Challenge, KringleCon, SANS, InfoSec, CTFs, CyberSecurity, Cyber Security
Id: 8e0SZrbWFuU
Channel Id: undefined
Length: 18min 25sec (1105 seconds)
Published: Wed Dec 09 2020
Related Videos
Indie Christmas 2020 🎄 - A Festive Folk/Pop Playlist
alexrainbirdMusic
816K
Deviant Ollam, Optical Decoding of Keys | KringleCon 2019
KringleCon
6.9K
DEFCON 16: Toying with Barcodes
Christiaan008
349K
Cozy Christmas Coffee Shop Ambience with Smooth Jazz Christmas Music, Crackling Fire, & Cafe Sounds
Calmed By Nature
3.6M
KringleCon - Rachel Tobac, How I would Hack You: Social Engineering Step-by-Step
KringleCon
6K
Tom Liston, Random Facts About Mersenne Twisters | KringleCon 2020
KringleCon
3.6K
David Tomaschik, Red Teaming: Why Organizations Hack Themselves | KringleCon 2020
KringleCon
930
Christmas 2019 - 2 Hours of Classic Christmas Fireplace Music
Sim Dzunic
5.8M
Jorge Orchilles, Offensive Security Tools: Providing Value with the C2 Matrix | KringleCon 2020
KringleCon
671
Prof. Qwerty Petabyte, Working with the Official Naughty/Nice Blockchain...
KringleCon
1.6K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.