Hacker Summer Camp Check List - 2018

UPDATED: 2018.0731

Every year I go through an exercise of sorting through all my gear to figure out which ones I will bring to hacker summer camp.  I always end up bringing more than I need.  But just like any of you, I go by “it’s better to have and not need than to need and not have”.  Don’t deny it… you can all look in your garages, basements and storage units and see how much hacking stuff you’ve accumulated through the years.  And if you’re just starting out, give it a couple of years, and you’ll see what I mean.

NOTE: It's your first DEF CON!?! Awesome, welcome to hacker summer camp! See the DEF CON 3-2-1 Rules below.

Here is my basic hacker summer camp check list:

CASH:

Bring cash, you'll need it for registration.  Using ATMs in or near the con's vicinity is not advised.

LAPTOP and CELL PHONE: (Don't use your work issued laptop or cell)

(1) Burner Laptop

I dual-boot with Kali and Windows. Kali being my main OS, I would also setup a variety of backup VMs in Virtual Box.  Test and get familiar with your VMs before you go.

(1) Burner Cellphone

You'll need one to constantly be in touch with your hacker group. Also helps in keeping tabs on happenings during the con. (Note: If you have an Android, you can look into creating a separate user profile with limited functionality.)

<<eBay is your friend when looking for gear for occasional use.  Remember that these are not your daily comm gear.  You do not need the latest or greatest models or versions.>>

(2) Baofeng Radios UV5R

POWER / ELECTRICITY:

(1) Portable Charger
You’ll need it to charge your phone, and power your #badgelife addiction.

(2) Power Strips
Get a small one to carry around with you, and a big one for your hotel room.  It'll be a plus if your power strip has built in USB charging ports.

<<This is the power strip I use.  The USB ports are 2.4v each.  It saves you from bringing a bunch of power adapters when travelling.>>

(20+) Batteries – AAA, AA, 9-Volts, CR2032, Li-Po
Batteries are always a premium at the con. Bring a lot and share...

STORAGE:

(1) Portable External Hard Drive 1-2 TB
I'd keep all things downloaded from the con in this drive.  Including files and tools you used on your burner  laptop during the con. 

(10-15) Variety of Memory Cards - I know it's a lot. You really never know what you'll need until you get deep into some challenges.  The only ones I actually end up using are the bootables with the Linux distros.

<<I use an Altoids can with 3D printed dividers, a pill box and an actual SD card case I found at the local Daiso.>>

NETWORKING:

(1) 5-Port Switch

(1) Portable WiFi Travel Router

(1) Hi-Gain USB Wireless Long Range Network Adapter
(1) Network Tap

(1) HackRF

(1) Ubertooth
I like network packets, so I need all of these.

CABLES:

(2) 15’ network cables

(Variety) USB cables all kinds – mini, micro, USB-C etc. If you can find an all-in-one cable even better.

<<Here's the one I use.  It'll charge an Apple, Android and USB-C phones.

(1) HDMI cable

MISC:

• RFID Blocking Sleeve - you are attending hacking con.
• Duct Tape - if you can't fix it...
• Super Glue - broke it? glue it back together.
• Zip Ties - for keeping things together and other security applications.
• Multi-Tool with Pliers - brute force tools and cutting tools are most welcome.
• Masking Tape - see Duct Tape
• Hot Glue Gun - level up for Super Glue
• Screwdriver Set - level up for multi-tool
• Permanent Markers - someone always needs one.
• Portable Speakers - some #badgelife toys might need it.

EXTRAS: (Village Specific Tools)

• Lock Pick Set

<<Don't forget your lock pick set. Your first DEF CON? Drop-by LPV and grab a starter set.>>

• Soldering kit
• Multimeter

SWAG:

Stickers to trade

Hacker Challenge Coins and Poker Chips

Hacker T-Shirts to trade

Booze for goon bribery.

==========================================================

DEF CON 3-2-1 Rule 
In addition to the list of gear, you will also need personal items.  Let the DEF CON 3-2-1 Rule be your guide.  Please take note the guide is a minimum recommendation.  Let's get started...

At a minimum, 3 hours of sleep a day. Sleep, yes, sleep.  Your brain needs it. <Pajamas, toothpaste, tooth brush..etc.> 

At a minimum, 2 meals a day. You will need to eat for energy. Booze and beer all day will only take you so far....  Have snacks <Trail mix, power bars, beef jerky, breath mints,...etc.> in your bag because with everything happening around you will most likely contract a case of *FOMO.  Set aside a couple of hours to eat. Drink water! It helps if you plan to party all night.

At a minimum, 1 shower a day. Showers are good not only for you but also for the rest of us. <3-4 days worth of change of clothes (includes under garments, socks...etc.), shampoo, soap, deodorant, mouthwash ...etc.> "You plus deodorant = everyone wins." Try to avoid crowded elevators on the 3rd day of hacker summer camp. You can thank me later.

*FOMO - "Fear of missing out" 

DEFCON 22: Braindump

THURSDAY: Registration, Swag and Defcon Wifi

This year's line was one of the worst compared from previous years.  We got at the Con on Thurs at around 9:20am and the line has already snaked like a Disneyland ride all the way out to the Rio pool area.  Luckily, a colleague introduced me to Priest, and he hooked us up with Human badges, skipping the lines and saving us at least 3 hours. Thank u very much, I'm very grateful indeed.  Later on the next day, Friday, we heard the electronic badges ran out.

This year's swag included an electronic badge (being an even number year) with a Parallax chip - blinky lights and a mini-usb port.  The usual con program booklet, 2 CD's (music and pdf of talks, short story + software for the badge).  Oh and the infra-red glasses.  Clues were on the floors and rotunda, as well as the signs for the badge contest.  The Welcome to Defcon banner actually says "Defcon is Cancelled" if you wear your infra-red glasses.

At 10:00am that morning, the swag line was basically non-existent.  10 minutes tops, this is probably due to most people were still in the registration line.  I got in line as  scheduled, and after browsing the items, I just got a couple of t-shirts specific to Defcon 22, and a bandana.   The usual items were there available - shot glass, flask, sport shirts, back packs, a lab coat, hoodies, notebook....etc. 

The next item on my agenda is to get the laptop connected to the Defcon network. (Note: Always connect to DefCon secure, not the DefCon-Open.  WoS operates on the DefCon-Open network.)  To connect to DefCon secure, you'll first have to register.  Just for once, connect to DefCon-Open to be able to register. After you are connected, navigate to the DEF CON 22: WiFi Login Self-Registration - wifireg.defcon.org. 

Note: Remember your Username and Password. You're going to need this to login to DefCon (secure).  From a Kali box, connect to the DefCon secure wifi.  When you get prompted for the security, navigate to the Wireless Security tab and set it to LEAP. Enter your username and password.

Thursday is actually a good day to visit the villages also, although most of them are not completely setup yet.  Surprisingly the Packet Hacking Village were already herding sheep by late afternoon on Thursday.  The Defcon 101 talks is a must for n00bs. They give good advice on how to make the most out your Con.  At this time, invest about an hour or so to go through the entire program booklet. Load whatever is on the info CD to your hard drive to make it easily available when you need it.  Transfer the PDFs to your phone or tablet for easy reference.  This is also a good time to mess around with the badge a bit.  If it's an electronic badge year make sure you have Parallax's Spin loaded and  make sure your Windows installation is running well.

The Vendor Area is closed on Thursday.

If some contest tables are already up, go register and get going with the contest.  Also, usually a few weeks before the Con, some contests registrations are already already available online.  Check their respective forums, websites or twitter accounts for updates.  Some contest, like CTP, have very limited slots available so get a head start in registering to ensure your spot at the con.  

Thursday's summary:

1. Register

2. Shop for Swag

3. Review the Program (while in line or not)

3. Connect to the DefCon wifi

4. Prep laptop for Contests

5. Register for contests

6. Visit the Villages

FRIDAY: Welcome Talk, Contests, Village Visits and Vendor Recon

A must agenda item for Friday is the Defcon Welcome talk.  If you're going after the badge mystery contest, you have to see this one.  DT most likely will show-up with some interesting info about the current con.  This talk is usually crowded so you'd want to get there early.  After this talk, you're basically free to troll the halls unless you have a pre-planned agenda for the day - which would be a good idea to maximize your time.

Friday is the really the best time to visit the villages and register for the contests you're interested in.  The villages will not be as crowded and the SME's are still fresh, and not hanged over yet.  Go visit the villages you're not familiar with for a couple of hours and learn something new.  Then settle in to the village you belong in.  While in the villages, try to acquire their schedule of talks or demos (these are different from the main con talks).  Note: Learn a new skill, keep an open mind and talk to people -  ask questions.

For this year, I registered on Warl0ck Gam3z, CTP and NFPC. This year, you needed to score some points and get on the score board before you get a free t-shirt swag.  It's all good and i totally agree with this new "policy".  I think Friday is also the best time to hit the talks while working on the preliminary rounds of the contests.  Friday is usually the day you'll quickly find out if you have the chaps to make it to the Saturday rounds or Not!  If you did not prepare your hardware, software and brain.... it's too late if you have to figure that out today.  Or you'll have to  stay up all night to figure it out.

The vendor area is most crowded on this day.  It was just jam packed, with Hak5 wifi pineapples flying off the shelf. It's shoulder-to-shoulder movements in the vendor 2.  If you're shopping for shirts, small and medium sizes will go out this day.  As far as hardware shopping, you can wait until Saturday.

This year, I hanged out at the PHV while trying to download stuff from the Defcon media server.  Wifi and bandwidth was actually good on early Friday but horrible on Friday and Saturday - damn u  Wifi Pineapples. 

Friday night is reserved for Hacker Jeopardy.  I missed half it due to they started it early before Hacker Pyramid.... didn't follow my own advice - "spend time to read the program".  It was OK and enjoyable as usual with echoing DFIT chants... but no more stripping for correct Daily Doubles?!@?!!! what!@#!>! a little dis-appointed.

The rest of the Friday night was spent trying to solve some contest problems.

Friday Summary:

1. Welcome to DEFCON Talk

2. Contest Area

3. Visit Villages

4. Troll the Vendor Area

5. Spend time in your village

6. Hacker Jeopardy

7. Solve Contest Problems/challenges

SATURDAY: Talks, Villages, Contest Run, Vendor Shopping

My first goal of the day was to hit the Vendor Area to get the items I need before they sell out.  I went to my fav village, PHV, to hang out and learn more techniques.  But really, I was just trying out new strategies on analyzing packets.  I'll be back next year with better ideas which i hope to test in CTP.  Note: CTP provided 2 static IP addresses per team competing.  You'll need a hub or switch and a couple of laptops to efficiently capture and analyze.  I will have to sit down and re-evaluate this.   I was not really interested in any of the talks this year, to I did not go to any.

Saturday is the most crowded day in Defcon.  A river of people will flow on the hour every hour as talks end and people move to another track.  While trying to solve a problem form Warl0ck, one of the task was to pick a lock... I didn't know how to pick that specific lock so I decided to go to the Lock Picking Village to learn.  As I walked in, each table was full and no space available.... SOLUTION: I discovered that the Vendor Area is a good place to learn lock picking, minus the formal lock picking talks - the lock vendors can rival the LPV.  The sales people will spend as much time to teach you how to open locks until you open one... I actually got a lot of lock picking lessons from the vendors.I also visited the contest area to watch some competition to learn what they are doing.  I killed about an hour there. Then back to the WoS where I belong!

Saturday night, just like Friday, is Hacker Jeopardy night.  Once again, it was fun but not like the previous year's vibes.  I decided to leach the Defcon media server for more content.  I got to chat with a fellow with his daughter who were attending Rootz Asylum.  Tried to solve more problems from the contests.  This is the night that i actually realized that I can only do one off site contest (Warl0ck) and one on-site contest (CPT).  For NFPC, I'll just grab the CD again and do it after hours.

For next year:

1. CPT

2. Warl0ck Gam3z

3. NFPC

SUNDAY: Contest Finals, Vendor Area fire sale, Contest Results, Closing Ceremonies

Catch a little more talks, hang out in the village you belong in.  At around 3:00 pm, some vendors are ready to bargain - so be sure to wheel and deal when you can.  Bundle up to get a deal.  Some T-shirts will be at 50% of at this time, so take advantage. 

Note: to get front row seats for the closing, get in line really early.