There is only ONE DAY LEFT until #Hacktivity2019 – The IT Security Festival in CEE and we would like to provide some important information for you regarding the conference.

Location of #HACKTIVITY2019
MOM Cultural Center

Csörsz str. 18.
1124 Budapest, Hungary

Google maps
http://momkult.hu/

You can travel to the conference by tram #59, #17, #61, bus #212 or taxi.

 

IMPORTANT INFO FOR VISITORS

 

Arriving

Doors are open from 08:00, the opening ceremony starts at 09:00, but you’ll have to register on the spot in order to get your armband, so please arrive on time! It’s more comfortable if you can take your seat relaxed and don’t have to rush, isn’t it?

 

Parking

If you come by car, you can park at the public parking places in the neighborhood, but you also can use the garage of MOM Park, the garage of LARUS Restaurant or Budapest Congress Center (you need to pay for all parking options).

 

Tickets/Check-in

IMPORTANT: Don’t forget to bring your tickets with you as you have to show it at the entrance to get your armband.

 

Electronic Badge

Please note that we can provide an electronic hardware-hacking badge only for those, who PURCHASED the ticket for #Hacktivity2019. The number of badges are limited and we can provide them only while the stock lasts! Thank you for your understanding!

 

For VIP Guests

Hacktivity VIP Pass holders can enter the conference at a separate entrance (left-hand side at the main entrance), they can enjoy the VIP lunch during the 2 days of the conference – along with the speakers/trainers/staff – in addition, they will get a HackPack that includes some cool stuff. (PLEASE NOTE that ONLY those will get the HackPack who has PURCHASED the VIP ticket and was not invited by someone. Thank you for your understanding.)

 

Coffee break

There will be two 15 minutes coffee breaks in the program both days. During this period you can buy coffee, snacks, and beverages at the Snack Bar on the Ground floor.

Lunch break

During the 45 minutes long lunch break, you can have some food and drinks at the Snack Bar.

 

Workshops

There is a pre-registration for workshops. If you would like to attend a workshop, you can register at this location until 19.00 pm, 24th October. If there are free seats left at the specific sessions, you can still join the workshop when it starts. Check out the schedule here! (Please note that 20 people can attend a workshop at the same time)

 

Leisure zone

As usual, there will be a leisure zone at the conference, where you can relax in beanbags and follow the presentations of the Security Theater on screen.

 

HackShack

On Friday you can visit the so-called HackShack, where the team of HackerSpace Budapest and HackSpace Szeged will provide software & hardware hacking challenges alongside SecureITeam.

 

HackCenter

On Saturday Security Dome is going to transform into a so-called HackCenter which is going to be the heaven for hackers who want to solve some exciting challenges, share their thoughts with each other, looking for a solution to a specified problem, or just have questions in a certain topic. There will be also 5-10 minutes of lightning talks where hackers can present their ideas or try their presentation skills. Do you have a topic or an idea that’s not fully developed? Bring it in and we’ll help you work it out! Maybe you can finalize and present it at the next BSidesBUD conference in March 2020. 😉

 

Are you ready to learn hacking Cryptocurrencies through realistic examples?

After the success of the CCTF game at BsidesBUD, the Hackerspace of Budapest (https://hsbp.org/) and the B9 Space of Gárdony (https://bone9.hu/) have created new challenges where you can steal cryptocurrencies from a private network. Dollars are counted too! Who can hack the most out of the system?

The game goes live on Hacktivity’s first day, at 9:00AM. Don’t worry if you are not present locally, because anyone can participate over the internet. However only the locally present top 3 will get the rewards which are:

1st: __________________ + 3 hours of Virtual Reality Experience at B9 Space

2nd: __________________ + 3 hours of 3D printing at B9 Space

3rd: __________________ + 2 hours of 3D printing at B9 Space

If you are just getting started with Ethereum or Bitcoin you can join the CCTF HelloWorkshops (https://hacktivity.com/index.php/workshop-sessions/) on both days of Hacktivity.

You can register your Ethereum address and team name on the CCTF site: https://cryptoctf.org/

Are you ready to pwn?

 

Speed Hacking

If you like CTF games, you will have the opportunity to try your skills at the conference as well! Visit the HackCenter and take part of the CTF challenges created by SecureITeam and the Hackerspace squad of Budapest and Szeged! As always, teams will compete for the two days, but instead of awarding the first team, there will be another challenge at the end of the second day. The first and second teams can take part in the SPEED HACKING COMPETITION. (The whole teams can participate but only one team member can sit in front of the computer.) Three medium difficulty challenges have to be solved in less than 90 minutes to win the CTF. What makes this interesting that players have to log in to a jumpbox (Kali Linux), and the screen of these jumpboxes will be displayed on a projector. Conference attendees will be able to follow how the best players play CTF in real-time. To make things even more interesting, two commentators will spice up the competition.

 

Key takeaways of SPEED HACKING:

  • CTF players can show who is the king of the hill.
  • Conference attendees can learn from the best.

 

Websocket CTF Challenge

One of our speakers, Mikhail Egorov prepared another CTF challenge related to WebSocket. You can find the tasks at the following URLs:

In his talk, Mikhail will explain the solution for the challenges.

 

Wall of Sheep

Our whole life depends on trust. We trust that whenever we go outside, no one attacks us. We trust in online financial services that our money is safe. We trust our Internet Service Provider that they do not abuse the information they have about us. But we rarely think about that whenever we connect to any network we trust someone we don’t even know. The goal of the Wall of Sheep is to demonstrate how much data we leak about ourselves (passwords, session cookies, smartphone unique IDs) without even knowing about this. Many people trust their VPN provider better than the network they connect to. But shall we trust these VPN providers? Shall we trust the Internet Service Provider of our VPN provider? The only option is to use end-to-end encryption based communications like TLS (formerly SSL).

 

HackerRank Game by Morgan Stanley

Go meet the security experts at the Morgan Stanley booth and try out their intellectually challenging HackerRank Game. The lucky one will win a JBL T500BT bluetooth headset.

 

BlackCell ICS LEGO Model

The purpose of the outdoor table is to model the everyday life of a small town.

Current platforms:

  • Water utility
  • Police and office complex
  • Leisure Center (Donuts, Shops)
  • Beach – Fishing Lake
  • Suburban area
  • Rocket System

Our goal is to illustrate security vulnerabilities in industrial controllers, to illustrate how damaging an attacker can be too critical systems, production lines, etc.

Currently, the water utility and the beach fishing lake have ICS control.

Water Utility: The motor operating the filtration system of the wastewater treatment system is PLC controlled. In the event of an outbreak, the attacker would be able to drain the sewage into the drinking water network, thereby infecting the entire population, cutting off the people from the clean water.

Beach – Fishing Lake: The chlorine kit used to clean the pool is supplied by PLC controlled motors. In the event of an attack, the engines dump the entire package into the pool, thereby saturating bathers and the water network with deadly amounts of chlorine.

Missile System: Provides surveillance and protection of the city’s airspace. When hacked, the rocket launcher becomes controllable and can inflict massive destruction on the attacker.

The city has a complete IT network: office building, police station, industrial controllers, rocket system. If they can successfully break into the grid, the most talented can reach industrial controllers and the missile system.

 

Twitter

If you do not have a Twitter account, make sure to register one and follow @hacktivityconf as it will be the official communications channel during the two days of the conference. If you mention us in a tweet don’t forget to use the official hashtag: #Hacktivity2019. 😉

 

HackChat

Stay at the venue after the last presentation on Friday and chill with fellow hackers! Use a beer coupon to refresh yourself (you will find them everywhere at the venue), we’ll take care of some music to maintain the good mood. People can stay at the venue and have conversations until 21:00 pm. After this time we’ll have to close the venue and prepare for the next day. Have fun and drink responsibly!

 

CPE Points

Don’t forget that you’ll be able to gain CPE credits by ISACA for attending the conference! You can find the ISACA stand at the exhibition area (on the First floor).

 

 

We hope that you’ll have a good time and #HACKTIVITY2019 will be a great experience for you again!

See you all at the conference!

The Hacktivity Team