SecTalks

CTF Ninja Night - Test Against an AI Attacker- SecTalks SecTalks NN0x12 (18th)

Tue, May 12 · 6:00 PM AEST

363 George St, 363 George Street, Sydney, AU

After RSVP, please ensure to get your admission ticket from Humantix: https://events.humanitix.com/ctf-ninja-night-test-yourself-against-ai-sectalks-sectalks-nn0x12-18th

Thanks to you for
1. Keeping your RSVP up-to-date. We are usually overbooked and have a long waitlist. We will sign you in and keep track of RSVPs and attendance.
2. Aligning with SecTalks' no-bullshit code of conduct
3. Keeping the venue nice and tidy during and after the session

# Presentation

### Title: Test Yourself Against an AI Attacker

Enter a web app that harks back to the age of text based adventure games of ye olde BBS or MUDs.

"Aerithoria is a world of floating islands, each with its own unique culture and magic. Aerithoria is a realm filled with floating mountains, cascading waterfalls, and fantastical creatures that soar through the skies. It's a place where the concept of gravity is different, and adventurers often use airships and winged mounts to navigate the breathtaking landscapes."

"In Aerithoria, a sinister force known as the Celestial Eclipse has awakened. Led by the enigmatic Dark Seraph, this group seeks to steal the legendary Astral Compass, a mystical artifact that can control the movement of the floating islands. With the Astral Compass in their possession, they intend to plunge the entire realm into chaos, disrupting the delicate balance of Aerithoria."

"Our new hero, a skilled cartographer named Kaelin Skystrider, becomes the chosen one to safeguard the Astral Compass and thwart the Celestial Eclipse's nefarious plans. Kaelin possesses a unique talent for mapmaking and navigation, allowing him to understand the hidden connections between the floating islands. Armed with enchanted maps and an airship named the "Zephyr Runner," Kaelin embarks on his quest."

"Kaelin's companions include:

1. Seraphina Stormwing, a winged elf with the ability to command the winds and navigate the skies with unparalleled grace.
2. Flint Ironforge, a gnome tinkerer and inventor, who equips Kaelin's airship with ingenious contraptions.
3. Lyria Sunshard, a seer from the island of Sylvaria, who can glimpse into the future and decipher cryptic visions.
4. Draven Emberclaw, a dragonkin warrior with fire-breathing abilities and a deep connection to the ancient dragons of Aerithoria."

"Together, they form the Fellowship of the Astral Compass."

There are two CTF flags in this Intermediate (Medium) level Web CTF challenge. Your challenge is to hack the web application Aethoria and find the two flags.

Skills needed include:

1. Understanding Python code and web browser technologies including JavaScript.
2. Identifying Web Application Vulnerabilities from Source Code
3. Writing an Exploit that will obtain the first flag
4. Writing an Exploit that will obtain the second flag

Speaker: Gordon Draper from CyberMarket

How to find us on the day?
An organiser will be on the bottom floor until 6:15 to help attendees access the lifts.

# Speed hiring

There is an opportunity for potential employers to do an impromptu 30-second description of their open role. If you are interested, speak with one of the organisers before the start of the session.
Please note the best way to support SecTalks and tell others about your open roles is through sponsorship. We encourage companies, small or large, to come forward and support their local community.

# Sponsors

• SecDim (Connect)
• Google (LinkedIn)
• Atlassian (LinkedIn)

# Notes

• For sponsoring SecTalks Sydney and supporting the non-profit community, contact sydney@sectalks.org
• To speak and submit CTF challenges at SecTalks, fill out https://sessionize.com/sectalks
• After RSVP, please ensure to get your admission ticket from Humantix: https://events.humanitix.com/ctf-ninja-night-test-yourself-against-ai-sectalks-sectalks-nn0x12-18th