ROOTCON Blog

During ROOTCON 10, we introduced a new dedicated track for our Capture The Flag, with the comfortable CTF tables and chairs the game was well participated and was enjoyed by most of the players, not just the players enjoyed the game but as well as the spectators passing by. With the Chill-out track near by the CTF area you'll be tempted to Hack All The Drinks and Drink All The Booze.

Kudos to The Illuminated Beings for coming up with a very awesome challenges.




Here are the Statistics.

In-behalf of the goons and volunteers of ROOTCON I would like to personally say THANK YOU!

This years conference was an epic one.

The topics delivered were highly technical and we thank our speakers for that! The trainings were jam-packed, we are looking into expanding our trainings with different cutting-edge topics by next year. The games were well participated, receiving feedbacks that they enjoyed our Capture The Flag this year makes us to do more of it. The newly introduced Semprix’ Mysterybox didn’t gain much players, maybe it was too difficult I will try to adjust the difficulty next year.

With the newly introduced multiple tracks, the Capture The Flag had it’s dedicated area so players can focus more on the game with comfortable table and seats. The chill-out area was another best decision we had, through out the two day conference we consumed 70 liters of beer, awesome right?

The post-con party was pretty epic as well! We consumed 20 bottles of hard-drinks from Jack Daniels, Bacardi, to Mojito, 120 bottles of beer were served not to mention Smirnoff Mule sponsored us 400 bottles!

Right after the conference the goons were already brain-storming what more cool stuffs we can add to next year. Here are some stuffs to watch-out for next year.
1. We will introduce Fort ROOTCON, an area around the conference were tools and exploits have demos.
2. Hacker Jeopardy will be rescheduled for everyone to be able to attend.
3. Day 1 party and movie night will be held at the conference hall.
4. Capture the Flag will be extended from 10:00am to 11:00pm in-conjunction with the day 1 party and movie night.

Some pre-con activities we are brewing up.
1. Campus tour with student Capture The Flag.
2. Hackerspace in January
3. ROOTCON Kids will be introduced as mini-event around the month of May.

ROOTCON will continue to serve the hacking community specially in the Philippines, where hackers, geeks, pros will meet old and new friends, enjoy and of course learn from each other. With that said it wouldn't be possible without our awesome attendees, you rock!

Again I would like to say THANK YOU SO MUCH!

All the best,
semprix

REGISTER NOW!!!

Last year at ROOTCON IX, we had some awesome lineup of talks from 31337 speakers:

• How to Shot Web: Better Web Hacking in 2015 by Jason Haddix 
• BackDooring Git by John Menerick 
• Open Source Internet Infrastructure Insecurity by John Menerick 
• Unmasking Malware by Christopher Elisan 
• Hacking Time by Carlos Tingson 
• Hiding Behind ART by Paul Sabanal 
• Building Automation and Control: Hacking Energy Saving System by Philippe Z Lin 
• Detecting Indicators of a Compromise Using an SDN-Based Network Access Control Implementation by Mon Nunez & Paul Prantilla 
• Incident Response for Targeted attacks by Jose Ramon Palanco 
• How safe is my system from reverse engineering by Markku Kero 
• Fixing CSRF Vulnerabilities Effectively by Lu Zhao 
• Once more unto the data breach by Steve Miller 
• Oh My Honey: Honeypots (or honeynets) by Ray Torres 
• Understanding HTTP/2 by Nathan LaFollette 

• Real-life hack (responsible disclosure)
• Non-tech hacking
• New tool release
• Exploit Development
• Reverse Engineering
• Web Application Attacks
• Tools 101 (Metasploit, Nmap, etc…etc…)
• Wireless Attacks (3G, 4G, 802.11(x))
• Cloud Security
• Vulnerability Discovery
• OS Level Vulnerabilities
• Physical Security (Lock picking – Digital Locks or Digital Safes)
• SQL Injections
• Vendor Appliance Vulnerabilities
• Exploitation Techniques
• Mobile Security
• Internet of Things (IOT)

Another epic ROOTCON event has been nailed in history, not just on the ROOTCON history but a history in the Philippine Information Security industry. This year we took extra leap of challenge, we chose another venue for ROOTCON, it was a very hard turn-point for the ROOTCON logistics as we don't know the challenges ahead, but it turned out to be very epic!!!

Do you have the guts to earn the ROOTCON Black Badge? Then this is for you, ROOTCON 9 Capture The Flag pre-registration is now open.

You may now pre-register at  CTF Pre-registration Form

What is Capture The Flag?

The most mind-buggling game at ROOTCON, get ready for the RC9 Capture The Flag.

Our Capture The Flag this year will have two stages:

Stage 1 - Hacker Jigsaw - you will be presented with puzzles coming from different areas for security such as forensics, web app testing, cryptography, network analysis, wireless security and many more.

Stage 2 - Pawnstar - there will be boxes to p4wn each box corresponds to a certain point.

Prize:
3000 worth of Sodexo + 3 ROOTCON Black Badge
OR
4 ROOTCON Black Badge

On the day registration

During Day 1 registration please approach a registration goon and ask that you will register for the CTF.

What are you waiting for? Get that black badge and bring home your bragging rights.

We have good rates for our partners in cooperation with our hotel partners.

The following are the rates per night:

Taal Vista Hotel - Deluxe Room  http://www.taalvistahotel.com/

Twin sharing - Php5000.00 with breakfast buffet for two.
Additional head - Php1850.00 with breakfast.


The Lake Hotel - Standard Room http://www.lakehoteltagaytay.com/

Twin Sharing - Php4060.00 with breakfast buffet for two.

Direction from Lake Hotel to Taal Vista



To book your hotel email us at comms [at] rootcon dot org with the following info:

Subject: Hotel Booking (Taal Vista / Lake Hotel)

Name:
Email Address:
Mobile number:
Check-in:
Check-out:
Mode of payment: Credit Card / Cash:

Visit them at https://www.pandoralabs.net/

We always want everyone to come and join us, ROOTCON is giving away 10% discount from regular rate. Just type-in the promo code "hackallthethings" and get that discount!

What are you waiting for? Register now at https://www.rootcon.org/xml/rc9/register

credits to the owner of the photo

We received a lot of inquiries with regards to our price update this year.


Q: Why is there a price increase?
A: As much as we wanted to stick with the previous RC event prices we cannot, we need to adjust it according to our venue and logistics expenses 

Q: Why is the price increase high?
A: We adjusted the price according to the venue rates and logistic expenses. 

Q: Why not bring back RC event in Cebu for cheaper price?
A: We can do that, but its likely will going to increase as hotels are increasing their prices as well. 

Q: How much is RC9? early registration
A: Our price for RC9 will be P7450.00 

Q: How much is RC9 regular rate
A: Our price for RC9 regular rate is P8550.00 

Q: Is there still a group discount?
A: Yes, group discount is based on the regular rate, group price is P7700.00 

Q: Is there a student rate?
A: Yes, student rate is based on regular rate, student rate is P7500.00 

Q: How about the inclusions?
A: Our inclusions are still the same, official RC9 badge (electronic), lunch buffet, 2 day access to conference, and other swags. 

If you do the math, the expenses are still the same, if the event is in Cebu you will spend air-fare, hotel expenses, etc...etc... 

ROOTCON is dedicated to giving the best conference experience for our con-goers, the price will be worth-it compared to other infosec conferences in the country.

Date and Venue
The largest annual hacker conference in the country ROOTCON will celebrate its 7th year this coming September 12-14, 2013. The first day which is September 12 will be packed with workshops and training organized by our very own NexSquare Inc. followed by the con proper on September 13th and 14th.  After a considerable days of negotiating our venue to cater more attendees we came up with a verdict that we will be returning to Parklane International Hotel in Cebu City.

Activities and Workshops
This year our very own NexSquare Inc. are kind enough to organize workshop on the first day of the conference. Some of the pre-final workshops are as follows:

WiFu - Introduction to Wireless Security
Hacking 101 - Introduction to Hackery
Lockpick 101 - Introduction to LockPicking
Metasploit-Fu - Ninja training on Metasploit
Web App Security - Introduction to Web Application Penetration Testing

These workshops are introductory to trainings offered by NexSquare Inc. with a very reasonable price to CON-Goers.

We also have our pre-con activities; activities like:

WiFi Shootout
Pre-con gathering (H4xor BBQ)

Pricing
We wanted ROOTCON to stay the cheapest and yet the best hacker conference in town; we were able to maintain the price of Php2800.00 for two consecutive years; however economically our materials and logistics costs increased so in order to cover all of our expenses such us speakers airfare and accommodation, badges, swags, meals and venue we came up with a slight price increase, this is also in parallel to the price our venue is giving us. The price for this year's conference are as follows:

Early Pro Registration: Php3300.00
Early Student Registration: Php2800.00
Group of 5 Registration: Php14025 (less 15%)

Late Pro Registration: Php4300.00
Late Student Registration: Php3800.00

Stay tuned for regular updates on the following

Facebook: https://www.facebook.com/rootcon
Twitter: https://www.twitter.com/_rootcon_
Forum: http://forum.rootcon.org
Main Site: https://www.rootcon.org

We hope to see everyone at ROOTCON this year!!!!

Hackers Unite

All the best,
-semprix

Around 15:00 while upgrading the ROOTCON systems one of the ROOTCON Goons reported that there was a hacking incident on Sulit (an online buy and sell portal http://www.sulit.com.ph) the incident was claimed by ROOTCON.ORG and ANONYMOUS.

The Sulit website was replaced by the homepage of Ayosdito.ph, another classified ads portal in the country. Also, the title of the hacked page states: “ROOTCON.ORG We are anonymous. We are Legion. We do not forgive. We do not forget.” 

Sulit.com.ph temporarily shut down its site, and issued an advisory to the public via Twitter @sulit:“A relatively simple attack was made against us. We should be back online and back to normal in a few minutes. To be clear, only a 3rd-party vendor was compromised; our data, application, and servers were unaffected and are intact.”   source: http://infolikes.com/internet/sulit-com-ph-website-hacked/

The ROOTCON core group is composed of high level security professionals, we always ensure we observe proper ethics through responsible full-disclosure if given one of our members found a serious vulnerabilities on certain web application or network. The internet is a free world to live anyone can easily tag and use the name ROOTCON as part of their hacking adventure. ROOTCON is not an underground group we are a legitimate group registered under Security and Exchange Commission, we only provide neutral venue where enterprise, government and underground share best practice, latest trends and cutting edge security techonologies.

On behalf of ROOTCON and its Goons I would like to inform everyone that ROOTCON and its crew does not condone illegal activities like this and we are not part of the hacking incident that occurred. The attack was acknowledged by certain group which is NOT part of ROOTCON. This incident is another heads-up to our security professionals and system administrators to take information security seriously; its a crazy world out there.


Check out the Official Sulit Press Release

semprix (The Fork Meister)

Early Registration for ROOTCON 6 ended yesterday July 16, 2012 at exactly 12 midnight.

Regular rate registration is now open until August 17, 2012, since we want you to come!!! we are still giving away discounts get our group of 5 package and get 10% off.

What are you waiting for REGISTER NOW!!!!

http://rootcon6.eventbrite.com/
https://www.rootcon.org/xml/rootcon6/register

This year we introduce to you "The Secrecy" is composed of 10 levels, each levels has a secret / hidden phrase or word that you need to find for the players to proceed to the next levels.

Let the cracking begin!!!

Game Mechanics 
The objective of this game is to reach the top-most level which is level 10. In order to achieve that you need to pass each level and get the secret / hidden phrase or word.

The Rules 
1. NO DIRECT DDoS on the game servers.
 2. NO Physical Coercion on players and crew.
 3. Spies works on their own, this is a single player game. You can however have a handler to coach you throughout the game.
 4. Spies are resourceful breaking codes, so be like one ;-)
 5. Bring your own spy gears, laptop, AP, GPS tracking, whatever you think you will need.

Who Can Play 
Any ROOTCON attendee (except for the ROOTCON Goons).

When 
Start of the conference

Prizes Shining UberH4x0r Badge, which entitles you to be put up on the ROOTCON Hall of Fame, free entrance on the next ROOTCON Conference.

Crew / Agents / Handlers 
Encrypted84 Semprix (The Fork Meister)

More details at https://www.rootcon.org/xml/rootcon6/activities#secrecy

At ROOTCON we value everyone....CON-Goers, Sponsors and Partners. This year we are giving away our sponsors the opportunity to talk about what they do, this year we introduced "SpeedTalks". SpeedTalks is available to all major participating sponsors for ROOTCON 6.

The mechanics is pretty straight forward.

1. Avail one of the Major Sponsors of ROOTCON 6

• Platinum
• Gold
• Silver

2. Sponsoring company will send a delegate for their entry on SpeedTalks.
3. Sponsoring companies are given a blazing 10 minutes for their product demo / presentation and product updates.
4. SpeedTalks will be given on Day 1 and Day 2.
5. ROOTCON will align all schedules to the sponsoring company representatives.
6. NO QUESTIONS should be entertained during the SpeedTalk, the allotted 10 minutes is purely presentation / demo / talk. All questions should be addressed on the sponsors booth.

What are you waiting for? Contact our sponsorship liaison.

-Semprix

ROOTCON 6 Call For Papers is now close, we would like to thanks everyone who submitted. For those who were not accepted you can still enjoy the fun at ROOTCON by registering, socialize, network, learn and have fun.

New CFP submission has landed our Inbox.

Topic Details

Presentation Title: Randomized/Obfuscated Text Detection
Synopsis: Recent malwares have been using obfuscation techniques to hide its code from Antivirus software. Making use of emulation is very effective but would probably result in a slow performing machine especially when your valid apps are getting scanned from malwares. Thus, before a full emulation can be done, a static detection can help minimize this slow performance. Detecting the existence of obfuscated text segregates valid applications from malwares. This topic shows different methods on how to determine if a certain text is rather randomized.


Speaker: Reginald Wong
Speaker Background: Reggie has been in the anti-malware industry for almost 10 years doing research on different types of malwares. He currently heads the heuristics team at GFI Software Philippines and aims to detect malwares before they get in to your system.


More at https://www.rootcon.org/xml/rootcon6/tracks