What Goes Into A Hacker Camp

August 10, 2022 by Jenny List 10 Comments

Long-time readers of Hackaday will know that we attend quite a few events, including summer hacker camps. Here in Europe this year there are two large events, the British Electromagnetic Field, and the Dutch MCH, or May Contain Hackers. These events are put together by volunteers from within the community, and as part of the MCH setup I noticed they needed drivers for their off-site logistics. I have a licence to drive medium-sized trucks in Europe so it seemed like a perfect fit. I traveled early on the first set-up day to the Dutch city of Utrecht, and found myself behind the wheel of a large Volkswagen box van. My brief career as a trucker had begun!

An Empty Field Of Dreams

A field with a few tents and a blue sky — The tents stand in isolation at the end of day one.

The Netherlands is a relatively small country and the MCH site at Zeewolde is roughly in its centre, so while the traffic could be heavy the distances weren’t large by American or even British standards. There were however a wide variety of loads waiting for me and my fellow driver, and a few obstacles such as the hottest days of the year and angry Dutch farmers blockading the roads. If you’re interested in the logistics behind a large hacker camp then our journeys provided an insight that maybe wandering around the field doesn’t quite deliver.

Arriving on site on the first day gives a perspective on how much of the infrastructure comes from specialist contractors and thus isn’t delivered by the hackers. Articulated trucks from the marquee company were disgorging the main tents, with their crews expertly assembling them in record time. The toilets and showers were arriving as self-contained hook lift container units, and yet more contractors were delivering fencing or tables and chairs. I can add the power infrastructure to this list, but due I’m told to delays at another event this wasn’t on site on the first day. Continue reading “What Goes Into A Hacker Camp” →

Photo of the MCH2022 badge's screen, showing the "Hack me if you can" app's start splashscreen, saying "Service is accessible on IP ADDRESS : 1337"

MCH2022 Badge CTF Solved, With Plenty To Learn From

August 7, 2022 by Arya Voronova 3 Comments

Among all the things you could find at MCH2022, there were a few CTFs (Capture The Flag exercises) – in particular, every badge contained an application that you could try and break into – only two teams have cracked this one! [dojoe] was part of one of them, and he has composed an extensive reverse-engineering story for us – complete with Ghidra disassembly of Xtensa code, remote code execution attempts, ROP gadget creation, and no detail left aside.

There was a catch: badges handed out to the participants didn’t contain the actual flag. You had to develop an exploit using your personal badge that only contained a placeholder flag, then go to the badge tent and apply your exploit over the network to one of the few badges with the real flag on them. The app in question turned out to be an echo server – sending back everything it received; notably, certain messages made it crash. One man’s crashes are another man’s exploit possibilities, and after a few hacking sessions, [dojoe]’s team got their well-deserved place on the scoreboard.

If you always thought that firmware reverse-engineering sounds cool, and you also happen to own a MCH2022 badge, you should try and follow the intricately documented steps of [dojoe]’s writeup. Even for people with little low-level programming experience, repeating this hack is realistic thanks to his extensive explanations, and you will leave with way more reverse-engineering experience than you had before.

The MCH2022 badge is a featureful creation of intricate engineering, with the ESP32 portion only being part of the badge – we’re eager to hear about what you’ve accomplished or are about to accomplish given everything it has to offer!

The Hackaday Summer Camp Survival Guide

August 3, 2022 by Jenny List 19 Comments

It’s a feature of summer for us, the round of hacker camps in which members of our community gather in fields and spend a few days relaxing and doing what we do best. This summer I’ll have been to four of them by September, one of which was unexpected because a last-minute ticket came my way. For Hackaday they’re a chance to connect with our readers and maybe see come of the coolest stuff in person.

If you consult the wiki for your hacker camp of choice then you’ll usually find a page of tips about what to bring. Starting with a tent and a sleeping bag and probably going on to sunscreen, a hat, and maybe how to avoid dehydration. I’d probably add spare toilet paper and disinfectant spray in case the toilets are nightmarish. All very practical stuff, but expressed in a dry list format that doesn’t really tell you what to expect. A hacker camp can be overwhelming if you’ve not been to one before, so how do you get the best out of it? Here are a few tips based on our experience. Continue reading “The Hackaday Summer Camp Survival Guide” →

An illuminated MCH2022 sign composed of large LED letters

Mutually Crafted Happiness: How MCH2022 Happened

August 2, 2022 by Arya Voronova 16 Comments

Just a few days ago, MCH2022, a six day long hacker camp in Netherlands, has concluded – bringing about three thousand hackers together to hang out. It was my first trip to a large hacker camp like this, as I’ve only been to smaller ones, and this story is coming from someone who’s only now encountering the complexity and intricacy of one. This is the story of how it’s run on the inside.

MCH2022 is the successor of a hacker camp series in the Netherlands – you might’ve heard of the the previous one, SHA, organized in 2017. The “MCH” part officially stands for May Contain Hackers – and those, it absolutely did contain. An event for hackers of all kinds to rest, meet each other, and hang out – long overdue, and in fact, delayed for a year due to the everpresent pandemic. This wasn’t a conference-like event where you’d expect a schedule, catering and entertainment – a lot of what made MCH cool was each hacker’s unique input.

Just like many other camps similar to this, it was a volunteer-organized event – there’s no company standing behind it, save for a few sponsors with no influence on decisionmaking; it’s an event by hackers, for hackers. The Netherlands has a healthy culture of hackerspaces, with plenty of cooperation between them, and forming a self-organized network of volunteers, that cooperation works magic. Continue reading “Mutually Crafted Happiness: How MCH2022 Happened” →