TUDev presents:
Local Hack Day @ Temple

A 12 hour hack day that brings together the local hacker community to celebrate building awesome technology.

Who: This event is open to any university students in the Philadelphia area.
Unfortunately, we cannot allow high school students at this time.
Where: Temple University, Howard Gittis Student Center, Room 217
When: December 2nd, 2017; Schedule Below
Cost: FREE!
What should I bring?
Hackers should bring their own devices (laptops, phones, any hardware they may need, chargers, etc.), a form of ID, and anything else they might need all day.
Questions? Contact [email protected]

Sponsorship
Interested in sponsoring? Click the button below to view our sponsorship document, and please don't hesitate to email us with any questions you may have.

Register Today! Interested in sponsoring?
lhd logo


Schedule for LHD 2017F

Doors Open

10:30am

Kickoff / Opening Ceremonies

10:45am

Hacking Starts

11:30am

Lunch

12pm

Tech Talk by SEI: Spring

1pm

Tech Talk by SEI: Angular 2 - Getting Started

2pm

Tech Talk by Unisys: Thinking Security - how security fits into the dev process

2:30pm

Tech Talk by CapTech: Being a Full-Lifecycle Developer

3pm

Tech Talk by Guru: React - Getting Started

4pm

Tech Talk by Elsevier: Getting Started with Docker

5pm

Tech Talk by Vanguard: How to Build your own Financial Services Company - APIs, LEAN Development, FRAPI

6pm

Dinner

7pm

Submissions Due, Show & Tell, Judging Begins

8:30pm

Closing Ceremonies

9:30pm

~ FIN ~

10:30pm

LHD Sponsor Challenges



Listed below are the Sponsor Challenges for LHD Philly


SEI

Combine Finance and Technology in a way that benefits the community

Captech

No specific challenge. We will be looking for best/most interesting overall hack. Combination of creativity, innovation, and technical challenge.

Elsevier

Develop an application that helps manage a hackathon. It could help with the organization of the hackathon (communications among participants/mentors/sponsors). It could also help the judging process. Ideally, the application will utilize cloud-based APIs and systems like Amazon or Azure to provide a scalable solution. The application could be browser based solution, or a mobile application.
The project will be judged on:

Guru

Use either React or React Native to build your application. Submissions will be judged on appropriate usage of React concepts and general best practices.
Some things we would like to see:

Unisys

Best mobile security solution. Teams can work on any topic in this area, if they are looking for guidance here are some suggestions:

Vanguard

Best Finance Solution. How can we better servce our investors?
Some potential areas of opportunity include:

LHD Philly Side Tasks



Hackathons can be an intimidating task to overcome, especially for first time hackathon goers. So if you're not sure where to start with you're project or if you're just looking for something to do, these challenges are designed to give you a taste of a variety of different Computer Science related disciplines and make your LHD one to remember!


Challenge #1 - Basics of Cyber Security

    Part 1 - Port Scanning / NMAP
    Port scanning is a vital tool for information gathering during a penetration test. From these ports, one can move forward and attempt to exploit open ports with various attacks. 'nmap' is a tool that executes port scans to identify vulnerabilities about a network / IP Address / FQDN.
    Objective: Identify all open ports on 'scanme.nmap.org'
    To complete this challenge you'll need to download nmap from here. I also suggest reading through this and this
    Hint: Use 'nmap -p- scanme.nmap.org' to scan all ports of scanme.nmap.org

    Part 2 - Basic Reconnaissance
    A large part of CyberSecurity in general is figuring out and finding information that isn't necessarilly found too easily. Finding this information may take the form of scraping through files, looking through databases, scanning IP addresses, social engineering, and so much more.
    Objective: Find URL of the login Page
    This page is a landing page that tell's you to find the login page for the employee portal for the organization at hand. You're goal is to scrape through the files on the server to see if you can somehow get to that page.
    Hint: Use robots.txt

    Part 3 - SQL Injection
    SQL Injection is essentially executing SQL commands that you choose through input to the web form. This is able to be done when a form does not validate the input entered into the form. Thus, in theory, if you can have the form be evauluated as a true statement, in our case login, you can compromise the system. Here are some articles about SQL Injection: 1 , 2 , 3
    Objective: Find the flag returned after compromising the login system; it should resemble flag{...}
    This page is a login page for an employee login portal. You have no knowledge of any login credential but you do know that the login portal is vulnerable to SQL Injection attacks. Use this knowledge to compromise the login system and retrieve the flag.
    Hint: 'OR''=' evaluates to true when injecting