QuahogCon 2010 Humans vs. Zombies Game

QuahogCon 2010 Humans vs. Zombies Game

For those who are curious about some of the particulars of the game, here is what I gleaned from the goings-on at the ‘con (And from a lot of borrowing Jimmie’s badge, and soliciting button-presses from random ‘con attendees).

Spoiler Warning: If you want to try to disassemble, packet-sniff, or otherwise decode the Humans vs Zombies game completely on your own, don’t read on.

Most of this is just a brain dump, it’s not really in any particular order.

  • AFAIK, 5 types of badges existed: Human, Zombie, Cleric, Mussel and Uber. All of these attacks are explained later on in the “giant list ‘o attacks”, with the only exception: Mussels can attack either humans or zombies, and have no unique attack code.
  • I managed to peek at an instruction sheet for a Cleric that was left behind by one of the lovely ladies from the CORE table; however, it held no unexpected information. (Though it was quite nice, and fit with the story in the Attendee pamphlets/schedules
  • Attendees began as humans, and were turned into zombies by attacks from other zombies, or from coaxing from an Uber badge.
  • In the download provided at con-time (q10-pub.tar.gz), there lives a file known as rftest-rx.c. By default, this will list (over UART1), the unencrypted attack type and attack power of whatever attacks it hears.

    rftest-rx.c also has a line commented out that will print the entire packet received. Note that the packet [3] and [4] need to be XOR’d with packet [2] to make any sense. (<– Uber encryption) 
    [2] ^ [3] = Attack Type
    [2] ^ [4] = Attack Power

  • From soliciting keypresses, I managed to make a list of the following attacks/powers:
    1,1: Human Defensive
    1,2: Human Normal
    1,3: Human Offensive
    1,6: Human Critical Hit
    2,1: Zombie default attack OR attack with 1 LED of charge
    2,2: Zombie charged to 2 LEDs
    2,3: Zombie charged to 3 LEDs
    2,4: Zombie charged to 4 LEDs
    2,5: Zombie charged to 5 LEDs
    3,20: Cleric Heal Humans
    3,50: Cleric Heal Humans (Critical Hit)
    4,20: (Really? 4:20? *groan*) Cleric Turn Undead
    4,50: Cleric Turn Undead (Critical Hit)
    99,5: Uber ???
    99,6: Uber Epic Win
  • During his talk on 802.15.4 security regarding replay attacks, Josh Wright briefly showed the packets that he managed to sniff from an Uber badge, which turned anyone in range into any of the 6 modes (the 5 discussed above, and also ‘dead’.) He then proceeded to execute a replay attack on the audience, and it apparently hit @innismir (Ben Jackson) in the next room during his presentation. Twitter thread: [1][2][2.5][3][4][5]

I’ll add more here if/when I think of it, and once I start sniffing in earnest. I spent the entire ‘Con trying to reinvent the wheel… Apparently all the good stuff was in the q10-pub/firmware directory… I had been tweaking code in the q10-pub/tests directory. I still managed to sniff the above code, however I didn’t get transmit working in time to pwn the closing ceremonies. Totally looking forward to pwning whatever badge they throw at us next year, though.

2 thoughts on “QuahogCon 2010 Humans vs. Zombies Game

  1. Ya the badges were a lot of fun. Still playing with mine. I came in Saturday with an invincible badge that swapped between appearing as zombie or human and had fun watching people try to deal damage with no result. I couldn’t make Sunday, who won the contest? I’m curious what some of the hacks were. Maybe that will be posted later?

    1. This year there wasn’t so much a clear-cut winner as much as asking everyone who did something with his/her badge to come to the front; they had a show-and-tell of everyone’s badge hackery (hardware and software hacks) and spread the prizes out accordingly.

Leave a Reply

Your email address will not be published. Required fields are marked *