BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsides-cymru-2023-2022//speaker//9KXUU9
BEGIN:VEVENT
UID:pretalx-bsides-cymru-2023-2022-8JRWD9@pretalx.com
DTSTART:20230211T143000Z
DTEND:20230211T150000Z
DESCRIPTION:Initial discovery was from a Discord message\; Some people were
  talking about having access to a Polar Orbit Satellite due to it not havi
 ng any authentication. We knew this was a risk in the wrong hands. We deci
 ded to research the Web Application shortly after\, we were able to get a 
 shell and escalate our privileges. While on the system we managed to ident
 ify privilege escalation vectors while also performing source code analysi
 s where we found further command injection vulnerabilities. To ensure othe
 r hackers do not kill our shell and patch the bug to perform malicious act
 ivities\, we created a backup shell for president access!
DTSTAMP:20260513T160540Z
LOCATION:Track 1- Dragon Suite
SUMMARY:Hacking to defend: How we hacked into a Polar Orbit Satellite and m
 anaged to get a full system compromise - James (0xJay)\, Josh Allman
URL:https://pretalx.com/bsides-cymru-2023-2022/talk/8JRWD9/
END:VEVENT
END:VCALENDAR