James (0xJay)
I am James, I am 16. I work in Cyber Security as a Junior Security Analyst and an Offensive Web Application Trainer for HackTheBox. I have a background in Offensive Hacking/Penetration Testing. I started at a young age and went down the wrong path where I was investigated and arrested by the National Crime Agency/Federal Bureau of Investigation. I am eJPT Certified and thanked by various companies for reporting vulnerabilities.
Session
Initial discovery was from a Discord message; Some people were talking about having access to a Polar Orbit Satellite due to it not having any authentication. We knew this was a risk in the wrong hands. We decided to research the Web Application shortly after, we were able to get a shell and escalate our privileges. While on the system we managed to identify privilege escalation vectors while also performing source code analysis where we found further command injection vulnerabilities. To ensure other hackers do not kill our shell and patch the bug to perform malicious activities, we created a backup shell for president access!