Hacking Behind the Firewall

SpaceDB This was my favorite challenge of the contest, as it mixed a real-world cubesat framework and technology you're likely to come across as a security engineer, in a convincing manner. The Problem The last over-the-space update seems to have broken the housekeeping on our satellite. Our satellite's battery is low and is running out of battery fast. We have a short flyover window to transmit a patch or it'll be lost forever. The battery level is critical enough that even the task scheduling server has shutdown. Thankfully can be fixed without without any exploit knowledge by using the built in APIs provied by kubOS. Hopefully we can save this one! Note: When you're done planning, go to low power mode to wait for the next transmission window Connecting to the challenge service spawns a kubOS instance, and a GraphQL service we can connect to: ### Welcome to kubOS ### Initializing System ... ** Welcome to spaceDB ** -----------------------

The Magic Bus Challenge This challenge involved analyzing a fairly simple bus protocol emerging from a modem looking thing upon connecting to the target port provided. From the challenge description: There's a very busy bus we've tapped a port onto, surely there is some juicy information hidden in the device memory... somewhere… Upon connecting netcat to the provided hostname and port, we're provided with a slowly scrolling stream of ASCII text. If you don't send anything, you end up with an output looking similar to this: Scrolling in this sort of fashion: A few observations: On each connection, we consistently see it starting with a "^3a", and ending in a "+." Other than +, ^ and ., we've purely got hex characters other than... ... the NO CARRIER message at the end +++ and NO CARRIER are session commands from the Hayes command set , usually used for modem control (commonly referred to as AT commands) Some experimen

Preface This year the US Air Force teamed up with DoD's Digital Service and DEFCON's Aerospace village to build a CTF - the first of it's kind - to hack satellites. I joined with some colleagues and their CTF team to get our numbers around half a dozen. We missed the top ten by ~50 points, which was disappointing, but shows the quality of the teams we were up against and that the tournament attracted. Since joining a Bay Area tech company, I haven't found much time or mental space for CTFs or bug bounties. But aerospace has a special place in my heart, and with numerous commercial launch companies massively driving down the costs to get satellites up, understanding the frameworks, communication protocols, physics, tools, history etc. is going to be super important. Before I get to the goods, a hat tip to the USAF & DoD for getting behind this. Satellites are going to become increasingly important in our day-to-day lives, and investing in bringing the security commun