1. Coding Portfolio
I was struck the other day by the same feeling I had when I first made the pivot out of my military service into tech: a mix of inspiration and FOMO. Watching some videos from Joma Tech, Jabrils, Siraj Raval and really had me wanting to polish my programming skills.
I began by wrapping up one of my so-called “low-hanging” fruit projects, SUIDcheck. This was a nice way of easing back into some fairly easy python programming. I had started the project a while back as a way to bridge a need I saw in some of my penetration testing practice range efforts and finally got a working prototype released this month.
Shortly after releasing that project, I was inspired to start my current one. This project seeks to engage with the problem of Space Debris; if you are unfamiliar, space debris is the various kinds of clutter that remains suspended in our planet’s orbit as a result of various launches and collisions into space. The problem is that the amount of debris has rapidly grown since the 1960s and poses a risk to future launches. I wanted to draft a program that would ingest the tracking telemetry data that is publicly available and output a kind of predictive model for “safe” windows of opportunity to launch from an arbitrary site.
At this moment the program is still in development and pretty crude, but I’m happy enough with it to carry on. There’s been lot’s of learning about space, physics, and other related subject matter along the way too (which I’ve really found fascinating). Also as a coding exercise, I want to try and clean it up a bit and implement some more complex algorithmic solutions than I did with SUIDcheck.
2. End of Semester
I took my Final exam for my Computer Networks course today, which closes out the class for the Summer. While I know I passed the class (based on the available grades for previous work), I won’t know my final grade for the class for a while yet.
This class wasn’t particularly difficult, which was perfect for the shorter Summer session. I realized I made the mistake of failing to take advantage of early enrollment for the Fall session, so I don’t know yet what I’ll be taking. I’ve been dragging my feet about taking the Computational Systems requirement, Graduate Data Structures & Algorithms, so that may be next. Alternatively, since it relates to my present employment, I may take the Intro to Cyber Physical Systems Security course to learn more about ICS/SCADA hacking; I’m also tempted (and somewhat apprehensive over) taking the High Performance Computing course - which has great reviews but is likewise challenging.
3. ModiPwn
Schneider Electric disclosed a significant vulnerability impacting numerous Programmable Logic Controllers (PLCs) in use today in Operational Technology (OT) systems. The vulnerability - CVE-2021-22779 - was first discovered by Armis, a cybersecurity firm.
In brief, Scheider Electric PLCs use a proprietary UMASS protocol; this protocol includes a number of undisclosed commands which - in this case - enables an attacker to pull a hash from the vulnerable PLC. This hash can then be leveraged to attain full, unauthenticated control of the PLC by leveraging other documented vulnerabilities.
While the only demonstrations of this vulnerability are currently available from Tenable and Armis, neither has - thankfully - disclosed their proof-of-concept (POC) code. It also doesn’t appear that hackers have weaponized the vulnerability in the wild yet either, although my professional colleagues and I believe that this is just a matter of time. I’m hoping to have the opportunity to play with this vulnerability in the near future, but we shall see.
4. Synack
After clearing with my employer that my participation in bug bounty platforms was not a conflict of interest, I’ve gone ahead an moved forward with trying to join the Synack Red Team. In the interest of non-disclosure, I won’t detail the nature of the interviews/screenings Synack performs, but I have been relatively impressed with the process (in juxtaposition against their competitors, such as BugCrowd).
At this point, I’m awaiting a response from Synack as to whether or not I will join the team.