This walk through of TryHackMe room “Frank and Herby try again…..” goes over how to escape from a container to take over the underlying node.
This room is a sequel of Frank & Herby make an app which is also Kubernetes themed.
This post goes over some of our methodology & rationale when we created this year’s (2024) Northeast Collegiate Cyber Defense League competition environment.
Topics that I’m planning to cover
I also have another post going through the CTF challenges we released
Warning Spoilers!
This walkthrough goes over the 5 Kubernetes LAN Party challenges created by wiz.io.
Warning Spoilers!
This writeup goes over the challenges created by the Black Team leading up to the 2024 Northeastern CCDC Competition.
There were a total of 4 challenges:
I also go into our thought process when making the challenges.
Learn how the misconfiguration of containers can lead to opportunities for some and disasters for others.
Exploiting Kubernetes by leveraging a Grafana LFI vulnerability
Breach Umbrella Corp’s time-tracking server by exploiting misconfigurations around containerisation.
Warning Spoilers!
This is a write up the CloudGoat scenario rds_snapshot scenario and was created by the Best of the Best 12th CGV Team (Yong Siwoo, Park Do Kyu, Park Seo Hyun, Jung Ho Shim, Chae Jinsoo).
This post goes over how to setup single sign on ArgoCD. I use GitHub for the OAuth client but any client should also work.
Warning Spoilers!
This is a write up the CloudGoat scenario sqs_flag_shop and was created by the Best of the Best 12th CGV Team (Yong Siwoo, Park Do Kyu, Park Seo Hyun, Jung Ho Shim, Chae Jinsoo)