Hello, this is my write up of the Jolly CI/CD challenge for kringlecon 2022.
The aim of this challenge is to expoit the CI/CD pipeline and gain access to the wordpress server. I can say this is a pretty difficult challenge and really gets you thinking. The challenge requires knowledge of git and how CI/CD pipelines work.
Note: This challenge does take 4-5 minutes to start all of the containers required for the challenge.
Hello, this is my write up of the Prison Escape challenge for kringlecon 2022.
The aim of this challenge is to escape a container aka a container breakout. I must admit I did run down a rabbit hole when doing my first attempt but once I realised the answer it became quite obvious.
Below here we have the starting terminal which you see when starting the challenge. Typically the first thing I do when I have a shell whether it be a vm or container is check whether I have sudo privileges, most often than not low privilege users are given more sudo privileges than they actually need, this creates a security risk and path for an attacker to escalate to root.