DefCamp Quals 2024 — CTF Infrastructure Vulnerability
From a popped shell to full Kubernetes cluster compromise — exploiting GCP metadata, kubelet credentials, and CSR auto-approval to bypass RBAC.
Pwn
Insomni'hack Teaser 2024 — Vaulty
Exploiting a format string vulnerability to leak the canary and libc, then ROP to shell via a buffer overflow in a password manager binary.