Gaurav RahejaforisBOringbig-o-of-engineering.hashnode.dev·Sep 13, 2022NULLCON Goa - Chapter 2022 | First ExperienceIf you are in the cybersecurity world by any means, you might have been aware of the NULLCON conference that usually occurs in March. Due to COVID, it was organized physically on September 9th and 10th, 2022, after two years. Since it was the first N...Discuss·164 readsnullcon
Pradeep Bhattaraipr0d33p.hashnode.dev·Sep 10, 2022Solving Assumptions of Life: Winja CTF | Nullcon Goa 2022Summary The challenge started with the web page accepting cmd parameter with only env command input. The output of the environment included AWS_ACCOUNT_ID and AWS_ROLE. After obtaining the credentials with assume-role, listing the available S3 bucket...Discuss·194 readsAWS
Pradeep Bhattaraipr0d33p.hashnode.dev·Sep 9, 2022Solving Crater Problem: Winja CTF | Nullcon Goa 2022Summary The challenge started with the description along with the Terraform state file. This challenge involved the misconfiguration within the AWS policy allowing any AWS account to perform multiple actions against the vulnerable AWS service configu...Discuss·1 like·553 readsaws cli