Time for another KubeCon, time for another CTF from ControlPlane. Let’s do it!

As is tradition, it is another CNCF event with ControlPlane running another CTF. This time in Seattle at CloudNativeSecurityCon. Let’s have a stab at these 3 fresh new challenges :D

Once again, ControlPlane are running a Kubernetes CTF at Kubecon EU 2024. As always, I enjoy taking part in these as they make some really good challenges. They had 3 challenges as always, and this post goes over how I approached the challenges.

I recently had the chance to try the K8s LAN Party by Wiz, which is the latest version of their mini-CTFs before conferences. The last one was the EKS Cluster Games which was good fun, so I was excited to try this as well. Unfortunately, it came out whilst I was on holiday so didn’t have a chance to do it straight away but promptly did it on my return.

Following on shortly from the EKS Cluster Games was Kubecon NA 2023. As is tradition, ControlPlane ran an absolutely amazing CTF which encompassed a number of areas of Kubernetes security from container breakouts to manipulating network policies. So of course, as always, I took part. This post goes over the three scenarios they had, and how I approached them - from what I remember at least.

I recently had a lot of fun doing the EKS Cluster Games by Wiz, I’ve also been meaning to get into writeups when I do these kind of activities, and this felt like a great one to start on. This is my writeup of how I approached the challenges.

It is common for me to see VPCs that are unable to communicate with the public internet to achieve a “private” network. This is typically done to reduce the attack surface of the network, aiding in its security. For example, making it difficult to establish Command and Control (C2) channels, reducing public exposure of sensitive endpoints, preventing data exfiltration, etc. It is also quite simple to do, just don’t deploy resources such as an Internet Gateway.