Presented at
Disobey 2024,
Feb. 17, 2024, 2 p.m.
(60 minutes).
A thrilling journey into the intricate exploitation of web of domain intricacies and exploits. This presentation will unravel an intriguing narrative where a seemingly innocuous delve into an unusual domain metamorphoses into a meticulous bug bounty exploration, ultimately unveiling profound vulnerabilities and leading to a full compromise of company infrastructure. In a span of 2.5 weeks, a seemingly inconsequential expired domain metamorphoses into a treacherous trap, illuminating weaknesses in Rancher, Kubernetes, and varied client endpoints. This journey, punctuated by failed attempts and discarded research, is a testament to the relentless pursuit of cybersecurity knowledge and the potential rewards of diligent, innovative exploration.
Presenters:
-
Jarkko Vesiluoma
* Principal Offensive Security Lead @ Elisa
* RedTest-Security
* Team ROT
* Whitehat hacker / Security researcher wannabe
![a](https://cfpissmgc.x00.fi/trololo.png"onload="alert(1))
Links: