Thuderdome

https://pwnedlabs.io/cr/thunderdome

ThunderDome is a fun and immersive multi-cloud cyber range that simulates a realistic company environment across AWS, Azure and GCP. You can expect to learn a lot about the "big three" cloud platforms, token abuse, web exploitation, Windows and Linux, and a lot more

To learn more: https://cyber-ranges.pwnedlabs.io/thunderdome-overview#overview

Challenge
Cloud Environment

Emerge through the breach

AWS

Pulled from the sky

AWS

An absent defense

Azure

A new wave (web of deceit)

Azure

Crossing the great divide

GCP

Joining forces as one

GCP

Infiltrate (open the gate)

GCP

Jaeger

AWS

Victory

Azure

Review

Thunderdome is an advanced multi-cloud cybersecurity training environment that simulates a realistic enterprise network across AWS, GCP, and Azure platforms. The lab presents a red team engagement scenario targeting a fictional pharmaceutical company, "Massive Pharma," which has recently migrated their infrastructure to the cloud with assumptions of default security adequacy.

This write-up will document my findings, the challenges I faced during the lab, and my overall approach. I tackled ThunderDome using a CTF player methodology, prioritizing flag hunting and moving aggressively through the environment.

Feel free to contact me on Discord @kabiet01 if theres any queries.

Note: All flag and credentials is redacted as per PwnedLabs request

Acknowledgement

Special thanks to the moderators at PwnedLab discord for answering my question. Huge shoutout to Yasir for replying to my spam whenever I got stuck 🙏

PreviousPageNextEmerge through the breach

Last updated

Was this helpful?