$ ls -la -rw-r--r-- 1 user user 124 .dconfig.yaml -rwxr-xr-x 1 user user 2.1M dconfig Sample config:
"DB_PASSWORD": "flag...", "API_KEY": "secret123" dconfig 2
After ./dconfig apply , the system runs the attacker’s script. flagdconfig_2_config_injection_success $ ls -la -rw-r--r-- 1 user user 124
$ env | grep DCONFIG (empty) Try fetching config without a token: "API_KEY": "secret123" After ./dconfig apply
$ ls -la -rw-r--r-- 1 user user 124 .dconfig.yaml -rwxr-xr-x 1 user user 2.1M dconfig Sample config:
"DB_PASSWORD": "flag...", "API_KEY": "secret123"
After ./dconfig apply , the system runs the attacker’s script. flagdconfig_2_config_injection_success
$ env | grep DCONFIG (empty) Try fetching config without a token: