TL;DR Leak password using htop, shell escape using tcpdump + top
[link to full writeup](https://blog.jimmyli.us/articles/2020-11/HITCONCTF-Sandbox-Escape)

Original writeup (https://blog.jimmyli.us/articles/2020-11/HITCONCTF-Sandbox-Escape).