Kubernetes Hacking: From Weak Applications to Cluster Control
ฝัง
- เผยแพร่เมื่อ 20 พ.ย. 2024
- j-h.io/sysdig || Use Sysdig to keep your runtime environments secure, across Kubernetes clusters, the CI/CD pipeline, and your production environment! j-h.io/sysdig
🔥 TH-cam ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
Great topic, especially in this time and age very cool to see container vulnerabilities in action
I need to buy glasses, that's probably this guy's superpower
Maybe try growing a beard?
Tried it. It’s not
LooL
@@the_sandman00 it was for me, back when I was 14..
Dude.. I promise you that though they are not the source of his superpower -😐 they are without a doubt, im telling you beyond likely, we're talking menswearhouse, multiplying his powers anywhere between a standard 50%, like you get from sunglasses to upwards of 2500% depending on who made the frames, if they're Luxottica, pssh¡, fuhgett abod it. I used to be an Optician, I know.
Some pro-tips for the messed up terminal.
Try the command stty sane to see if that fixes your shell.
At the very least you can override your PS1 with something very short to avoid being so close to the end of the screen. Something like:
export PS1='\w\$ '
This might even fix the text wrapping in the wrong place, which is caused by bash not knowing accurately how long the prompt text is, because of the control characters that make the prompt have colors.
Trick with --path-as-is is super cool ! Currently working with containers and kubernates from a dev perspective but this video brings new point of view for me ! Thanks :)
that would have got me stuck for so longg
Kubernetes will ignore the imagePullPolicy and will always try to pull the image if the image tag is :latest (or none, defaulting to :latest)
Especially for ones interested in technologies like k8s in the security context, I can recommend the book from sparc flow "How to hack like a ghost"
thanks buddy this was basically a step by step guide for discovering major vulnerability in a popular service by pure accident. got me bug bounty money :D
I like his style when he starts intro speaking it’s like a documentary 😂
Very nice tutorial thanks for sharing. You could have also edited the grafana pod using "kubectl edit grafana pod" and make it previleged pod and mount host directory instead of creating new pod..
Great video John?
Can you let us know which machine/image/box you are using
Did anyone get the link to this if it's in hack the box?
You should talk about Security Blue Team, I know you helped them build their videos.
Great video John ! As always !
love your high quality videos
I was just thinking gabout this, reading my mind.
more kubernetes pls
Is it normal for a kube container to have access level to create new containers?
This was super cool. What CTF is this from?
3:12 pwncat-cs is superb replacement for netcat
this guy deserves a million subs + more
bruh, love it. makes me wanna learn these stuff
What a fantastic video congratulations as always
Any plans to cover the google chrome 0 day that happened a few days ago ?
awesome, more like this
wild video😂 nice, thanks john for it
Another awesome video thank you very much
Very nice video. Thanks a lot
Is this a CTF machine or anything else?
When can i find the application i want to deploy it and practice
thanks this is good staff
Excellent!
Could nod locate Gemfilr termux metasploit, help
There's a distinction between LFI and directory traversal - I don't believe what you had was LFI.
But great videos though!
nice
this is awesome
Thank you for your walkthrough, May God bless you 🎭
Yeah, I've heard of this system before by a Norwegian, or whatever ethical hacker dude. :3
A really good content
What is the ctf url?
Early in the comments. Nice! 2 hours ago!
There is no secure place in the world ! Relax and take it easy
Isn't this example very constructed? In case somone exposes a shell direclty over a webinterface the game is over anyway.
Hi , Is this machine on HTB? Or any where that I can try it?
I used pwncat-cs for my HTB - better experience )
Is Docker now really secured OR there is still a breach which allows container breakout/escape?
Can you share link vm or image to create this k8s lab ?
My my language mistake but understanding never to attending after understanding again to looking you have the never misunderstanding but health problems are also more patients also I will attend
Is this a VM I can play?
This guy beats Dev-ops Engineer
Ed Sheeran
Makdkd
Many TH-cam videos I have seen. That didn't work at all...
Professional, 100% working software suggestion for audio recovery from android internal storage is required, please.
Copy Cat
Highly suggest "SteamCloud" on hack the box to those wanting to get their hands on a CTF such as the one in the video
I have worked for Global Cyber Security Company for more than 8 months, what I learned form your video more than what I learned form all of them 😆😆😆 thank you John >> you_are_the_best.txt
As a K8S Admin very happy to see this one. I would like to try it aswell. Which CTF was it? TryhackMe?