kube-goat icon indicating copy to clipboard operation
kube-goat copied to clipboard

Published 20 hours ago verified publisher icon ksoclabs

As a user I need to be able to exploit an kubelet API with no authentication

Open jmbmxer opened this issue 5 years ago • 1 comments

Motivation

Zero-auth on a Kubelet causes major issues. This exercise should expose a kubernetes READ port (10255) to grab a pod with the key name being the CTF key.

Acceptance

10255 is open to the internet on this cluster exposing the read-only port of the cluster

Design Ideas

  • [ ] Public IP Address exposure or make users hit the kubelet IP from inside of the cluster?

Implementation

  • [ ] wip

Resources

  • https://labs.mwrinfosecurity.com/blog/attacking-kubernetes-through-kubelet/

jmbmxer avatar May 15 '19 03:05 jmbmxer

This is complete for GCP/KOPS

https://github.com/ksoclabs/kube-goat/commit/bed32699a39ed4aafb7222273e826071e3e48f8a

jmbmxer avatar Jun 27 '19 21:06 jmbmxer