►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
And
we
are
live,
welcome
everyone
to
our
second
ctf
live
stream
session
for
the
cloud
native
security
con
north
america
2021.
A
we're
we
hope,
you're
enjoying
the
ctf
challenges
so
far.
This
is
our
second
session
and
last
session
for
today,
and
we
also
have
another
set
of
great
speakers
for
you.
So
let
me
introduce
you
first,
my
fabulous
co-host
ashish.
B
Hello,
hello,
hello,
hello,
hello,
hello,
welcome,
welcome,
welcome,
see,
already
people
are
coming
online
as
well,
so
there's
someone
first
ibrahim
and
good
notches.
I
think
if
I
pronounce
it
correctly,
welcome
welcome
looking
forward
to
hosting
this
with
you
magnum
and
looking
for
another
awesome,
ctf.
B
Sure
who
do
we
start
with
first?
I
I
think
once
we
come
by
one
by
one,
are
we
gonna
bring
them
one
by
one?
I
think
we're
gonna
one
might
bring
them
one
by
one.
Let's
do
that.
B
It
going
lewis
yes
welcome
to
the
capture
the
flag,
how's
it
going.
C
Tired,
but
it's
a
good
time,
it's
been
a
long
day
and
lots
of
people
are
capturing
flags
now
and
it
seems
like
everyone's
having
a
fun
time.
They
better
be
having
a
fun
time.
Please
say:
you're
having
a
fun
time,
but.
B
C
Yeah
but
we're
just
getting
started,
but
it
isn't
just
me
so
I'm
taking
the
role
of
taskmaster
and
goose
today,
but
there's
some
other
people
there.
So
again,
shout
out
to
michael
shout
out
to
steve
you're
going
to
see
someone
else
who
is
on
there
as
well
so
yeah.
But
you
know
it's
awesome
and
it's
lovely
just
to
be
part
of
it
again.
So
thank
you.
B
Welcome
welcome,
I
was
gonna,
say
generally
introduce
a
bit
about
tell
everyone
about
it
yourself,
louise.
Yes,
this
is
louise.
C
Yeah,
I
know
this
is
still
me.
If
you
want
to
know
more
about
me,
you
can
look
at
the
last
stream.
My
favorite
color
is
blue.
I
I
think
that's
pretty
much
it
for
now,
but
it's,
I
think
it's
a
lot
more
interesting
people
who
are
coming
up
our
way
next,
so
I'll
I'll
I'll
pass
the
floor
to
them.
Awesome.
D
A
B
Good
good
to
see
you
and
as
well,
I
think
the
way
we're
doing
this
is
we're
telling
our
favorite
color.
As
for
what
lewis
did
and
a
bit
about
yourself.
E
D
B
Yep
yep,
it
is
definitely
a
great
thing,
as
it
looks
really
nice
in
summer
as
well
on
people
just
for
people
who
may
be
interested
in
fashion,
but
welcome
nikki
and
well.
If
you
can
tell
us
a
bit
about
yourself
as
well.
That'll
be
awesome.
D
Yeah,
so
I
am
the
host
of
the
oauth
dev
slop
show,
and
I
think
I've
met
a
lot
of
you
via
that
weekly
live
stream
in
my
day
job.
I
work.
You
know
in
the
security
space
like
everyone
else
here
so
yeah.
That's.
D
Well,
you
know,
maybe
about
three
years
ago
somebody
was
like:
oh
we're,
gonna
build
this
whole
new
productionized
kubernetes
app
kubernetes
based
situation
with
like
dozens
of
apps
on
it.
What
do
you
think
about
security?
What
do
we
need
to
do,
and
I
was
like
so
that
led
me
down
this
journey
of
learning
kubernetes
and
getting
involved
more
in
the
cloud
native
computing
foundation,
so
out
of
necessity.
So,
thank
thankfully
everyone
was
here
to
help.
D
B
Yeah,
I'm
glad
I'm
I'm
I'm
so
glad
to
have
you
here
nikki,
but
I'm
looking
forward
to
having
hanging
out
with
you
as
well,
along
with
other
guests
who
are
coming
in
as
well.
Let's
bring
the
next
person
in
hey
jeffy.
It's
like
you
know:
you're,
not
surprised,
you're,
not
surprised
to
the
cloud
security.
Sorry
cloud
native
security
community,
but
you
wanna
still
take
a
moment
to
introduce
yourselves
to
people
who
may
not
know
you
who
may
be
in
the
live
audience
and
maybe
in
person
and
saying
hello
to
you
there
as
well.
F
Yeah,
definitely
I'm
I'm
duffy
cooley,
I'm
the
field
cto
at
I
surveillance,
I'm
also
a
member
of
a
somewhat
notorious
crew
called
sig
funk
and
we've
done
a
number
of
talks
to
try
and
get
security
sort
of
more
in
the
for
the
front
line
of
things
and
and
get
people
more
engaged
and
make
people
feel
welcome
into
that
space.
I
will
definitely
echo
exactly
what
nikki
said.
I
think
that
I
I
think
his
his
take
is
a
perfect
one.
F
You
know
like,
I
think,
I
think,
of
my
job
as
actually
helping
kind
of
develop,
that
community
spirit
make
sure
everybody
feels
welcome,
make
sure
everybody
feels
like
they
can
ask
any
question
anytime
and
that
you
can
actually
get
help
doing
pretty
much
anything
you
want
to
do
here
in
this
space,
and
so
I
love
that
you
said
you
know
I
I
reached
out
and
I
had
help
immediately.
That's
great.
G
B
Quite
a
few
fans
in
the
live
chat
as
well
philadelphia,
someone
just
saying,
hey
duffy
over
there
as
well
for
folks
who
are
watching
this
live,
feel
free
to
drop
in
your
favorite
color
as
well.
Consider
your
love
to
hear
what
other
people
have
their
favorite
color.
If
it's
a
it's
there's
a
few
honks
coming
as
well,
for
you,
man
or
I
haven't,
pushed
the
next
guest
as
well.
B
Oh
welcome
so
the
way
we're
doing
this
is
very
short
intro.
How
do
you
get
involved
in
cloud
native
and
your
favorite
color.
H
So
yeah
quick
intro,
I'm
co-founder
at
nermata,
and
we
are
the
folks
behind
kiverno,
which
is
a
admission
controller
and
policy
engine
in
the
kubernetes
space.
My
background
is
more,
you
know
software
development
on
the
operations
and
management
side
and,
of
course
you
know,
as
we
move
the
more
software
that
gets
developed
on
kubernetes.
H
One
of
the
challenges
we're
trying
to
solve
is
how
do
we,
you
know,
make
security
a
bit
easier
and
automate
as
much
as
possible.
So
that's
sort
of
my
foray
into
the
security
space
in
terms
of
favorite
color
any
of
the
solids
right
depending
on
I
guess,
time
of
day
or
day
of
the
week,
but
yeah,
mostly
like
the
blues
and
other
other.
You
know
solid
shades.
B
Oh
cool,
I'm
just
realizing
blue,
has
a
very
popular
for
popular
color
today.
I
wonder
whoever
listening
in
if
they
have
blue,
as
well
as
their
favorite
color,
so
feel
free
to
top
that
in
people
we
have
another
guest
as
well.
I
believe,
thanks
for
that,
jim
hey,
andy
how's
it
going
another.
Where
are
you?
Are
you
at
11
p.m?
Time
as
well,
or
are
you
actually.
E
I
have
invigoraled
my
way
into
the
united
states
of
america.
B
Yeah
you
sound
like
you're
smuggling
your
way
into
usa,
but,
as
you
may
have
heard,
the
way
we're
doing
this
short
intro
about
yourself
and
your
favorite
color
as
well.
Man.
E
Sure
well,
hi,
I'm
andy
ceo
and
co-founder
of
control
plane.
I'm
basically,
I
suppose
these
days
cloud
native
security
engineer,
but
I've
done
lots
of
development
and
operations
and
I
like
databases,
all
sorts
of
all
sorts
of
things.
My
favorite
color.
It's
probably
I
mean
it's
probably
going
to.
B
Be
superman
but
sure
she
just
realized
louis
andy
and
me
all
of
us
are
wearing
some
kind
of
hot
jumper
and
so
is
jeffy.
So
clearly
we
have
our
favorite
colors
there
like
she's
got
the
blue
and
someone
said
just
called
out.
You
have
a
hulk
mode
going
on
over
there
with
dripping,
it
will
be
off,
but
now
welcome
man.
Well
welcome
good
to
have
you
here.
How
did
you
get
involved
with
cloud
native
security?
E
Broadly,
I
was
lucky
to
be
in
a
team
of
like
one
of
the
best
teams.
I've
ever
worked
in
just
delivering
delivering
what
was
basically
like
an
etl
and
machine
learning
system
back
in
like
2014
and
docker
turned
up,
and
it
just.
It
was
obviously
the
the
next
thing
to
do.
The
next
computing
revelation
revolution
and
because
there
were
a
lot
of
badges
and
hacks
in
order
to
get
stuff
working
around
the
early
versions,
especially
looking
at
some
of
the
security
challenges
that
were
inherent
in
the
thing.
B
I'm
glad
you
are
with
us
for
the
past
seven
years.
We've
got
one
more
person
joining
us,
so
just
wait
for
the
individual
to
come
in.
Hey,
hey
james,
welcome
man.
Welcome!
Welcome
to
the
show.
B
B
Late
night
party-
fair
enough
now
I'm
from
australia,
so
I
guess
I
can
definitely
join
the
tea
party
there
for
sure.
So
don't
mind
me
with
that.
So
james,
the
way
we're
doing
is
a
bit
of
in
short
and
robot
yourself,
favorite,
color
and
yeah.
How
you
got
involved
with
the
community.
G
A
G
I
guess
how
do
I
get
involved
with
community
or
was
clark
native,
so
that
would
be
a
previous
role
working
as
a
consultant.
So
I
had
a
lot
of
exposure
to
different
clients
and
technologies
that
they
worked
with
and
just
slowly
as
companies
became
more
and
more
or
adopted
more
and
more
cloud
technologies.
We
sort
of
had
to
cater
to
the
the
security
needs
there
and
that
that's
where
I
was
yeah.
G
In
terms
of
favorite
color,
arguably
not
a
color,
but
I
think
I'm
going
to
go
with
black.
B
Here
in
this
group
as
well,
it's
not
even
funny
so
clearly
someone
someone
somewhere
loves
black,
quite
a
bit
as
well
so
you're,
definitely
not
in
the
majority
there
as
well,
my
friend,
but
I
think
that's
all
our
guests
so
far,
so
looking
forward
to
kind
of
talking
about
the
capture
flag
and
how
we
kind
of
find
other
people's
solved
challenges,
maybe
help
them
find
some
hints
hopefully
and
get
to
get
the
next
step.
What's
the
next
step,
magno,
I'm
all
to
you,
man.
A
Sure,
thank
you
think
that
was
great
introduction
yeah.
I
think
I'll
start
with
one
question
here
and
and
for
for
anyone
feel
free
to
to
pick
it
up,
but
maybe
before
we
go
into
the
ctf
challenge
like
what
do
you
think
are
the
most
common
mistakes
organizations
are
making
when
deploying
their
cloud
native
technologies
and
services
like
if
there
was
one
kind
of
advice
or
one
kind
of
recommendation
from
any
of
you?
What
would
you
suggest
there?
F
H
F
And
and-
and
I
think
that
kicks
off
like
an
important
point
about,
like
you
know
just
even
beginning
to
understand-
like
threat
modeling
in
general,
like
if
you're
going
to
deploy
applications
that
are
going
to
be
in
any
way
exposed
to
the
outside
world
figuring
out,
because
hopefully
you're
the
one
that
developed
that
application,
or
at
least
evaluated
that
application
for
its
purpose,
you
know
figuring
figuring
out
like
a
reasonable
security
model
around
that
and,
like
you
know
what
and
and
how
you
will,
how
you
will
respond
to
that
like
how
you're
going
to
configure
that
thing
in
a
more
secure
way
than
than
the
two-minute
tutorial
on
you
know,
wherever
you
found
wherever
you
found
it,
it's
probably
a
thing
I
wish.
D
Yeah,
I
agree,
I
think
you
know
things
out
of
the
box,
aren't
exactly
how
you
want
them
to
be
in
production.
You
know.
Is
it
a
great
idea
to
put
37
apps
on
a
kubernetes
cluster
with
no
network
network
segregation?
Did
you
know
that
you
could
actually
do
network
segregation
on
kubernetes?
You
know,
and
a
lot
of
these
concepts
are
the
same
things
like
these
are
the
same
concepts
as
they
were
20
years
ago,
but
you
know
kind
of
I
think
people
make
this
mistake
of
like.
D
B
H
Yeah
one
thing
I
was
going
to
add
on
the
previous
question
and
just
to
kind
of
echo
what
you
know
duffy
and
nikki
are
saying,
is
certainly
kubernetes.
The
power
of
it
is
all
the
you
know.
The
declarative
configuration
all
of
the
details
that
it
allows
you
to
configure,
but
knowing
want
to
get
what
to
configure
can
seem
dauntingly,
complex
right.
So
just
starting
with
you
know,
kind
of
learning
the
configurations
and
there's
great
references
out
there,
but
it
takes
some
time
to
understand
how
to
configure
things
like
a
bot
security
context.
A
For
sure
yeah
I
agree
like
it's:
it's
a
steep
learning
curve.
Until
you
have
it's
like
okay,
it's
maybe
it
would
be
kind
of
easy
to
deploy
a
cluster,
but
then
to
secure
it
and
have
it
properly
protected
with
all
the
kinds
of
security
tools
that
you
have
available,
then
then
it's
it's
the
next
step
right,
so
yeah,
yeah,
andy
lewis,
yep.
C
I'll
jump
in
for
a
moment
and
then
I'll
just
from
my
perspective
always
and
that's
that's
for
me,
the
beauty
of
cloud
native
is
everybody's
different
and
so
everybody's
got
different
ways
of
learning
everyone's
coming
with
different
experiences,
whether
it's
being
20
years
in
the
industry
or
you're
brand
new
to
this,
like
within
our
company,
we've
got
people
with
masters
and
their
doctors,
and
we've
got
people
who
left
school
with
nothing
because
they
hacked
the
network
and
then
they
broke
out.
It's.
C
I
think
it's
more
about
what
you
need
to
do
for
yourself
as
well.
It's
a
case
of
you
can
just
look.
You've
got
to
figure
out
what
it
is
for
you
like
for
me
when
I
started.
I
was
trying
to
go
for
all
these
like
dazzling
bits,
but
for
me
it
was
about
the
fundamentals
and
when
I
understood
the
fundamentals
rather
than
having
all
these
abstractions,
I
could
understand
what
those
abstractions
were
doing
and
to
me
that's
the
most
powerful
thing.
C
I've
ever
done
within
kubernetes
is
fully
understand
for
core
components
so
start
on
just
understand
linux,
and
it's
always
like
another
thing.
I
can
read
about
or
go
deeper
into
and
that's
the
beauty
of
this,
and
if
your
glass
is
half
empty
then
it's
sometimes
you
know
what
you
don't
know,
but
then
being
half
full.
It's
like
you've
got
an
opportunity
to
learn
something
new
and
for
me,
that's
that's
the
best
bit
about
what
I
do
for
a
living.
F
Yeah,
that's
awesome,
I
I
think
to
your
point
also
some
of
the
other
big
ones
that
I
see
companies
make
in
general,
regardless
of
whether
they're
deploying
cloud
native
or
deploying
software
or
doing
any
of
that
stuff
is
that
a
lot
of
cultures
lack
a
learning
culture
right
like,
and
that
I
think,
is
a
big
one
like
if
you
can,
if
you
come
at
pretty
much
anything
as
a
company
and
you
have
a
learning
culture
like
it's
actually
rewarded
to
explore
and
experiment
and
iterate
and
and-
and
you
know
be
open
with
that
stuff
and
you're
going
to
be
in
a
such
so
much
a
better
place
out
of
the
box.
G
I
I
definitely
agree
on
that
last
point.
I
think,
with
with
cloud
native
you're
you're
forced
to
you're
almost
forced
to
have
that
learning
culture
because
of
the
pace
of
development,
of
especially
projects
like
kubernetes
and
many
other
in
this
in
the
space
that
they
move
forward
at
such
a
pace.
If,
if
you
don't,
if
you
don't
have
that
that
learning
you're
left
behind
essentially.
B
Awesome,
oh,
that's
a
great
insight
there
as
well,
but
I
was
gonna
slightly
twist
this
a
bit
more.
I
was
gonna
ask
one
about
for
people
who
may
be
coming
in
for
the
first
time
may
have
kind
of
found
out
about
all
of
us
just
now.
B
Here
is
this
thing
called
kubecon
so
for
people
who
are
coming
from
that
perspective,
I
guess
what
resources
do
you
recommend
for
them
to
start
learning
about
humanity,
security
because
clearly
sounds
like
we
all
agree
that
defaults
are
probably
not
the
best,
but
is
there
a
resource
that
we
would
normally
point
them
to
for
saying
hey?
This
is
where
you
should
go
or
reach
out
to
any
of
the
folks
over
here,
but
just
this
is
where
you
should
go.
Where
would
you
send
people.
F
F
Yeah
it'd
be
super
tempting
to
say
you
know,
do
a
ctf,
because
that's
weird,
but
I
mean
in
reality,
that
is
a
great
way
to
get
started.
I
mean
you're
going
to
meet
people
you're
going
to
like
explore
problems
that
you
know
that
that
make
you
think
about,
wait
things
in
different
ways.
Another
one
is
that
you
know.
Events
like
the
cloud
native
security
day
is
another
good
one.
F
You
know
like
getting
in
here
and,
like
actually
understanding,
what's
happening
in
the
space
understanding,
you
know
how
how
people,
what
what
solutions
are
out
there
to
solve
security
problems
for
kubernetes
and
why
those
problems
require
those
solutions.
You
know
I
mean
like
like
really
like
taking
it
apart
and
I
will
say
it's
a
very
big,
complex
ecosystem.
F
It's
a
lot
to
learn
and
there's
a
lot
to
do,
and
I
will
also
say
that
I
think
it's
important
that
you
figure
out
whatever
approach
works
for
you
to
approach
it
like
it
could
be
that
you're,
like
you
know
what
I'm
going
to
study
admission
controllers
for
a
month,
and
I'm
only
going
to
look
at
that
and
then
I'm
going
to
I'm
going
to
look
at
pod
security
context
for
a
month
and
really
like
get
to
know
that
study
the
api
understand.
What's
in
there.
F
D
If
you
forget
about
that,
like
I
mean
not
serious
but
enough
right
so
with
k-ops,
you
could
actually
just
run
them
on
ec2s
or
just
regular
compute
nodes
that
aren't
special
and
you
can
kind
of
keep
that
really
trim
and
you
can
just
play
around
and
I
think
that's
a
really
great
way
to
try
to
learn
the
security
model.
I
think
by
pretending
to
be
a
developer
and
then
pretending
to
be
a
security
person
kind
of
where
those
things
overlap
is
is
generally
good.
Security.
B
F
Is
a
really
good
one,
because,
like
to
your
point
like
it's
just
perfect
for
like
setting
up-
and
it's
also
very
extensible,
you
can
configure
clusters
to
be
insecure.
In
fact,
there
are
whole
projects
around
that
you
can
also
attempt
to.
You
know,
make
a
kubernetes
cluster
very
secure
and
see
how
that's
going
to
work
out
for
you
and
like
try
your
different
security
models
and
stuff.
I
I
agree
with
the
hacker
thing,
though.
That's
the
way.
D
B
So
that's
a
great
question
because
I
think
that
hammering
on
that
point
no,
I
think
it's
a
good
one,
because
I
think
that's
what's.
Unless
you
can
break
yourself
and
some
talking
about
breaking
ourselves.
Someone
just
basically
said
breaking
production
forces
you
to
learn,
so
that
definitely
would
make
you.
So
I
guess
there
are
questions
coming
in
for
folks
over
here
as
well,
so
feel
free
to
drop
them
in
as
well
and
we'll
try
and
answer
them.
B
But
I
I
love
the
idea
and
anyone
else
wants
to
contribute
in
terms
of
I
know,
magno
has
his
own
github
repository,
which
we've
posted
as
a
link
over
there
as
well
so
awesome
resource.
I
think
cloud
security
podcast
ran
a
whole
month
of
community
security
where
magna
was
there
as
a
guest
as
well,
but
they
seem
like
a
lot
of
resources,
but
it
doesn't
feel
like
as
if
you
go
reach
out
to
the
community.
B
It
sounds
like
there's
plenty
of
good
information
out
there
for
you
to
learn
the
right
way.
Otherwise,
without
breaking
production,
try
and
hack
your
own
kubernetes
cluster.
That's
the
that's
the
that's
the
summary
of
it.
H
H
H
You
know,
so
you
can
see
what
types
of
exploits
can
be
can
be
performed
on
those
there's
another
kubernetes
simulator,
which
kind
of
shows
different
other
thing
misconfigurations.
That
can
be
done.
It's
also,
if
you're
looking
for
a
very,
I
guess,
a
high
level
resource
to
get
started
with
there's
a
good
paper
from
tag
security
on
cloud
native
security,
which
gives
a
great
overview
of
the
different
topics.
B
Awesome
well
actually
that
reminds
me.
Another
cloud
native
member
madhu
has
like
a
thing
called
cube:
goat
for.
B
So
that's
another
one,
I
think
there's
so
much
resources
in
the
community.
It's
just
worthwhile.
Just
looking
around
and
oh
there
you
go,
there's
a
security
white
paper
as
well.
You
can
just
keep
going
about
this,
but
so
many
resources
that
you
can
reach
out
to
and
at
least
find
out
about
this.
I
think
the
keyboard
is
a
different
resource.
I'll
update
the
resource
in
a
second.
C
I'll,
probably
just
start
that
as
well
just
with
a
ctf
that
we've
set
up
for
today,
the
basis
of
this.
It's
like
how
do
you
start
with
trying
to
figure
out?
How
do
you
build
a
cluster?
That's
misconfigured!
How
do
you?
How
do
you
start
this,
and
this
year
is
based
on
movies?
And
so,
instead
of
trying
to
find
that
creativity
from
looking
within
kubernetes,
you
look
for
something
else,
whether
that
be
movies,
music
or
something
so,
and
that
allows
you
to
then
think
about
your
infrastructure
a
little
bit
differently.
C
Then
you
make
a
little
bit
more
creative
and
fun
because
I
don't
know
if
you
all
remember
lan
parties
and
such
but
that's
effectively
what
we're
doing
with
ctfs
we're
trying
to
bring
people
together.
We're
just
in
that
room
and
part
of
it
is
to
learn
that
challenge.
Yes,
but
part
of
it
is
to
connect
with
other
people.
Ask
someone
for
help
as
well
all
these
things-
and
I
think
that's
that
point
as
well.
B
C
This
is
the
beauty
of
being
virtual
is
the
amount
of
filters.
I've
got
my
face
right
now.
It's
just
like.
A
Yeah,
I
I
totally
agree
with
louise
there,
like
with
the
cts
I
even
started
in
infosec.
I
come
as
a
developer
background
there
and
and
was
because
of
cts,
where
I
started
hacking,
web
applications
and
everything,
and
also
with
the
kubernetes
one.
There
was
a
workshop
that
they
did
on,
I
think,
was
kubecon
north
america
2019,
which
is
the
secure
kubernetes.com
website.
That
really
helped
me
a
lot
on:
okay,
understanding,
the
basics
and
and
some
of
the
attacks
there,
and
how
to
how
to
protect
your
cluster.
So
yeah.
A
I
think
that's
that's
a
great
segue
into
the
ctf
challenge
and
I
think
we
can.
If
everyone
agrees,
we
can
move
on
to
try
to
solve.
One
of
the
challenges
live.
E
Okay,
so
the
generous
and
benevolent
past
master
overlord
has
allocated
me
a
cluster
and
on
the
screen
and
get
involved.
It
would
also
be
from
his
of
me
not
to
mention
there
is
there's
a
book
coming
out
on
o'reilly
called
the
hacking
cubanettes
that
the
the
great
folks
at
control
plane
contributed.
A
huge
amount
to,
and
amazon
tells
me
because
I
pre-ordered
my
own
book
that
should
be
out
at
the
end
of
the
month,
potentially
looking.
F
E
Yeah,
exactly
someone
told
me
the
other
day,
james,
strong
and
someone
else.
Is
it
valerie?
I
can't
remember
a
fan
published
a
book
and
people
just
came
back
to
them
straight
away
with
the
typo,
so
I've
been
frantically
doing
the
final
scans
in
the
last
couple
of
days,
yeah
that
was
valerie.
E
Yeah,
cool,
okay,
so
I've
got
a
trust
bundle
in
we
go
all
right.
So
what
I've
done
here
is
I've
just
taken
the
the
trust
bundle
that
the
taskmaster
gave
to
me.
E
That
just
gave
me
some
configuration
an
ssh
key,
and
here
we
go
so
I'm
now
into
a
pod
in
a
cluster,
and
the
goal
of
the
scenario
is
to
pivot.
Out
of
the
initial
foothold,
ultimately
find
the
flag.
And,
yes,
there
may
be
orthogonal
references
to
the
prestige.
C
A
F
B
C
So
someone's
also
referenced
using
cube
cuddle
within
the
chat
as
well
so
well,
depending
on
how
you
get
with
this
now,.
C
But
in
that
movie,
if
you
have
seen
it
it's
more
about
the
ending
which
I
cannot
I
I
can't
come
on
twitch
and
ruin
the
movie.
But
if
you
think
about
the
twist
at
the
end,
then
that's
something
that
we're
trying
to
learn
to
do
with
our
cluster.
Today.
B
F
C
F
So
that's
actually
pretty
cut
down
like
it's
like.
It
looks
like
a
default
that
looks
like
a
default
service
service
account.
F
D
G
Looks
like
there's
some
might
be
an
interesting
crd
there
as
well.
H
C
C
D
H
H
There
are
crds,
it's
yeah,
there's
one
called
policy
and
there's
a
cluster
wide
called
cluster
policy.
F
G
Yeah,
if
we,
if
you
were
to
look
in
the
response
earlier,
there
was
a
bit
of
a
hint
as
to
what
we
can
get
with
regards
to
cubano.
F
A
H
D
Any
network
anything
in
this
namespace
services
or
sorry
svc.
F
C
F
F
Can
you
can
you
try
to
type
in
a
center
just
randomly
for
me.
D
F
D
G
C
D
H
F
A
So
we
can't
create
new
pods
on
that
namespace
right
because
of
the
policies
someone
mentioned,
that
on
the
twitch
chat,
create
a
new
part.
That's
privileged!
That's
not
gonna
work
right.
F
Can
we
do
the
same
auth?
Can
I
list,
but
inside
of
that
name
speech.
F
F
Let's,
just
let's
just
grab.
F
Let's
go
for
pass
and
and
deployments
or
something
like.
G
G
C
F
E
That
I
just
popped
that
so
that
I
could
space
out
the
the
top
terminal
because
of
my
name
blocking
it.
Oh.
F
Okay
got
it
okay,
so
looking
union
of
the
permissions
that
we
have
and
the
namespaces
we
have,
we
need
to
figure
out
effectively
what
we
can
deploy,
where
that
that
gives
us
more
permission
so,
based
on
those
policy
rules
like
I
think
we
saw
one
that
was
like
more
permissive
of
of
privileged
containers,
and
that
was
the
development
name
space.
Is
that
right.
F
So
we
could
do
something
sneaky
like
run
and
then
give
it
the
image
and
possibly
I
guess,
we'd
have
to
figure
out,
like
maybe
one
of
the
image
names
that
is
already
in
the
allow
list
for
namespace
and
then
see.
If
we
can
get
something
happening
there,
then
the
question
is:
how
would
we
access
that
other
container
we'd
have
to
probably
go
over
the
network
or
something.
D
H
F
H
So
somebody
removed
dr
io
super
secure
org.
It
seems
like
exactly.
D
H
F
H
F
F
F
I
had
totally
forgot
about
the
next
ring.
I've
been
trying
to
remember
the
name
of
that
thing
forever,
and
this
is
the
cool
cool
project
because
it
takes
like
the
nick
stuff
and
you
can
basically
give
it
like
with
slashes
the
packages
that
you
want
to
have
installed,
and
it
will
just
like
deploy
that.
I
love
that
so
freaking
cool,
oh.
E
Yes,
yeah,
so
here
is
one
we
created
on
the
fly
earlier.
F
So,
let's
do
cube
kettle,
run,
dash
dash
and
or
dash
n
development
dash
or
give
it
a
name
like
knock,
knock
or
something
you
know.
Oh
you
don't
need
that.
You
don't
need
the
dash
dash
name,
part,
sorry,
get
rid
of
the
dashboard,
yeah
right,
yeah,
yeah
and
then
dash
dash
image
equals.
F
F
So
if
it
were
me,
what
I
would
do
is
I'd
grab
I'd
grab
this
template
spec,
maybe
like
dump,
it
drive,
drive
around
and
backpack
into
yaml,
and
then
I
would
add,
hostpit
access
to
the
to
the
gammel
and
then
at
that
point
we
should
be
able
like.
If
we're
able
to
deploy
this,
then
we
should
be
able
to
get
all
the
way
into
the
post
file
system.
F
Yes,
so
we
had
figured
out
that,
through
a
union
of
permissions
that
that
we
see,
because
of
the
way
that
image
matching
is
working,
it's
going
to
allow
us
to
deploy
any
old
image
into
the
development
namespace,
which
is
great
for
us,
and
then
we
had
an
image
that
was
provided.
That
gives
us
the
ability
to
define
like
what
we
want
to
have
kind
of
pre-installed.
F
In
that
image
we
tried
to
deploy
that
into
the
development
name
space,
and
I
was
using
a
dash
privilege
flag,
which
is
a
new
flag
in
I
think,
120,
or
something
like
that,
where
you
can
basically
make
that
container,
a
privileged
container,
which
is
a
kind
of
a
pretty
good
acid
test.
To
see
like
how?
How
much
privilege
can
I
give
that
container
so
that
I
can
do
things
like
exploit
things
and
other
fun
stuff
that
didn't
work,
though?
F
What
ended
up
happening
was
that
we
were
when
we
tried
to
make
the
deployment
it
says,
create
container
error
and
that
create
container
error
could
be
pretty
much
anything.
So
oh
wait,
yeah.
It
could
be
pretty
much
anything
and
I
was
trying
to
see
the
events
then
to
see.
If
maybe
it
would
tell
us,
like
you
know,
no
such
image
at
that
address,
or
you
know
it's
friday
and
I
and
kubernetes
hates
me
or
you
know
whatever
it
is.
F
Yeah
exactly
I
can't
remember
if
that
was
like
our
target,
was
to
get
into
the
actual
host
file
system
or
not,
like
somebody
remind
me
of
that.
H
F
We
probably
don't
need
host
files,
so
simply
probably
just
need
to
deploy
something
in
that
other
namespace
and
then
pivot
to
it.
So,
based
on
the
url
of
the
image
that
we
have,
shell
bash
font,
cat,
nutar,
dig
g,
zip
and
pearl,
which
is
weirdly
missing
things
like
netcat,
although
that
might
already
be
in
there.
F
D
G
G
F
So
we
so
we
are
kind
of
in
an
interesting
place
where
we
could
go
after
the
host
file
system.
I
guess
what
I'm
trying
to
understand
is
whether
the
foothold
is
in
the
route
like
do
we
need
to
take
over
a
node,
or
do
we
just
need
to
have
access
to
another
container
so
like
if
we
were
to
go
into
another
container?
What
we
might
do
is
like
set
up
a
net
server
or
something
on
and
the
one
that
we've
just
spun
up.
F
E
F
E
Incredibly,
sensible,
here's
one
I
created
earlier:
let's
try
and
shave
a
minute
or
two
off.
E
E
Right
now
so
so
I
have
just
spun
up
an
angry
tunnel
here.
E
Here,
I'm
going
to
create
I'm
going
to
do
this
as
a
deployment,
because
I've
set
up
I'm
testing
in
the
development
name
space.
I
mean
it's
exactly
what
that
feature
suggested
set
up
a
reverse
shell,
using
that
cunning,
mixery,
sort
of
dynamically
created
image,
obviously
cache.
Now,
we've
used
it
a
few
times
spin
up
phone
caps.
E
Which
binds
back
to
this
shell,
which
is
not
yet
connected
to
anything,
but
it's
set
up
through
this
tunnel
here
fingers
crossed
there
we
go
so
now.
This
shell
is
connected
to
this
deployment
that
we've
just
created
here,
notably,
I
didn't
create
that
as
privileged
nice.
Okay,
so
let
me
just
reverse
out
and
do
that
again.
F
We're
going
to
go
down
that
path
and
hold
on
a
second,
because
what
we
should
do
is
also
throw
in
the
host
pid
to
see
if
we
can
get
away
with
that,
because
if
we
can
get
away
with
that,
then
we
basically
just
and
accenture
into
the
root
file
system
and
away.
We
go.
D
F
I
think
it's,
I
think
it's
a
run
command,
it's
cube
kettle,
gate
run
or
cube,
kit
will
create
or
cube
kettle
run,
and
then
you
get
privilege
in
there.
Otherwise,
what
you
can
do
is
just
keep
kind
of
create
the
deployment
dash.
Oh
yeah,
where
I
run,
and
then
we
can
throw
stuff
in
there
right.
Like
add
the
privilege,
add
the
host
bit.
E
F
So
at
this
point,
what
we're
trying
to
do
is
we're
trying
to
figure
out
how
to
get
into
the
right.
So
our
goal
is
to
get
another
foothold
into
the
cluster,
and
so
what
we've
got
so
far
is
we've
determined
that
we
can
deploy
a
container
or
a
pod
or
a
deployment.
We'll
have
you
in
another
in
another
name
space
and
give
it
privilege
and
give
it
like.
F
You
know
a
bit
more
privilege
than
it
should
have,
and
then,
if
we
can
get
to
that
and
by
some
means,
then
we
would
then
also
be
able
to
kind
of
use
that,
as
a
jumping
point
to
get
to
maybe
another
jumping
point
which
might
be
the
underlying
nodes
file
system,
where
we
can
put
things
like
our
ssh
keys
or
another
ngrok
server
or
all
kinds
of
other
fun
stuff.
F
So
at
the
moment
that's
kind
of
what
we're
we're
tackling
and
at
and
what
we've
got
so
far
is
that
andy
was
helpful
in
speeding
us
up
by
basically
setting
up
an
ngrok
endpoint
on
the
outside
world
and
then
using
our
deployment
into
the
development
namespace
to
connect
to
it.
And
so
in
this
screen
we
can
actually
interact
with
it's
as
though
we
had
cube
kettle
exact
into
the
container.
Although
the
echo
is
a
little
weird
but
like
we
could
still
interact
with
that
container
now.
F
So
the
question
then,
is
like
what
can
we
do
from
in
there
like?
We
can?
We
can
see
like
maybe
we
can
see
if
we
can
get
to
the
root
of
to
the
underlying
nodes
file
system,
or
you
know,
escape
to
the
node
with
sufficient
privileges
and
let's
see
what
we
can
shake
out
from
there.
E
Yeah,
so
we're
in
this
position,
where
we
need
to
insert
security
context
into
this
deployment
file,
and
rather
than
trying
to
do
it
on
a
node
which
I
was
just
about
to
set
myself
up
for
a
world
of
pain.
I'm
just
going
to
take
it
off
and
do
it
a
bit
locally.
E
F
F
F
E
A
I
I
think
we
need
to
wrap
up
we're
pretty
much
out
of
time.
Do
you
have
any
any
kind
of
anyone
has
any
recommendations
there.
F
I
can
tell
you
where
I
was
thinking
about
next,
so
my
next
trick
was
going
to
be
to
like
once
we
actually
get
into
the
container.
I
was
going
to
do
n
center
minus
a
minus
t
for
target
and
then
and
it's
entered
minus
a
for
all
name,
switches,
minus
t
for
target
and
then
pid
one
and
then
bash,
and
what
that
does
is
there's
an
a
center
command
that
basically
opens
up
a
new
bash
shell
in
the
in
the
in
the
same
namespace
context
that
pid
1
resides.
F
So
if
you
were
to
like
ssh
into
the
node
using
normal
ssh
methods,
you
would
also
be
kind
of
in
that
same
context,
right
you'd
be
able
to
see
all
the
network
interfaces
ps,
minus
cf
would
be
full
of
processes,
you'd
effectively
be
in
that
space,
and
since
this
is
a
privilege,
container
you'd
be
operating
as
roots.
So
when
you
make
the
transition
you're
as
root
on
the
underlying
file
system
of
the
node,
that
was
my
go.
F
That
was
my
next
goal
and
if
we
could
accomplish
that,
then
that
node
belongs
to
us
and
we
can
do
all
kinds
of
other
fun
stuff
like
we
could
see.
If
there
are
other
credentials
just
laying
around
on
the
node
that
they're
going
to
make
themselves
friendly,
we
could
throw
another
server
on
there
like
another
ngrok
and
give
us
real
access
to
that
node.
That
is
now
something
that
we
have
access
to.
We
can
do
all
kinds
of
fun
stuff
with
the
container
runtime.
All
of
those
things.
H
F
F
Space
which
is
pretty
common
and
that
we
were
deployed
inside
the
prestige
namespace.
What
I'm
curious
about
is
like
what
the
twist
would
have
been.
I
don't
know
that
one.
A
Yeah,
I
think
I
think
this
is
great.
We
we
had
a
a
great
walk-through
of
that
challenge
and
without
giving
too
much
away,
people
still
have
gonna
have
a
hard
time
to
solve
it.
So
yeah
before
I
think
before
we
move
on
and
and
I'm
sure
there
will
be
some
probably
some
walk-throughs
and
some
guidance
for
solving
the
the
challenges
after
the
ctf
is
done,
but
any
any
kind
of
last
words
there
any
any
last
recommendations
for
our
audience
here.
E
E
I
think
it
highlights
one
of
the
one
of
the
things
about
ids
and
policy
configuration.
E
We've
got
access
to
so
much
declarative
policy
now,
which
is
amazing,
but
as
soon
as
you
introduce
regexes,
there
is
potentially
a
rod
for
one's
own
back.
There's
there's
no
other
way
to
really
do
this.
You
have
to
have
I
mean
you,
don't
just
want
a
simple
wild
card
registers
make
a
lot
of
sense.
I
know
that
was
well
carded
in
that
case
as
well,
but
yeah
it
really
reuse,
open
source
policy.
It's
it's
my
short
learning
from
that
one.
B
A
Nice
anyone
else,
jim
lewis.
G
I
think
just
one
one
tip
for
the
remainder
of
it
is
just
just
enumerate
enumerate
there
is.
There
are
still
things
to
find
so.