►
Description
Nico will show how to highjack a Kubernetes cluster based on common attack vectors. You'll also learn why it's important to implement zero-trust to prevent data leaks.
Website: https://whiteduck.de/
Organized by @Microsoft @kubermatic7173 @SysEleven
Thanks to our sponsors @CapgeminiGlobal, @gardenio, @sysdig, @SUSE, @SUSE, @anynines, @redhat, nginx, serve-u
A
Today's
talk
is
mainly
because
we
had
some
customer
meetings
and
working
with
customers
and
yeah
somehow
realized
that
many
people
are
companies
out.
There
are
running
kubernetes
and
do
not
think
about
any
security,
and
that
is
why
we
spun
UPS.
Let's
talk
and
yeah
would
like
to
tell
you
and
to
show
some
best
practices
you
could
easily
Implement
into
your
cluster,
so
this
will
be
not
any
Deep
dive
session.
So
if
you
I
don't
know
deep
life,
security,
one
feel
free
to
go
into
the
plan.
A
So
so
really
this
is
basic
basic
stuff.
Talking
your
Basics
like
kubernetes
policies,
Network
policies,
basic
security
topics,
yeah
and
Main
of
the
talk
will
be
really
a
demo.
So
we
will
hijack
a
kubernetes
cluster
and
see
what
we
can
do
here
and
then
maybe
if
we
have
time
talking
about
how
to
prevent
this,
but
it
depends
on
the
on
the
timing
today.
A
Everything
I
will
show
today,
including
demo,
and
the
slides
are
available
on
GitHub,
so
you
can
just
test
it
or
implement
it
on
your
own,
try
again
on
your
own
and
also
slides
I,
whatever
they
are
yeah,
so
streamer,
slides.
First
of
all,
once
again
by,
we
need
to
care
about
security.
So
basically,
this
is
from
the
state
of
kubernetes
security
report
from
2022
they're,
pretty
new
yeah,
and
basically,
what
we're
seeing
here
is,
let
me
put
in
the
laser.
A
So
in
the
last
12
months
we
really
get
issues
related
to
misconfigurations
in
our
clusters
to
security
issues
which
may
not
be
fixed
to
security
issues
in
runtime,
so
nothing,
let's
say
really
running
in
our
cluster
and
having
the
acute
issue
so
and
also
failed
auditing.
So
there
is
really
a
need
to
think
about
security,
to
higher
security
and
and
the
kubernetes
world,
and
also
talking
about
yeah
customer
loses
or
Revenue
losers.
A
A
Okay,
so
what
we
will
do
is
we
basically
try
to
get
into
a
kubernetes
cluster
where
a
web
application-
and
we
were
using
log
for
share
for
this
I
guess
most
of
you
already
know,
look
for
Shell,
hopefully
already
patched
it
in
your
clusters,
but
basically
we
will
use
this
one
to
get
into
our
cluster
and
then
try
there
to
get
even
more
information
and
data.
So
just
some
some
details
on
luxury
shell.
So
basically
we
will
inject
the
tndi
lookup.
Just
a
string.
I
will
show
you
in
a
bit.
A
This
will
get
locked
by
log
for
J
and
then
basically,
look
for
chair
will
basically
talk
to
an
Lop
server
of
our
own,
which
will
start
in
just
a
sec,
and
this
one.
We
basically
provide
us
with
some
Java
class,
which
allows
us
to
basically
spin
up
in
our
case
and
reverse
shell
into
the
running
container
Running
part
in
our
kubernetes
cluster
and
from
there
we'll.
Basically,
then
trying
around
talking
to
the
kubernetes,
API,
server
and
stuff
like
this.
A
Side,
yeah,
but
but
basically
ready
for
the
demo
and,
as
I
said,
if
it's
too
small
just
just
give
me
a
hand.
What
we'll
do
and
all
the
markdown
is
also
on
the
GitHub
repo
and
we'll
also
just
basically
follow
up
the
markdown
and
then
give
you
some
summer
insights,
So
Below.
We
have
a
terminal
here,
I
already
connected
to
the
attacker
machine,
so
just
virtual
machine
and
they
are
downloaded
the
lock
for
Shell
POC.
This
is
also
the
link
is
included
in
in
my
repo.
A
It's
just
POC.
You
can
use
to
implement
lock
for
Shell
on
test
stuff
against
it.
It's
not
developed
by
me.
It's
a
nice
open
source
product
you
can
use,
and
this
will
be
basically
the
Baseline
we're
starting
with
so
first
thing
we
will
do
is
we
will
spin
up
the
lap
and
the
HTTP
server
to
be
able
to
inject
via
log
for
gel?
A
We'll
do
this
one
on
the
attacker
machine
here,
so
it
spins
up
the
adap
server,
it
spins
up
the
HTTP
server,
and
then
we
will
furthermore
spin
up
just
an
open
port.
We
will
use
netcut
here,
I
just
decided
to
go
with
443
because
hey.
Why
not
it's
an
outgoing
connection!
So
if
we
are
able
to
connect
outgoing
in
the
Internet,
it's
pretty
sure
when
it's
allowed
it's
the
area
for
three,
so
we're
going
with
server
3
here
and
open
this
port.
A
So
next
thing
is:
we
need
to
try
to
inject
the
chaindi
and
this
we
will
do
inside
of
the
application.
So
this
basically
application
implementing
log4j
and
is
here
with
the
security
issues
here
and
what
we'll
do
is
we
will
inject
in
the
username
this
string
so
basically
saying
Hey
would
like
to
get
tndi
and
please
talk
to
this
lap
server,
which
is
our
attacker
machine
on
the
ellipot,
and
then
we
are
putting
in
any
kind
of
password
here
doesn't
matter
at
all.
A
And
it's
just
loading
loading
loading
and
here
we're
getting
a
connection
from
an
IP
address
and
if
we're
now
here,
for
example,
to
an
LS
we're
getting
some
data,
so
we
now
have
a
reversal
open
into
the
port
in
our
kubernetes
cluster.
So
first
step
we
were
able
to
do
this
because
of
the
existing
look
for
Shell
issue.
A
So
next
one
would
be,
of
course,
to
try
to
talk
to
the
kubernetes
API
server
and
for
this
basically
kubernetes
provides
us
with
nearly
everything
we
need.
So,
of
course,
we
need
to
talk
to
talk
to
other
kubernetes
API.
The
talk
gets
by
default,
exposed
and
mounted
into
a
put
so
we're
just
exposing
that
one
here
to
use
it
later.
A
We
also
need
a
certificate
Authority
root
certificate.
This
is
also
exposed
into
our
workload
and
then,
in
this
case
we
already
have
curl
in
the
container.
So
once
again,
it's
maybe
stuff
in
the
container
or
in
container
image.
We
do
not
need
normally
to
running
the
application,
but
in
our
case
it's
even
better
for
us.
A
So
what
we
will
do
here
is
we
will
do
a
curl
providing
the
certificate
adding
a
header
just
put
put
in
the
bear
token
we
just
got
from
already
mounted
in
our
workload
and
then
doing
a
get
on
HTTP
kubernetes
service
host
and
kubernetes
Service
Port
https.
Also,
this
is
default
environment
variables.
You
will
get
from
kubernetes
in
every
part,
so
you
don't
need
to
think
about
where
the
API
server
just
use
the
environment
variables
and
doing
a
slash
API
here
and
we're
getting
some
data.
A
So
at
least
we
don't
get
a
deny
we're
getting
some
data
and
not
really
important.
So
far
we
have
the
API
server
address
here,
but
it
looks
like
we
do,
have
some
access
and
somehow
allowed
to
talk
to
the
kubernetes
API
server
yeah.
So,
let's
see
if
we
can
get
some
more
information
here,
maybe
just
grabbing
our
namespace
we
are
running
in
this-
is
also
available
and
and
mounted
in
our
Port
here.
A
If
it's
started
or
not
so
it
looks
like
we
are
able
now
to
to
access
some
kind
of
data,
and
maybe,
if
you're,
where
some,
for
example,
environment
variables,
injecting
Secrets
or
so
we
would
even
already
got
those
here.
So
why
did
this
work
so
basically
you're
getting
the
total?
This
is
default,
at
least
until
kubernetes
124
with
124.
You
need
to
enable
it
to
really
get
the
token,
and
this
is
the
first
one,
the
second
one.
Of
course.
A
A
It
copy
paste
it
and
just
apply
it
in
the
cluster
and
you're
getting
some
role
bindings,
maybe
for
a
default
service
account
in
your
default
namespace
like
it's
here
in
our
case
and
then
you
have
end
up
having
a
service
account
which
is
has
access
or
high
access
to
the
kubernetes
API
server,
without
even
knowing
it.
So
of
course
you're.
Not
you!
A
A
A
To
get
an
minus
a
to
get
all
namespaces
now
here
we
can
forbidden.
So
it
looks
like
our
service
account,
which
I
mentioned
is
in
the
default.
Namespace
default
service
account.
So
basically
this
account
every
workload
uses
if
you
do
not
provide
a
specific
service
account
here
does
not
have
access
to
other
namespaces
to
see
other
workload,
which
is
good,
so
nothing
we
can
do
here
or
so
easily.
It
says
this
way.
So,
let's
see
if
we
can
do
a
cube,
City
I
get
notes
to
get
some
node
information.
A
Also,
this
does
not
work
so
looks
like
we
have
at
least
access
to
our
default
namespace.
So
next
one
is,
we
can
use
cubesatel
and
doing
and
ask
can
I
which
basically
allow
us
to
use
cubectl
and
ask
the
kubernetes
API.
If
you're
allowed
to
do
something
like.
If
are
we
allowed
to
create
import?
Are
we
allowed
to
delete
import
and
stuff
like
this?
So
we're
just
asking
hey?
Are
we
allowed
to
create
a
pod
and
we're
getting
a
yes?
So
it
looks
like
we
are
not
even
allowed
to
just
read.
A
Make
it
a
little
bit
smaller
here,
as
we
will
try
to
spin
up
a
pot
just
using
the
Ubuntu
lets
here,
because
hey
Ubuntu
is
a
pretty
big
image
with
many
Tools
in
there.
So
we
don't
need
to
download
some
stuff
too
to
get
all
the
things
done.
So
just
using
a
bigger
this
through
here
and
then
we're
trying
two
more
things.
A
And
we
were
able
to
create
that
one,
so
we
should
also
now
see
it.
Our
privileged
part
is
running
for
six
seconds,
which
is
pretty
nice
so
and
now
we
can
basically
just
do
an
exit
into
the
batch
and
try
to
yeah
use
that
when
to
to
get
even
further
details,
so
what
we
did
and
what
I,
what
I
skipped
is
I
said
we're
mounting
a
host
pass
here.
A
So
basically,
now
we
have
the
containerdy
socket
available
in
our
pod
and
can
now
try
to
use
the
container
dcli,
which
we
will
download
in
a
sec
to
get
access
to
Containers
which
are
running
in
the
node
which
we
but
which
we
do
not
see
on
a
kubernetes
level,
because
on
a
kubernetes
level,
we
just
saw
our
own
part
here
so
to
make
our
lives
easier,
we're
just
installing
coil
and
check
re
once
again,
because
we
have
internet
access.
Why
not.
A
A
Thank
you
and
see
if
we're
seeing
some
some
workload
here
and
it
worked
so
as
you
see
on
the
kubernetes
side,
we're
seeing
one
part
so
one
container,
if
you're
now
on
the
container
D
level
on
the
Node
we're
seeing
much
more
stuff
here,
which
we
now
can
see
and
and
and
see.
If
we
I,
don't
know,
find
some
data
find
some
Secrets
or
stuff
like
this,
we
can
then
maybe
use
to
get
access
to
some
data.
A
A
So
this
is
the
idea
we're
working
with
now
and
for
this
one
we
will
once
again
use
the
container
dcli
with
updated
or
customized
address.
The
namespace
and
doing
container
info
on
this
container
ID
and
then
doing
the
jQuery,
because
we
just
want
to
get
secrets
so,
basically,
most
of
the
time
we
will
find
them
the
environment
variables.
So
we
just
go
for
a
spec
process
and
fear
and
see
if
we
will
get
some
information
here.
A
So
of
course
we
want
to
get
get
the
kubernetes
informations
for
our
services
for
AP,
API
and
stuff.
Like
this,
we
used
in
the
previous
thing
we're
getting
past
information
host
information
looks
like
it's
somehow
an
nginx
here
doesn't
matter
but
hey.
We
are
also
getting
a
red
ski
and
a
rarest
host
here.
A
A
A
Blah,
for
example,
getting
okay,
so
we
are
also
able
to
override
data.
So
we
could
just
delete
everything
override
everything.
I,
don't
know,
dump
it
somewhere
I'm
using
all
the
data
we're
seeing
in
the
radius
here
and
to
sum
up,
it's
one
thing:
to
get
access
to
on
radius
and
to
find
some
secrets
and
environment
stuff
in
the
environment
of
a
container.
But
we
are
really
using
a
different
container
here,
so
we
are
injected
into
application
a
and
using
and
accessing
data
from
a
radius
from
a
completely
different
application.
A
So
why
are
we
able
to
access
this
redness
even
further?
So
why
are
there
no
network
policies
or
stuff
in
place?
So
we
shouldn't
need
to
get
this
data,
but
anyway
we
have
it
so
next
step.
Next
Step
would
be
to
get
even
further
and
trying
yeah
to
access
or
to
exit
the
kubernetes
and
getting
to
the
cloud
provider.
So
in
this
case
it's
Azure,
so
it's
a
little
bit
Azure
specific,
but
it
basically
also
works
on
AWS
and
on
on
gcp
doesn't
matter
at
all.
A
So
basically,
we
were
using
attempty
here
and
just
mounting
the
first
disk.
We
will
find
on
the
Node
and
hope
it's
the
right
one
and
then
you're
searching
for
so
configuration
file
and
in
this
case
it's
basically
within
the
etcd
kubernetes
directory
and
the
ass
and
kubernetes
and
Azure
chasing
and
basically
every
managed
kubernetes
and
identity
and
the
cloud
provider
on
the
Azure
side.
A
So
this
is
basically
the
idea
of
our
kubernetes
cluster
in
azure,
and
we
can
now
go
ahead
and
talking
to
the
Azure
metadata,
API
and
retrieving
a
one-time
token
here,
so
just
copy
pasting
that
one
and
we'll
show
you
in
a
sec
so
we're
doing
a
curl
here
on
the
metadata
API
of
the
Azure
resource
manager
and
saying
hey.
I
would
like
to
get
an
os2
token
for
the
clan
ID
our
client
and
then
providing
an
API
version.
A
A
So
what
we'll
do
is
in
curl
we're
doing
get
once
again
providing
the
token
we
just
retrieved
need
to
set
them
other
headers
here
and
then
talk
into
management
azure.com,
providing
our
subscription
providing
our
Resource
Group
and,
as
I
said,
doing
a
get
and
to
get
a
nicer
output
just
putting
that
one
to
check
through
here
and
we're
getting
a
Json
back
we're
seeing
some
things
we're
seeing.
Okay,
the
name
of
our
Resource
Group
we're
seeing
hey
location.
A
So
it
looks
like
it's
running
in
rest,
Europe
and
Amsterdam
we're
seeing
some
tags
we're
seeing
who
managed
this
this
resource
here
we're
seeing
the
provisional
state.
So
we
are
now
able
really
to
use
the
identity
of
the
kubernetes
less
than
Azure,
to
talk
to
Azure
and
to
read
some
data
but
hey.
Who
would
like
to
read
data
when
you
can
create
something
so
because
we
have
a
little
bit.
We
have
shorter
time
today.
A
So
we
are
now
not
talking
about
getting
access
to
our
kubernetes,
so
we're
now
talking
about
creating
resources
on
Azure
and
doing
I,
don't
know
whatever
you
want,
which
is
pretty
bad
yeah.
So,
as
you
see
it's
pretty
easy.
If
there
are
some
things
bad
in
your
cluster,
you
can
easily
get
access
to
other
workload.
You
can
easily
talk
to
your
cloud
provider
in
this
case
Azure,
but
it
doesn't
matter
also
works
with
other
ones.
So
you
should
really
really
think
about
security
here,
yeah,
so
maybe
back
two
slides.
A
So
how
can
you
now
start
with
introducing
security?
So
basically
I
would
recommend
really
think
about
the
whole.
Let's
say
a
devops
cycle,
so
not
thinking
about
just
the
runtime
start.
Also
thinking
about
yeah
securing
your
application
codes,
securing
your
deployment
code
so
really
try
to
start
thinking
about
Security
in
the
whole
life
cycle
and
I
would
recommend,
starting
with
quick
fixes
so
really
implementing
the
best
best
practice
practices.
A
So
what
you
can
think
about-
and
maybe
I
just
go
a
bit
to
the
detail,
slides
because
10
minutes
left
here
so
once
again
think
about
your
application
costs
first,
so
automate
and
enforce
code
checks
so
doing
dependency
scanning
like
depend
about
or
random
renovate.
We
had
a
session
on
rendered
yesterday
think
about
steady
code
analysis
to
really
scan
your
code
and
to
see
if
you
have
some
security
issues
in
your
code.
A
A
Introducing
any
security
security
issues
also
make
sure
to
scan
your
Docker
files
with
static
code
analyzers
to
also
get
Implement
all
best
practices
here
and
scan
your
container
images
regularly,
not
just
when
building
them.
Also
the
whole
time
in
the
container
registry,
and
also
when
you're
running
them
in
your
kubernetes
cluster.
So
then
you
can
make
sure
that
an
image
you
build
two
weeks
ago
is
maybe
patched
in
the
container
registry
or
deleted
in
a
container
registry,
but
maybe
still
running
in
kubernetes
cluster,
to
also
get
the
information
there.
A
When
you
have
a
class,
an
image
instance
running
in
your
cluster
and
you're
getting
security
issues
there
so
think
about
the
whole
life
cycle
here,
yeah
even
secure
container
image
would
have
make
it
a
way
harder
to
get
all
the
stuff
done.
We
did
some
minutes
ago,
so
really
important.
One
also
scanning
container
images
would
really
help.
A
Beside
your
Docker
file
is
also
validate
your
development,
manifest
temp,
charts,
kubernetes
resources,
manifest
and
so
on,
and
also
try
2D
to
yeah,
not
Implement,
things
like
running
a
container
as
root
mounting,
host,
pass
and
stuff
like
that.
So
basically
these
things
we
did
to
make
sure
that
if
somebody
is
able
to
access
your
container
or
get
access
to
your
container
cannot
do
any
any
bad
things
here.
A
Also
this
the
container
we
connected
to
in
the
first
step
was
running
as
root,
which
made
it
much
easier
to
get
all
the
things
done
and
get
access
to
the
kubernetes
API
and
and
to
the
node
even
further
yeah.
Just
some
links
here.
You
can
check
them
later
some
tools
which
can
help
you
with
static
code
analysis
yeah.
Furthermore,
I
think
there
was
also
talk
on
that
one,
so
I
will
make
this
one
a
little
bit
faster.
A
A
So
why
are
we
able
to
spin
up
and
reverse
here
by
way
we're
able
to
I,
don't
know,
use
Quran
to
download
Cube
CTL,
or
so
you
don't
need
that
one
and
also
the
application
doesn't.
So
you
can
really
deny
that
one
limit
access
between
application
name
spaces,
so
by
very
able
to
talk
to
the
redis
instance,
which
was
related
to
a
completely
different
application.
A
So
let's
say
we
have
an
application
a
but
there's
some
somewhere
running
application,
B
with
redis
instance.
So
why
does
does
application
a
need,
access
to
radius
B,
for
example,
and
even
even
more
important?
The
last
one
you
should
deny
access
to
the
cloud
provider
metadata
service
to,
for
example,
get
the
one-time
token
to
then
talk
to
azure.
So
if
the
application
does
not
integrate
with
Azure
or
any
other
cloud
provider,
they
do
not
need
access
to
the
metadata
API
to
get
to
be
able
to
retrieve
this
one-time
talk,
for
example.
A
Yeah.
Once
again,
as
I
already
said,
Network
policies
would
have
denied
most
of
the
stuff.
We
did
and
even
more
important
container
runtime
security
to
get
insights
of
the
stuff
which
is
run
in
your
cluster,
so
really
getting
insights
when
their
SNL
started
or
executed
in
your
container,
then
I
don't
know.
A
If
you
give
a
service
account
higher
access,
Rights
Make
sure
to
be
aware
of
them
and
not
just
copy
pasting,
any
other
rules
from
the
internet,
because
it's
then
ending
up
with
a
default
account
having
higher
access
as
we
had
and
then
we're
able
to
talk
to
the
kubernetes
API
server
do
not
Mount
the
service.
You
can't
talk.
If
you
don't
need
that
one.
It's
just
one
line
in
your
configuration.
You
can
disable
that
one.
A
It
just
included
the
link
here:
where's
kubernetes,
124,
it's
disabled
by
default,
yeah
and
then
yeah
as
I
said
review
all
your
Snippets
you're
applying
to
your
cluster
and
also
maybe
think
about
on
web
application
firewall.
If
you
have
some
HTTP
workload,
for
example,
also
that
one
had
would
have
prevented
to
even
check
the
lock
for
shell
into
the
application
itself.
So
also,
really
really
important.