Command and KubeCTL - Real-World Kubernetes Security for Pentesters

Explore real-world Kubernetes security challenges and attack techniques in this comprehensive conference talk from Shmoocon 2020. Dive into tactics, tools, and methodologies for assessing and exploiting Kubernetes clusters, including intercepting service mesh traffic, evading runtime syscall filters, and exploiting custom sidecars. Learn about chaining attacks from compromising build environments to exploiting production applications. Gain practical advice and guidance based on experience from hundreds of containerized environment reviews. Discover the intricacies of container breakouts, attack simulations, devops pipeline architecture reviews, and working with developers on applications leveraging containerization technologies. Cover essential topics such as namespace isolation, Linux kernel controls, syscall filtering, and integration with Docker and Kubernetes. Understand the threat model, direct access challenges, node pools, and service exploits in Kubernetes environments. Explore KubeCTL roles, attack pods, pod security policies, and serverside request forgery. Delve into multi-tenant environments, isolation models, and crucial next steps for enhancing Kubernetes security.

Intro
Overview
Mark Manning
Containers
Kubernetes
Pods
OS Stack
Challenges
Power Maverick
Threat Model
Direct Access
Node Pools
ECloud
Service Exploit
What do we do
KubeCTL Role
Attack Pods
Pod Security Policy
Namespaces
Serverside request forgery
Crew
Pod
Rebooting
All namespaces
Summary
Multitenant environment
Isolation model
Kubernetes security
Next steps
Additional resources
Thank you