Attacking Cloud Native Kubernetes With CDK

Explore advanced techniques for attacking cloud-native Kubernetes environments in this 33-minute conference talk from the Hack In The Box Security Conference. Dive into the world of container security as experts Zebin Zhou and Yue Xu demonstrate step-by-step methods for compromising and taking over cloud-native Kubernetes clusters. Learn about the potential weaknesses in container isolation and how to exploit them, particularly in multi-tenant serverless and Container-as-a-Service (CaaS) offerings. Discover best practices for Kubernetes red teaming, including state-of-the-art attack techniques illustrated through real-world case studies. Get introduced to the Container Penetration Toolkit (CDK), an open-source tool designed to facilitate container escapes and Kubernetes cluster takeovers. Witness a full-chain attack demonstration using CDK and gain insights into container security, incident response, and the intricacies of cloud infrastructure vulnerabilities.

Introduction
Agenda
Right Teams
Shell
Kubernetes Network
Container Escape
Other Kubernetes gods
Two simple examples
Point to a service
Host discovery and pod scanning
Why istio special
Results
Cloud Native API Gateway
Container escaping
Real World Case
Red Team
CDK
Connect logs
Tips
CDK Automation