4.1. Scenario 1

First setup the Scenario:

# don't spoil and look at the files...
curl -LO https://kubernetes-security.songlaa.com/ctf/1/1setup.sh
chmod +x 1setup.sh
./1setup.sh

You were given rights to execute containers on a CI/CD Pipeline. Of course you tried to create a reverse-shell and suceeded. Now on to more!

Task 4.1.1: Find verifications that you are in a pod

There are some giveaways that you are inside a Kubernetes Pod. Find 3 of them. After you did that manually you can also google if there are tools available for that.

Task 4.1.2: Disclose information from other Pods

Find ways to break out of your pod, can you maybe find a file with a flag which has a text with “songlaa” somewhere on another pod"?

Task 4.1.3: Cleanup

Exit the container if you are still inside:

exit

Then remove the resources:

rm -f scen1.sh
kind delete cluster
docker kill my-ubuntu-container
docker stop my-ubuntu-container
Previous
Next
Last modified November 6, 2024: fix typos (2aa51fa)