Kubernetes Hacking: From Weak Applications to Cluster Control
j-h.io/sysdig || Use Sysdig to keep your runtime environments secure, across Kubernetes clusters, the CI/CD pipeline, and your production environment! j-h.io/sysdig
🔥 KZread ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
Пікірлер: 67
Great topic, especially in this time and age very cool to see container vulnerabilities in action
I need to buy glasses, that's probably this guy's superpower
@reinmarvonzweter666
Жыл бұрын
Maybe try growing a beard?
@the_sandman00
Жыл бұрын
Tried it. It’s not
@vq8gef32
Жыл бұрын
LooL
@petevenuti7355
Жыл бұрын
@@the_sandman00 it was for me, back when I was 14..
@Damian04233
Жыл бұрын
Dude.. I promise you that though they are not the source of his superpower -😐 they are without a doubt, im telling you beyond likely, we're talking menswearhouse, multiplying his powers anywhere between a standard 50%, like you get from sunglasses to upwards of 2500% depending on who made the frames, if they're Luxottica, pssh¡, fuhgett abod it. I used to be an Optician, I know.
Trick with --path-as-is is super cool ! Currently working with containers and kubernates from a dev perspective but this video brings new point of view for me ! Thanks :)
@ttrss
Жыл бұрын
that would have got me stuck for so longg
Some pro-tips for the messed up terminal. Try the command stty sane to see if that fixes your shell. At the very least you can override your PS1 with something very short to avoid being so close to the end of the screen. Something like: export PS1='\w\$ ' This might even fix the text wrapping in the wrong place, which is caused by bash not knowing accurately how long the prompt text is, because of the control characters that make the prompt have colors.
Kubernetes will ignore the imagePullPolicy and will always try to pull the image if the image tag is :latest (or none, defaulting to :latest)
Great video John ! As always !
Thank you for your walkthrough, May God bless you 🎭
Very nice tutorial thanks for sharing. You could have also edited the grafana pod using "kubectl edit grafana pod" and make it previleged pod and mount host directory instead of creating new pod..
Especially for ones interested in technologies like k8s in the security context, I can recommend the book from sparc flow "How to hack like a ghost"
What a fantastic video congratulations as always
wild video😂 nice, thanks john for it
I like his style when he starts intro speaking it’s like a documentary 😂
Excellent!
Another awesome video thank you very much
bruh, love it. makes me wanna learn these stuff
Very nice video. Thanks a lot
love your high quality videos
thanks buddy this was basically a step by step guide for discovering major vulnerability in a popular service by pure accident. got me bug bounty money :D
You should talk about Security Blue Team, I know you helped them build their videos.
Great video John? Can you let us know which machine/image/box you are using
@grover-
Жыл бұрын
Did anyone get the link to this if it's in hack the box?
This was super cool. What CTF is this from?
this guy deserves a million subs + more
thanks this is good staff
A really good content
I was just thinking gabout this, reading my mind.
3:12 pwncat-cs is superb replacement for netcat
this is awesome
more kubernetes pls
awesome, more like this
Any plans to cover the google chrome 0 day that happened a few days ago ?
Could nod locate Gemfilr termux metasploit, help
There's a distinction between LFI and directory traversal - I don't believe what you had was LFI.
@craigblackie2034
Жыл бұрын
But great videos though!
nice
Yeah, I've heard of this system before by a Norwegian, or whatever ethical hacker dude. :3
Early in the comments. Nice! 2 hours ago!
My my language mistake but understanding never to attending after understanding again to looking you have the never misunderstanding but health problems are also more patients also I will attend
👍👍👍👍
Can you share link vm or image to create this k8s lab ?
What is the ctf url?
Hi , Is this machine on HTB? Or any where that I can try it?
@vq8gef32
Жыл бұрын
I used pwncat-cs for my HTB - better experience )
Is this a VM I can play?
Is Docker now really secured OR there is still a breach which allows container breakout/escape?
Isn't this example very constructed? In case somone exposes a shell direclty over a webinterface the game is over anyway.
There is no secure place in the world ! Relax and take it easy
This guy beats Dev-ops Engineer
Many KZread videos I have seen. That didn't work at all... Professional, 100% working software suggestion for audio recovery from android internal storage is required, please.
@creatorofimages7925
Жыл бұрын
Copy Cat
Ed Sheeran
Makdkd
Highly suggest "SteamCloud" on hack the box to those wanting to get their hands on a CTF such as the one in the video
I have worked for Global Cyber Security Company for more than 8 months, what I learned form your video more than what I learned form all of them 😆😆😆 thank you John >> you_are_the_best.txt
As a K8S Admin very happy to see this one. I would like to try it aswell. Which CTF was it? TryhackMe?