Andrew Martin

Hacking Kubernetes: Live Demo Marathon

It starts with one malicious NPM package and ends with cloud account takeover. This live demo shows the entire attack path.

Hacking Kubernetes: Live Demo Marathon
#1about 8 minutes

Understanding the Kubernetes threat landscape and adversaries

Threat modeling helps build appropriate security controls by identifying potential adversaries, from script kiddies to organized crime.

#2about 3 minutes

Demonstrating a supply chain attack using NPM hooks

A malicious NPM package can use a preinstall hook to execute arbitrary code and exfiltrate sensitive files like SSH or cloud keys from a developer's machine.

#3about 12 minutes

Gaining a reverse shell through pod misconfigurations

An attacker can gain a reverse shell and break out of a container by exploiting pod misconfigurations like privileged mode and sharing the host PID namespace.

#4about 9 minutes

Executing a container breakout using the Dirty Pipe vulnerability

The Dirty Pipe vulnerability allows an unprivileged user to overwrite root-owned files, enabling a container breakout by patching the runc binary in memory.

#5about 7 minutes

Pivoting post-breakout to steal secrets from other pods

After gaining root on a node, an attacker can pivot by enumerating the host filesystem to find and steal secrets mounted into other pods running on the same node.

#6about 5 minutes

Using canary tokens as a last line of defense

Embedding canary tokens, which are credentials with no permissions, provides a tripwire that triggers an intrusion detection alert when an attacker attempts to use them.

Related jobs
Jobs that call for the skills explored in this talk.

Featured Partners

Related Videos

See all videos
Kubernetes Security - Challenge and Opportunity42:45

Kubernetes Security - Challenge and Opportunity

Marc Nimmerrichter

Enhancing Workload Security in Kubernetes44:00

Enhancing Workload Security in Kubernetes

Dimitrij Klesev & Andreas Zeissner

Local Development Techniques with Kubernetes40:00

Local Development Techniques with Kubernetes

Rob Richardson

Turning Container security up to 11 with Capabilities28:47

Turning Container security up to 11 with Capabilities

Mathias Tausig

What we Learned from Reading 100+ Kubernetes Post-Mortems28:36

What we Learned from Reading 100+ Kubernetes Post-Mortems

Noaa Barki

Kubernetes Security Best Practices23:08

Kubernetes Security Best Practices

Rico Komenda

Mastering Kubernetes – Beginner Edition57:24

Mastering Kubernetes – Beginner Edition

Hannes Norbert Göring

Chaos in Containers - Unleashing Resilience27:52

Chaos in Containers - Unleashing Resilience

Maish Saidel-Keesing

From learning to earning

Jobs that call for the skills explored in this talk.

DevOps con Kubernetes

EMETEL
Municipality of Madrid, Spain

Remote
Intermediate
GIT
Bash
Linux
DevOps
+11