Kubernetes Penetration Testing - Part Three

Thanks for watching! You can access the full Kubernetes lab setup and download files using the link below: https://buymeacoffee.com/offensiveopslabs/e/531485 🐙 GitHub-Kernel Module Source Code: https://github.com/rbtsecurity/k8s-container-escape-lkm/tree/main 📝 Read the full breakdown: https://www.rbtsec.com/blog/kubernetes-penetration-testing-part-three-breaking-out-with-privileged-containers/ In Part Three of our Kubernetes Pentesting series, we chain a Server-Side Template Injection (SSTI) exploit with a misconfigured --privileged container to escape the sandbox and take over the host Node. Follow along as we demonstrate: 1.- SSTI discovery & reverse shell inside the container 2.- Detection of privileged capabilities (CAP_SYS_MODULE, etc.) 3.- Compilation & loading of a custom kernel-module reverse shell 4.- Proof of host compromise with host-only file access Follow Us: LinkedIn: https://www.linkedin.com/company/rbtsecurity/ Twitter: https://twitter.com/RBTSecurity Facebook: https://www.facebook.com/RBTSecur1ty/ GitHub: https://github.com/rbtsecurity/ Contact Us: For business inquiries and collaborations, please email us at [email protected] Educational Disclaimer: All content is intended for educational purposes only, to promote ethical hacking and security research. #Kubernetes #Pentesting #ContainerSecurity #CloudSecurity #RBTSecurity #CyberSecurity #Hacking