Tweet
Tweet

Slide 1

Slide 1 text

No content

Slide 2

Slide 2 text

● ● ● ● Image Jefferson Santos on Unsplash

Slide 3

Slide 3 text

Image nmap.org

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

■ ■ ■ github.com/aquasecurity/kube-hunter

Slide 6

Slide 6 text

Image mario on Flick

Slide 7

Slide 7 text

Welcome to Club KubeCon Free entry! Show me your ID If you’re not on the list, you’re not coming in Image Channel 4

Slide 8

Slide 8 text

Image Foundry Co from Pixabay

Slide 9

Slide 9 text

Image Kerstin Riemer from Pixabay

Slide 10

Slide 10 text

● curl :8080 curl :8080/api/v1 curl :8080/api/v1/namespaces curl :8080/api/v1/namespaces/default/pods

Slide 11

Slide 11 text

● curl -k https://:6443

Slide 12

Slide 12 text

Image Pixabay

Slide 13

Slide 13 text

● curl -k https://:6443/swaggerapi curl -k https://:6443/healthz curl -k https://:6443/api/v1

Slide 14

Slide 14 text

Image Rudy and Peter Skitterians on Pixabay

Slide 15

Slide 15 text

Kubernetes cluster pod token API server

Slide 16

Slide 16 text

→ Image cocoparisienne on Pixabay

Slide 17

Slide 17 text

No content

Slide 18

Slide 18 text

curl -k https://:2379 curl -k https://:2379/version

Slide 19

Slide 19 text

No content

Slide 20

Slide 20 text

curl -k https://:10250 curl -k https://:10250/metrics curl -k https://:10250/pods

Slide 21

Slide 21 text

No content

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

Kubernetes cluster pod token API server

Slide 24

Slide 24 text

■ ■

Slide 25

Slide 25 text

Image Free-Photos on Pixabay

Slide 26

Slide 26 text

Image IAOM-US on Pixabay

Slide 27

Slide 27 text

@handler.subscribe(NewHostEvent) class PortDiscovery(Hunter): def execute(self): for p in default_ports: if self.test_connection(self.host, p): self.publish_event(OpenPortEvent(port=p))

Slide 28

Slide 28 text

@handler.subscribe(OpenPortEvent, predicate= lambda x: x.port == 10255 or x.port == 10250) class KubeletDiscovery(Hunter): def get_read_access(self): r = requests.get("http://{host}:{port}/metrics") if r.status_code == 200: self.publish_event(ReadKubeletEvent())

Slide 29

Slide 29 text

@handler.subscribe(ReadKubeletEvent) class ReadKubeletPortHunter(Hunter): def execute(self): k8s_version = self.get_k8s_version() if k8s_version: self.publish_event(K8sVersionDisclosure( version=k8s_version))

Slide 30

Slide 30 text

class K8sVersionDisclosure(Vulnerability, Event): def __init__(self, version): Vulnerability.__init__(self, Kubelet, "K8s Version Disclosure", category=InformationDisclosure) self.evidence = version

Slide 31

Slide 31 text

Image Rolf Johansson on Pixabay

Slide 32

Slide 32 text

No content