How hackers run C2 agents on your Kubernetes cluster?
- 2024.06.02
- コンテナ化
Who says C2 frameworks are only used for traditional systems?
In this video, I will show you how a C2 framework like kubesploit can be used to automate k8s attacks and how hackers use them to control your kubernetes clusters.
Do note that kubesploit is no longer maintained but I’m keen to know for any alternatives.
Aside from attacking k8s, I will show you also how a runtime security tool like NeuVector can detect and prevent malicious activities.
// Chapters
0:00 – Intro
0:45 – K8s 101 (you may skip this if you are a k8s god)
2:00 – Attacking using kubesploit
2:33 – Local k8s setup using KIND
3:31 – Kubesploit preparation
4:44 – Attacking my local K8s
5:43 – Mount container breakout attack
6:20 – Mount container breakout attack (theory)
6:51 – CVE scan
7:28 – How does a C2 agent get planted in k8s?
8:15 – Hunting for malicious activities using NeuVector
// Links
* Collection of misconfigured pods: https://github.com/BishopFox/badPods/tree/main
* Kind cluster: https://kind.sigs.k8s.io/
* kubesploit: https://github.com/cyberark/kubesploit
* Neuvector: https://open-docs.neuvector.com/
-
前の記事
![[8番のりば – 02] たまにはChromebook以外でPCゲーム(@OfficeKabu. Gaming Live 番外編)](https://www.poikatsu.site/vlog/wp-content/uploads/2024/06/3ba009cfaf6b23276d4b5a1b941a7783-150x150.jpg)
[8番のりば – 02] たまにはChromebook以外でPCゲーム(@OfficeKabu. Gaming Live 番外編) 2024.06.02
-
次の記事
Défi de la nourriture au chocolat contre la vraie nourriture 2024.06.02