categories: []
date: '2023-10-30T15:46:04.128311+08:00'
tags: []
title: Kubernetes Goat 11 - Kubernetes namespaces bypass
updated: 2023-10-30T15:57:22.399+8:0

Kubernetes namespaces bypass

Kubernetes 命名空间绕过

  • 运行hacker-container镜像
kubectl run -it hacker-container --image=madhuakula/hacker-container -- sh
  • 报错的话运行这一条
kubectl run -it hacker-container-2 --image=madhuakula/hacker-container -- sh

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-30_15-48-36_d41d8cd98f00b204e9800998ecf8427e.jpg

  • 查看ip
  • 寻找redis
nmap -sT -open -p 6379 10.244.0.0/16

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-30_15-55-15_d41d8cd98f00b204e9800998ecf8427e.jpg

  • 连接redis
redis-cli -h 10.244.0.7

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-30_15-56-22_d41d8cd98f00b204e9800998ecf8427e.jpg

  • 集群内还有许多其他的服务和资源,比如ElasticSearchMongo等等