Kubernetes Goat 15 - Hidden in layers
categories: []
date: '2023-10-30T17:27:18.805137+08:00'
tags: []
title: Kubernetes Goat 15 - Hidden in layers
updated: 2023-10-30T17:27:18.416+8:0
Hidden in layers
隐藏在层中
kubectl get jobs
kubectl describe job
- 找到
hidden-in-layers-czrlb
kubectl get pod hidden-in-layers-czrlb -o yaml
- 找到完整的镜像名字,拉取镜像
docker pull madhuakula/k8s-goat-hidden-in-layers:latest
- 通过利用 docker 内置命令将 docker 镜像导出为 tar 文件
docker save madhuakula/k8s-goat-hidden-in-layers -o hidden-in-layers.tar
- 使用dive分析镜像
- https://github.com/wagoodman/dive/releases
./dive madhuakula/k8s-goat-hidden-in-layers
- 得知敏感文件和路径
- 解压上面的的
hidden-in-layers.tar文件 - 根据上面的路径找到文件
结束
本文是原创文章,采用 CC BY-NC-ND 4.0 协议,完整转载请注明来自 putdown.top
