Kubernetes Goat 03 - SSRF in the Kubernetes (K8S) world
categories: []
date: '2023-10-28T14:27:50.621257+08:00'
tags: []
title: Kubernetes Goat 03 - SSRF in the Kubernetes (K8S) world
updated: 2023-10-28T14:27:51.146+8:0
SSRF in the Kubernetes (K8S) world
- SSRF 可以使用bp抓包爆破判断端口号
- 找到5000端口
- 根据回显继续访问
- 找到新的路径
- 继续往下拼接
- 就这样以此类推
http://metadata-db/latest/secrets/kubernetes-goat
- 解密
azhzLWdvYXQtY2E5MGVmODVkYjdhNWFlZjAxOThkMDJmYjBkZjljYWI=
k8s-goat-ca90ef85db7a5aef0198d02fb0df9cab
本文是原创文章,采用 CC BY-NC-ND 4.0 协议,完整转载请注明来自 putdown.top