logo
allArticlesConferencesPresentations

The Path Less Traveled: Abusing Kubernetes Defaults

Conference:  BlackHat USA 2019

2019-08-07

Summary

The presentation discusses the vulnerabilities of Kubernetes default configurations and how to better secure them.
  • Kubernetes is a container orchestration framework that is increasingly widely used in enterprise and elsewhere.
  • Kubernetes defaults vary widely depending on public clouds, distributions, and configurations.
  • Kubernetes is powerful, but insecure by design.
  • The presentation demonstrates the attack surface exposed by a default configuration of Kubernetes, including cluster takeovers and host escapes.
  • Mitigations are discussed, and ways to better secure Kubernetes are presented.
The presenters emphasize the importance of checking assumptions about Kubernetes security, as it is not secure by default. They recommend putting admission control on clusters and getting involved in the project to better understand the system and make it more secure. The presentation also highlights the need for understanding how the system works on a deep level, both as an operator and as an attacker.

Abstract

Kubernetes is a container orchestration framework that is increasingly widely used in enterprise and elsewhere. While the industry is starting to pay some attention to Kubernetes security, there are many attack paths that aren’t well-documented, and are rarely discussed. This lack of information can make your clusters vulnerable.In this live demonstration-filled talk, we are going to walk through the Kubernetes control plane before using sigs.k8s.io/kind to show some of the attack surface exposed by a default configuration of Kubernetes. There will be multiple exploits involving various moving parts, including cluster takeovers and host escapes. We’ll show you mitigations, and then show you how to get around those.Everything in this talk exploits features, not bugs! Kubernetes is powerful, and it’s insecure by design. Let’s see what it can do, and then let us show you how to better secure it.The audience will walk away from this talk with a better understanding of Kubernetes’ default attack surface, how it can be exploited, and how to keep their clusters safer.
Materials:
Tags:

Post a comment

Related work

Why Use Managed Kubernetes?: It's Dangerous to Go Alone!

Conference:  KubeCon + CloudNativeCon Europe 2021
Authors: Seth McCombs

A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE

Conference:  Defcon 31
Authors: NiNi Chen Security Researcher at DEVCORE
2023-08-01

Three Surprising K8s Networking “Features” and How to Defend Against Them - James Cleverley

Conference:  KubeCon + CloudNativeCon Europe 2022
Authors: James Cleverley-Prance
2022-05-20

Hands-on Workshop: Network Policies - The Not-So-Hard Way

Conference:  Cloud Native SecurityCon North America 2022
Authors: Tracy P Holmes, Raymond de Jong
2022-10-25

Tutorial: Hands-on Hacking Kubernetes and Ways to Prevent It

Conference:  Cloud Native SecurityCon North America 2023
Authors: Eric Smalling

Exploiting a Slightly Peculiar Volume Configuration with SIG-Honk

Conference:  KubeCon + CloudNativeCon North America 2021
Authors: Brad Geesaman, Ian Coldwater, Duffie Cooley, Rory McCune
2021-10-13