Hacking a Kubernetes Cluster: A Practical Example!

Рет қаралды 63,457

KodeKloud

Күн бұрын

Пікірлер: 61

@KodeKloud Жыл бұрын

Full Certified Kubernetes Application Developer (CKAD) Course: kode.wiki/CKAD_YT

@lhxperimental 3 жыл бұрын

Not a realistic production scenario. Webservers/Load Balancers are usually on a different server and network than the Kubernetes cluster. The cluster itself has no direct internet connectivity and only ports exposed to the world are the HTTP(S) ports of the load balancers

@AndresLeonRangel 2 жыл бұрын

you will be surprised to know that some companies actually have scenarios like this one...

@okharev8114 2 жыл бұрын

if only

@abdurrahmanhr 3 жыл бұрын

Great clip with crisp coverage on security

@KodeKloud 3 жыл бұрын

Glad you enjoyed it! Please subscribe to our channel and keep supporting😊

@tendaimusonza9547 3 жыл бұрын

Wonderful, great hands on presentation

@KodeKloud 3 жыл бұрын

Many thanks! Please subscribe and encourage us to create more such quality content.

@makevoid 3 жыл бұрын

From 2021 Kubernetes (v1.20+) removes the default dependency on docker in favour of containerd. This "attack" may work on a badly configured Kubernetes version prior to that and also on a poorly configured docker swarm cluster.

@anthonydelagarde3990 2 жыл бұрын

Thank you a fantastic video and demonstration

@KodeKloud 2 жыл бұрын

Glad it was helpful!

@matteobaiguini5940 3 жыл бұрын

can you please share the material you used for the demo? maybe a git repo?

@rishabhjain2940 3 жыл бұрын

What is this tools for port scanning? And where I can get it ?

@ramakrishnabommerla3176 3 жыл бұрын

amazing explanation :) great use-case

@manojpansare2007 3 жыл бұрын

Excellent and eye opener....👌👌👌

@KodeKloud 3 жыл бұрын

Glad you liked it! Thanks:)

@EderNucci 3 жыл бұрын

Having the docker port exposed is simply the most stupid thing I think someone can do on a cluster. Why they did this?

@thehackingexplorer3636 3 жыл бұрын

Because they are dog lovers. LoL

@kubectlgetpo 3 жыл бұрын

No one did it.. it's made up scenario that teaches theater security

@EderNucci 3 жыл бұрын

@@kubectlgetpo watch again at 0:40 :-)

@kubectlgetpo 3 жыл бұрын

@CipherNL yeah crap scenario all around

@AndresLeonRangel 2 жыл бұрын

yes, i agree. I will give you a case scenario where this could happen: Cheapskate companies that would like to save Cloud costs. Instead of paying for full Kubernetes managed service they just use EC2 instances with terraform cloud. An Engineer is told to make things work. So there he goes and uses terraform to create an EC2 instance with docker engine installed. He wants to use a terraform docker provider and boom you must expose the docker engine port so that terraform creates the docker containers. Everyone is happy = low cost, manager can boast, the engineer can move on to do lots more things... This is a real life scenario and yes the docker engine was exposed to the internet :-)

@KASANITEJ 3 жыл бұрын

I can understand ssh port being open by mistake.... but I can't wrap around why docker port is opened?

@LuizJrDeveloper Жыл бұрын

How did you put an icon in ZSH?

@KodeKloud Жыл бұрын

You can use powerlevel10k for custom ZSH

@durden0 3 жыл бұрын

Do people really run their docker hosts with no authentication and their kubernetes dashboards exposed to the internet?

@EderNucci 3 жыл бұрын

No. :-D

@tendaimusonza9547 3 жыл бұрын

I subscribed within the first few seconds of hearing the quality stuff ,lol

@aldyj4733 3 жыл бұрын

This is the epitome of one jumps into kubernetes too quickly without regards to any best practices (pain points: exposed docker port + conn string as env var) whatsoever...

@aldyj4733 3 жыл бұрын

And sadly, the majority of people still do this...

@KodeKloud 3 жыл бұрын

Yes, that's true.

@mafujaakhtar9876 Жыл бұрын

Hi Mumshad brother, is it possible to be a DevOps engineer for a non tech person? I am an an anthropologist, had career break for children now I got interested in cloud. I am a certified cloud practitioners and courntly I am doing cybersecurity program. I am interested about cloud security though I am new in this field. How long need to I have to work in cloud then I can try for the cloud security? I am a mother of two teenage kids and fourty plass cloud savvy.

@KodeKloud Жыл бұрын

Certainly, transitioning into a DevOps or cloud security role is achievable, even without a traditional tech background. With your Cloud Practitioner certification, explore advanced cloud certifications and gain hands-on experience. Learn automation tools and DevOps practices. Leverage your unique background in anthropology for soft skills. Focus on cloud security by building on your existing cloud knowledge and pursuing security certifications.

@bestviraltubeshorts 3 жыл бұрын

Someone know how can i put a logo in my zsh terminal, like that?

@ileriayoadebiyi 3 жыл бұрын

That election story surely was scary!!! Great video, Mumshad! Always love your videos!

@KodeKloud 3 жыл бұрын

Glad you liked it! Please subscribe and encourage us to create more such quality content.

@ileriayoadebiyi 3 жыл бұрын

What!?? Never knew I wasn’t subscribed 😭 By the way, all my DevOps friends and wannabes are tired of me talking about kodekloud

@abhishekjaiswal5239 3 жыл бұрын

where can we get the dirty-cow.sh

@nksajeer 3 жыл бұрын

great content

@KodeKloud 3 жыл бұрын

Welcome! Please subscribe to our channel and help us create more such videos. Thanks 😊

@asadkhanuit 3 жыл бұрын

Very good demo for people who don't know about hacking

@anathema157 3 жыл бұрын

By default docker running only as Unix service

@aogunnaike 3 жыл бұрын

Awesome 👍😎

@KodeKloud 3 жыл бұрын

Thanks! Please subscribe to the channel and help us do more such creative educational videos.

@aogunnaike 3 жыл бұрын

@@KodeKloud already a subscriber sir, cheers!

@tengiz 3 жыл бұрын

Marvellous

@KodeKloud 3 жыл бұрын

Thanks👍 Please subscribe and encourage us to provide more such quality content.

@tomknud Жыл бұрын

100% !

@KodeKloud Жыл бұрын

Thank you so much : ) We are glad to be a part of your learning journey

@abhishekhiremath8955 3 жыл бұрын

Nice

@KodeKloud 3 жыл бұрын

Thanks! Please subscribe to our channel and keep supporting😊

@nguyenanhnguyen7658 3 жыл бұрын

Nice... :)

@prashanthjs915 3 жыл бұрын

cue fargo theme

@simonshkilevich3032 2 жыл бұрын

😳

@KodeKloud Жыл бұрын

Thanks for watching our video. Cheers!

@AbhijeetSachdev 3 жыл бұрын

@nestorreveron 3 жыл бұрын

Awesome 👌

@ismaelgrahms 3 жыл бұрын

Great content

@KodeKloud 3 жыл бұрын

Thanks:)

@debkr Жыл бұрын

Awesome 👍

@KodeKloud Жыл бұрын

Thanks for your love and support!