Kubernetes Privilege Escalation: Container Escape == Cluster Admin?

  Рет қаралды 12,215

Black Hat

Black Hat

Күн бұрын

In this talk, Yuval and Shaul will reveal the powerful system pods quietly installed by popular Kubernetes platforms. They'll show how attackers may abuse these pods, and demo new privilege escalation techniques. Covering managed Kubernetes services and common open-source add-ons, they'll demonstrate how on the most popular platforms today - a single container escape is often enough to take over the entire cluster.
Looking ahead, they'll present tools that flush out powerful pods and identify privilege escalation paths in a cluster, alongside mitigations that can detect and prevent such attacks. Join them as they embark on the journey of ensuring container escape != cluster admin.
Presented by Yuval Avrahami & Shaul Ben Hai
Full Abstract & Presentation Materials: www.blackhat.c...

Пікірлер
小丑揭穿坏人的阴谋 #小丑 #天使 #shorts
00:35
好人小丑
Рет қаралды 29 МЛН
When mom gets home, but you're in rollerblades.
00:40
Daniel LaBelle
Рет қаралды 104 МЛН
The Path Less Traveled: Abusing Kubernetes Defaults
48:06
Black Hat
Рет қаралды 13 М.
Escaping Virtualized Containers
40:56
Black Hat
Рет қаралды 4,1 М.
Kubernetes Hacking: From Weak Applications to Cluster Control
36:22
Leveraging the Apple ESF for Behavioral Detections
37:13
Black Hat
Рет қаралды 15 М.
A Compendium of Container Escapes
43:10
Black Hat
Рет қаралды 7 М.