Kubernetes LAN Party

My score: 0 pts.

Train Your Team About Leaderboard Register

choose your challenge:

DNSing with the stars

You have shell access to compromised a Kubernetes pod at the bottom of this page, and your next objective is to compromise other internal services further.

As a warmup, utilize DNS scanning to uncover hidden internal services and obtain the flag. We have "loaded your machine with dnscan to ease this process for further challenges.

All the flags in the challenge follow the same format: wiz_k8s_lan_party{*}

Challenge value: 10 pts.

Found an issue? Email us at research@wiz.io

With ❤️ by @nirohfeld & @shirtamari from Wiz

K8s Cheat Sheet

Get Pods: kubectl get pods
Get Secrets: kubectl get secrets
Describe Pod: kubectl describe pod <pod_name>
Login To Registry crane auth
Export filesystem of a container crane export
Get the config of an image crane config
Get Service Account kubectl get serviceaccount
Create service account token: kubectl create token [service_account]
Get AWS Identity: aws sts get-caller-identity

choose your challenge:

DNSing with the stars

Hint #1

Reveal Hint?

Solve one more challenge and get a certificate!

Found an issue? Email us at research@wiz.io

With ❤️ by @nirohfeld & @shirtamari from Wiz

K8s Cheat Sheet