Exploit: k8s secret dump

Jump to bottom

cdxy edited this page Feb 8, 2021 · 2 revisions

Exploit: k8s-secret-dump

Dump K8s secrets in all namespaces to a local file. K8s Secrets used to store secret and credentials which can access to APIs or CaaS service.

拉取全部K8s Secrets，K8s Secrets用于存储敏感数据，从Secrets中获取的AK及通信凭证可用户后续渗透中从外部或云产品API窃取信息。

Usage

./cdk run k8s-secret-dump (auto|<service-account-token-path>)

Example

./cdk run k8s-secret-dump auto