Skip to content

Commit e28d132

Browse files
authored
Merge pull request #161 from aaaart3m/scenario-4-fix
fix crictl command and path to config
2 parents a20c879 + 8ae59f9 commit e28d132

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed
-584 KB
Loading

guide/docs/scenarios/scenario-4/scenario-4.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -89,15 +89,15 @@ chroot /host-system bash
8989
- As you can see, now you can access all the host system resources like docker containers, configurations, etc.
9090

9191
```bash
92-
docker ps
92+
crictl pods
9393
```
9494

9595
![Scenario 4 chroot host](../images/sc-4-3.png)
9696

9797
- The Kubernetes node configuration can be found at the default path, which is used by the node level kubelet to talk to the Kubernetes API Server. If you can use this configuration, you gain the same privileges as the Kubernetes node.
9898

9999
```bash
100-
cat /var/lib/kubelet/kubeconfig
100+
cat /etc/kubernetes/admin.conf
101101
```
102102

103103
![Scenario 4 kubelet config](../images/sc-4-4.png)
@@ -111,7 +111,7 @@ You can use the available `kubectl` command-line utility to explore other resour
111111
- Using the kubelet configuration to list the Kubernetes cluster-wide resources
112112

113113
```bash
114-
kubectl --kubeconfig /var/lib/kubelet/kubeconfig get all -n kube-system
114+
kubectl --kubeconfig /etc/kubernetes/admin.conf get all -n kube-system
115115
```
116116

117117
![Scenario 4 get kube-system](../images/sc-4-5.png)
@@ -120,11 +120,11 @@ kubectl --kubeconfig /var/lib/kubelet/kubeconfig get all -n kube-system
120120

121121
From here you can go beyond by performing the lateral moment and a post-exploitation based on the available setup, configuration, and resources
122122
:::
123-
123+
e
124124
- You are able to obtain the available nodes in the Kubernetes cluster by running the following command:
125125

126126
```bash
127-
kubectl --kubeconfig /var/lib/kubelet/kubeconfig get nodes
127+
kubectl --kubeconfig /etc/kubernetes/admin.conf get nodes
128128
```
129129

130130
- Hooray 🥳 , now you can see that it returns the cluster nodes available as we have the privilege/permissions with obtained configuration to query the Kubernetes API server

0 commit comments

Comments
 (0)