You’ve seen Kubernetes cluster hacks, but the Kubernetes defenses are getting stronger. Breaking your way to full cluster admin isn’t nearly as easy as it used to be… But, it’s still possible on a ton of clusters, particularly when the defenses don’t work the way it seems they’re supposed to work.
In this demo-dominated talk, we’ll show an attack that starts with a compromised library, moves laterally, and escalates privilege to compromise of a single node of a large cluster. That’s where things get interesting, where you can see how Kubernetes and cloud provider defenses have evolved. We’ll move into a multiverse of madness, where a single choice of defense leads to a different universe, with a cluster that should be stronger than it turns out to be. We’ll demonstrate how the single node compromise could lead to entire cluster compromise, working through an escalating option of defenses. In the course of the talk, we’ll demonstrate a previously-unknown weakness in one cloud-related defense, as well as weaknesses that are known, but not widely-understood. In each case, we’ll show or discuss what you can do to make your cluster safer.