Explore advanced post-exploitation techniques for a compromised ETCD in this informative conference talk by Luis Toro Puig from NCC Group. Delve into the potential consequences of an ETCD breach, whether at the container or host level, and discover how understanding Kubernetes' data injection mechanisms into ETCD can be leveraged for malicious purposes. Learn about methods for tampering with data, injecting rogue pods, establishing persistence within a cluster, and circumventing scheduler logic and AdmissionController restrictions. Gain valuable insights into the far-reaching implications of ETCD compromise and enhance your knowledge of Kubernetes security vulnerabilities.
Overview
Syllabus
Post-Exploiting a Compromised ETCD - Luis Toro Puig, NCC Group
Taught by
CNCF [Cloud Native Computing Foundation]