HTB SteamCloud WIP writeup

A kubernetes “machine”. This is going to be fun

1. Add to /etc/hosts

2. New nmap scan (define -p- for all ports)

Kubernetes identified.

3. Use kubeletctl to identify pods

nginx is the only one outside of the default kube-system namespace

4. Remember the commands (not using kubectl)

5. Profit

After the exec parameter you can specify any command (see next photo). I’d rather try and get a shell right away

No shell, just the command that was run is returned

6. Navigate to find the user flag