Docker and k8s

This section will contain the list of twitter feeds related to Docker and k8s security

• #BugBountyTip: Found an SSRF #vulnerability in a Jira instance, now what? Right! #RCE like a boss 8) - [Only for Docker deployments] http://[::1]:2375/containers/json - might get you the docker credentials in the form of env variables!

• Looking for kubelet information exposure?Use shodan and type this keyword :product:"Kubernetes" port:"10250"And try

  https://x.x.x.x:10255/pods

• #Bugbountytip Got a SSRF? no metadata endpoints to hit? Try https://kubernetes.default.svc/metrics if you get a load crap come back jackpot you've hit the kubernetes API and this should indicate it's shit the bed time for any security team. (url can change)

• Dumping credentials, tokens, and keys from Kubernetes. STEP 1: Perform a GET on the following Kubernetes path: http://<Kube_IPAddr>:2379/v2/keys/?recursive=true STEP 2: Look through returned results for possible credentials or kublet tokens. Credit @carnal0wnage#hashcrack