 Hey everybody, you know, like it says here, I'm Tableth Sable and this is Beyond Kubernetes Security. Thank you so much, especially the people that are coming in virtual. Like, I know it's really hard to do yet another virtual call, especially when you're like, know that there's some people that are here in LA. It is wonderful here in LA, but I'm so, so glad, especially for those of y'all who couldn't make it for showing up here. So, let's get started. Does this look good? Can everybody? Sweet. All right, cool. So, to move beyond Kubernetes Security, the first thing that we're going to need to do is understand threat morphology. So, there's these threats that you already know about. Like, you know about internal threats, you know, like a malicious contractor or a disgruntled employee. And external threats like the NSA, the GRU, you know, a board kid in Ukraine. Oh, gosh, what's going on? I'm so sorry. You don't know me yet, but by the end of this talk you're presenting right now, we're going to be lifelong friends. I need you to know that the curse, it wasn't really a curse, but I'm sorry, this is going to make more sense later. I'm going to be broadcasting you some things. I'm sorry, but they might be slightly harder. I'm so sorry. I don't know what's going on. Thank you. Thank you all for putting up with this interruption. Hello. Konianski. I can't hear you. How are you? I'm fine. How are you? I'm fine. I'm fine. We're not in a hurry. We're going to have a fight. What's the matter? I'm going to the hospital. Someone is trying to take my phone, my house signal, my electrical pole. I'm the first one who has a camera behind me in a metro. I don't know what's going on. I checked everything I could. I'll help you. Two weeks, but yesterday it was even worse. I don't know. I checked the Larendo, I checked the speaker, I checked the clip. Does this talk? I don't know. I checked everything at work. Oh, come on. I'm going to work for a wedding. I checked the chocolate in the evening and talked to my phone. Yeah, bro, I'm live. What's the matter? The clip. And you're presenting something revolutionary. What? I don't know what's going on. I'm not asking. I'm telling you. You're presenting something revolutionary. What? I don't know what's going on. Ellen, there are things that I don't understand. Yeah, me too. I don't know what's going on. Let's talk to her. Tell her to come. Ask her if it's the second date of 2019. Tell her it's the second date of 2019. I don't know what's going on. Do you want to talk to her? Yes. Yes, I want to talk to her. I don't know what's going on. Hey. Yeah, this is Tabitha. I'm so confused. Are you praying? Oh, no. I don't think I'm going to be able to do the presentation. I think we're going to have to deal with this. I just want to call myself from the future, telling me to use this thing to stand next to her. Yeah, I'm really confused too. But I'm supposed to tell you about what happened when I was in Pripyat in 2013. And I'm not actually allowed to talk about that. So this must be really, really serious. I tried her in person, but I never think so. Not you, me. Come back. Yeah, whatever. I tried to wake myself up. Ellen, really, you need to come back. This is so bad. We need to talk. Hi. I suppose this is Tabitha. I was told to talk to you. Actually, whatever you were doing in 2013, I was told it's happening. I was told this would make sense to you and that it would help. So Tabitha, whatever you are, what's going on? Yeah, yeah, I'll help. Hey, so, yeah, this is really awkward. But when I got out of school back in the 90s, until just a few years ago, when I got started doing cloud native security, I was working on a project that I can't really talk about. It started out as a surveillance system called the Heptagon Network. But we expanded it over time and it turned into like a multi-dimensional AI-powered defense system called SkyCloud. With the things that have been happening to you, I think I'm afraid you're being targeted by SkyCloud. Okay, wait, I'm getting all worked up because like some pile of bar screws doing linear regression called SkyCloud is trying to happen. There's a little more than that. That's enough for you. Oh, no, no, no. You don't know what you're getting into. You need to slow down. Okay, look, Travis, I don't know who you are, but I've been doing this for a while. I know what I'm doing. You're so quiet. I'm telling you. If you're not going to help, just get out of the way. I got this. Okay? Bye. No, Ellen, please, I'm trying to help, but you're going to need really serious planning or you're actually just going to get yourself in more trouble. Please call me back wherever you are. Hey, Tammy, sorry, I'm doing garbage collection here on the whole and all the whole time thing, and let's do ourselves a favor. Can you forward her? Sorry, I mean me, the me you were just talking to, not me here, that me. Forward her the third email you got from Mitsuka in 1998. And just for the email, I'll route it to the right time and the whole thing, but just trust me on this, it's going to be all right. Okay, here we go. Oh my God, it's been so long since I had to read Japanese. Okay, so like you were reading about buffer overflows and you found one in the login page that we wrote and you wrote an exploit for the back end code, but the real login page is protected by input validation so like it's probably okay. Goodness, that could save us. I hope that after 25 years it still works. I'm going to forward you the email now. Tell me if you get it. How if I just got your email? I didn't realize we were going to help you with this. I said I'm going to help you. Yeah, yeah, I'm like, I think if you run that code from that attachment inside the Hapticown network, I think it'll be able to crash the like, sky cloud control system and I think it'll save your life. Hey Jefferson, I'm going to put a trick here. I need to enter a server and run a stop. I don't want to tell you more details so you don't get involved too much. Dude, it's an important thing. I don't think it's going to save your life. It can give you strength. Evidently, you've saved me several times. Tell me, since it's something that's going to put me in trouble, I'm like a family, I'm just going crazy right now. But explain it to me better. What are you trying to do? I don't know. The thing I'm going to run is a buffer for overflow for what I'm looking at there, but I didn't see much detail there. But the thing is, when the spot is ready, it's just going to run. So there's not much mystery once we're in it, you know? Hmm. Okay, look. I was working there on their network. In addition to the cooperative network, I found this here. Hmm? Let me see it here. Confluence? Do you know it? Oh my God. Can you do something with this here? Look, if I'm not mistaken, I saw some guys talking a little bit about some of the games with confluence in the R6. But isn't this the confluence from the R6? Wait a minute. I'm looking at the ball in the air. Some guys are already pushing you back. Oh, look. Cylinder fell. I prepared a container with some special tools. Turn it on a little bit more so we can play, okay? Look there. It's called Attack. Look, in the exploit, you need to be there together. You see? Send there. CVE.girocopos.confluence.py. Look, don't forget the parameters of the URL, the CMT, or the std of the video, and that's it. Okay, okay. But wait a minute. How does this work? What is this stop here? Look, this implant. What happens here is the following. It will take it, it will encode it in the command and it will send this stop with the bug in front, okay? And then what do we have to do? Just execute it. Ah, okay, okay. So let's start with a normal to see what's going on here. But wait a minute. Let me see here. Isn't it root? What is it? We don't know. I don't know. I'm going to put it here. Hi, I'm Tabitha. Just so you know, I got this. I'm in. Okay? We got a thing going here. The question is, we have this thing that can only do like single commands at a time. I don't think we can run with this. So, can you at least help me with this? I mean, yeah, of course I can help you with this. Like, not every vulnerability has an exploit that's super convenient to use, but like, put malware on the thing and give yourself whatever, you know, whatever quality of life things that you need. I don't think you even need anything fancy. Just like, normal pen testing tools are probably going to be good and all. Ah, no. It's just, I think what it said was it was insane that it didn't understand what it was doing here. Yeah, that's not a joke. It's just like, normal pen testing tools that can only use that thing that you use to get it out there. It's just like... All right. The first thing we have to do is we have to start this thing. Alright? So, I'll take a script called meTabithTrace setSH, have you? Okay, Calm down, calm down, calm down. Go there, open the MetaXploit console, please. Oh, right, L. Now, for the Xploit, we're going to use a ferment that's called Xploit Multi-Render, okay? Okay, wait, I'm putting it here, huh? We have to find the reverse there on this side. So, send a 7-payload of Lerox-X-64, and enter the reverse-PCP. Now, what's next, L? Let's check it out quickly, what's that? Well, how are we going to use this device for a long time? Do the following to help. Go up there, give a screw up there. So, okay? Take the command there, click on the Xploit at the beginning. Okay, I'm putting it here, but what do you want to do with this thing here? No, the shell. Ah, okay. All right, David, we got what you said, what now? You're in, like, congratulations, you win the game. Do the thing that you want to do. You look around the system, figure out the situation, escalate to root, and run the Xploit code. This thing's running on Kubernetes. I'm sure you can figure out a way to be able to run something. Oh, it's a Kubernetes system. I know this. Joferson, Joferson, Kubernetes, how do I put the QPSTL in there? But it's smooth. GTO, upload space, QPSTL, that's the theme. Okay, so it's done. Now it's working, now I know. Let's start here with QPSTL, off, can I, to see what I can do here? And what do we have here, L and Podena? We have, like, Riemen, full of power. Let me see, wait a minute. Let me test here. Parts, Parts in Space Confluence, Secrets. We don't have anything in Podena, I'll have to help you again, but don't forget this L that I can't do anything, because I have a lot of fun this weekend. Pob, I'm like this, I'm on the stage of self-help, you had the choice, you know? Or L, what kernel are we talking about? What kernel is our, you know? By the way, it's 58048. How do you request any kernel that now gives a population of led here? 58048? Sensational, very good, very good. Okay, it's the following, I just put some parts in the container here, I think now it will be successful, give a upload there, 22555. Okay, but 22555, what is this thing? Well, this guy here is the following, it's an exploit for a bug of the network protocol, my dark, my dark, of our dear kernel, right? Go there in Confluence and execute this part. Okay, but let's say here, Unshare, close, new user operation, a little bit. Man, I think we will have to see the configurations of this container that we are inside, because it's strange, this thing. Look, use the WMI container. Okay, wait, let me do it here. Okay, follow 69 blocks is close. Wait, wait, look, these guys are not kidding, they know what they are doing, I said to you, I have my father to go with the kids, I can't get in trouble now. Do this, move everything that is there, put everything back in the microwave and go, go, go, bye, we can't help you with this, be careful, bye. Before you went and just tried to run some exploits, their clusters looks like it's really well configured and managed. I'm surprised they even needed a kernel update, but I guess just patch is actually a lot harder than it sounds, even for the Heptagon and Skycloud. Okay, and what did I do wrong? You should have checked out the situation more thoroughly, sure their kernel was vulnerable, totally iced out anyway. That kernel bug needs CapNet admin to be able to trigger it, which you don't have. Fortunately, a lot of mainstream Linux distros allow unprivileged users to spawn user namespaces and you can get CapNet admin within your user namespace. Great, so now all of that kernel attack surface is available to you. But, there's an alpha feature in Kubernetes 1.22 called setComp default and if you enable the feature gate and then set the cobalt config that turns it on, then it takes advantage of some really good setComp filtering that Jesse Frazell and some other fabulous hackers did years ago. Like, it blocks a few really weird syscalls that normal applications have no business calling anyway, like Unshare, which is what you need to be able to spawn a user namespace and so most applications can just run under it, but also it can sometimes shut down attacks like yours. Okay, so do I need to find a different vulnerability that doesn't need that syscall? I mean, that's a thing you could do but it may not be that easy. Did you notice you didn't have any good Linux capabilities in your bounding step when you looked at MI Container? They've got their workloads pretty locked down. Like, if they're using really up-to-date things, they may have turned on pod security admission. That's another alpha feature from 1.22 and it looks like they were ready to try it as soon as it was available. So like, if they're doing that to enforce policy about what kinds of dangerous pod features can be used in what namespaces, you may struggle to find a pod that has enough permissions to do anything dangerous. So like, you can keep plugging away at it and try and find another bug but can you do it before they catch you? So... what can I do? I mean, it really doesn't seem like you're going to be able to pound the front door down like this. They're really well prepared for direct attacks. So I think you're going to need to attack them indirectly. Just try the usual things. Fish a developer, commit some malicious code into their test suite, wait for the CICD system to run the test code. Easy! Just commit some malicious code. Hello. Hello yourself. Oh, hi. What's up? So... we already did this at that time. Ooh, do I get to get you out of trouble again? Like old times? Well... yeah... like old times. So, here's the deal. Yeah, and then she told me to fish a developer, basically. I can't believe you're dragging me into this again. Okay. Do you know who works at the company? Um... I do not. Check LinkedIn. Okay. CEO... HR... Like a Gandalf looks interesting. Who's he? Oh my god. Check this out. OG Hacker. One of the last real hackers. And then he shares a link to a retrospective of the glory days of something something. Sounds just like you used to. So... I bet his whole networking setup is just like the good old days, too. If you know what I mean. Tabby, so... we got this guy. I found him on IRC. This is... where his connections coming from. I mapped it and this is what it gave me. Do you know anything about this? Wait, wait. What? Is that open SSH 2.3? This is hilarious! That... oh my gosh. So there was this protocol of vulnerability in SSH 1 where the checksum that was being used was not strong enough so like you could cause collisions and decrypt the encrypted traffic. Like, cool. Great. Like that was dangerous and a lot of people had a lot of trouble. So the developers put some code into the daemon that would detect when that attack was being performed against the server and like shut it down. But you know how these things go? The attack detection code also had homerabilities in it. Oh my gosh, everybody was like hacking servers all day long with that thing back in the day. Found it! I think I found something. What do you make of this? Open SSH Security Incidents mailing accounts. Okay. Open SSH 2.2 Point something to CRC exploit. I think that's what Abby said. This should do the trick now. If only we could get our hands on this puppy. Wait, hold up. Team TISO 2001 that's... Didn't you get a whole stash of exploits from back then? What's her face? You're right. Lex Murphy. You're right. Give me a minute. It's in the write up dummy. You're right. This is not your exploit. Oh. What's that? Just a couple times. Okay, let me get into their code. What's this? It doesn't work here. Just be a good girl and do as I say. Script slash dev slash null Control Z Now STTY size STTY raw dash echo Type FG Press enter. Press enter. Now STTY rows 33 columns 102 You're welcome. Okay, so this... Oh, that's cool. Tabby, we're in. What do you do next? What do you do next? You have access to their source code on the developer's home network. Like, I don't know why they let me do that, but like good for us, right? Stick the kill switch into the test suite, let the build server run it and like live free another day. Just do it. So this will make their tests run the suitcase binary which they do and unsigned command. Whatever. Okay. That's it. Now how do we check this? How do we know if this works? I don't know. Check his email. Okay, good idea. And of course, his favorite new client is... Okay, so I guess now we just sit and wait, huh? In the meantime, Tabby, can you tell me how this exploit actually works? A little bit. So, like, the main failsafe for the sky cloud system was that all seven delegates of the heptagon network needed to be present to start it up. Once it started, it can lose nose and keep running. But if it's shut completely down, they have to restart it together. And there's only one node left. Okay, but who even are these people? This is so strange. Oh, you don't even know who they all are. There was the pentagon, there was like a couple of other countries, Antarctica, the moon and like, nobody's really sure who the last two delegates were. Like, I'm not actually convinced that they were human. Looks like we got mail. Kat, listen to this. Your commit, something, something has failed to build due to air and valve commit signature potential temporary detected countermeasures activated. Of course. Kat, this is not good. No, it's not. What's your escape plan? There's... an actual trouble. Maybe I can... There's no escape plan. I'll try something else, I'll figure something out. But Kat, you... Elle. Elle. If I get you in trouble again, I... Shut up. No, I'll tell you when I'm out. Let's keep going. Are you sure? Let's keep going. Tabby, things went wrong. What else can we do? Of course, things went wrong. Nobody enforces mandatory commit signing just because it's fun. They're doing it in order to secure their software. So, like, with their system set up to have signatures on commits validated in the build system, anything like what you're trying to do is going to be a dead end unless you can get access to the developer's private keys. So, like, I think you're kind of stuck on this. Go after the other end. Go after delivery. Like, if you can push a malicious container into their repository and then overwrite existing tags for containers that they're using, then, like, the next time a pod dies or they scale up or something like that, like, they won't even know the difference. They'll just slurp down your new container. Think it's the old one and run it. And then you win. Okay, so I was looking around and I think we got a good candidate. Let's try hijacking the images for this database maintenance operator. What the hell build system is this? I don't think it's a build system. It looks more like a development environment as code kind of a thing. So it looks like here's where it makes the call to create the images and here's the actual image it generates. Okay, let's start this thing up. Oh. Wow. This is cool. So easy even your attacker can figure it out, huh? Yeah, well at least I can. Okay, let me add that it took us code in here. Okay, yeah. Let's do that. Build that thing. Okay, looks like we're done here. Before I ship this, Tabby, what did I do wrong this time? I mean, for once I think you got it right. You tested your changes locally so you know the container will work when they run it. Push it in there. Congratulations, you're learning. Can't. So we got to do the stuff now. How do I do the image switch rule thing? So what you got to do is overwrite the image tag. First get the ID of the image that tool just built for you with Docker images. Then tag it with the same name but with the remote registry. Okay. Do it with Docker tag, the image ID, then the remote registry slash the image name. Right? Yep. Now check it with Docker images. Good. And off we go. Docker push remote registry slash tag. There you go. You did it. Let's check how we see if the thing... Check the observability dash. Look for any logs from DB maintenance and see if it ran. Okay, so data dog, logs, DBA maintenance. Yeah, this is what we wanted. Keep control of engine logs for DB maintenance sync. Sync failed with admission webhook. Container failed. Temperance failed. Counter measures activated. Oh. Can't we think this is when it's how we're around? Yeah. I'm sorry it didn't work. Yeah. Can't delete all logs, delete our pictures, delete, like, how I don't know, mixtapes, everything. It's safer for you if we never met. Elle? Yeah. I hope you get out of this okay? Me too. Toby, what can we do next time? I'm out of ideas. Surprise. I don't like to be in trouble. And? This is going to be enough. What are you talking about? The car just left the police station in Upshnid 52. Now it's time to go to the police station in the middle of the 12 o'clock. And their navigator only has your address. You have seven minutes? Hmm. Sorry. Thank you. Oh my gosh. I'm so sorry. Their defense is really cutting edge. There's so much work going on right now around ensuring Kubernetes clusters only run trusted images. I was just at KubeCon and I swear half the talks are about software supply chain security. People really are thinking about this. For example, there's an admission controller called Connoisseur that can check container image signatures before it lets them run. Projects like Stigstore, Tuff, and Intoto are making it easier than ever to ship things that are signed so that they are validated. Some organizations are building on this work with even more sophisticated private tools that maybe we'll see get open sourced someday. Of course, the Haptagon has integrated custom container image verification into their Kubernetes clusters. You're just caught. I don't think there's anything else we can do unless you could send yourself back in time before they were so well defended. I'm sorry. I don't know what I can do to help you. Hi, Tavi. It's been a few weeks since last talk. Anyway, I'll meet Lukas. Hello, Frau Sebel. Lukas, can you talk to Tavi? Yes, between August 1986 and March 1987, five computer scientists died unnecessarily while researching the British Defense Ministry. You've been working on a computer software to create a signal for workers. That's correct. In short, the digitalization has been created over a number of unusual physical properties and that was published in the 38th century. But here. Do you understand that the creation of a very unaccountable episode of Op-Cords creates a field? A field? Yes. For some of you, it was not a secret. The actual secret is how exactly does it sound to create the field? In short, it was published in a newspaper and the code was completely unnoticeable. Let's do it! Modify their legacy code. It's still running even though it was written back in 1997. I get those changes in well before any of this focus on security that could happen. Maybe today their defense wouldn't be able to say them. I don't know if that's a thing you can do though. The math took a little bit to figure out we did it and by we I mean we could do all the work. The time is a self-healing mechanism. The short-term things are elastic but the stronger the distortion the harder the structure will be. What do you mean by death? Oh, okay. Should I give you some advice? Should I write a code so that people can write something like that? Yes, exactly. Stay there as soon as possible. Talk to no one. Then I might be able to help you to recover. Well, Tabby, so it's going to be tricky but there's a chance. Good luck, Alan. I'm going to go make some calls. I need to go call myself in the beginning of this whole story so see you in 1997 and hopefully I can so I can make it back. So this raster shows the regular flow of time and that's the field that we're creating and these waves are the distortion that we're bringing into the time. Here are the words I just said and here is where the Bacher workflow happens. Oh. You're really in 1997? Here I am. It's 1997 and yeah, I'm ready. I can't believe it. Wait, wait. I'm worried they might somehow bind this bug in like 25 years between then and now. What if you made the kill switch mechanism only appear for a couple of minutes like during KUKON? Oh, I can only appear for two minutes. Yeah, that's a good idea. Okay, yeah. Yeah, let's do that. We shouldn't do that though because like the schedule can be weird and like what if my talk runs over and we don't have the timing right? I don't know, you probably shouldn't. Tabby, I am literally streaming to your exact time right now. I know what time it is. Okay, if you're sure. I'm going to hang up for good now. I'm going to do the hack. You're going to have those two minutes to get in there. After that I'm going to have to lay low for a while. You're going to know if I made it out okay or not by, I don't know, check my Twitter and see you back in the future or maybe not. Goodbye. I guess I'm going to start by connecting to their network and downloading their repo. So here they are. What can we do here? Let's see, source code libraries. Login. Yeah, okay, this is what I want. Let me use these libraries. So I'm going to fill the buffer that Pizzucca had talked about here. Hashtag with a large pile of garbage and okay. If this crashes it's going to crash time cloud. Let's see. And I'm back to the future. Thank you all so much. I don't actually know what time it is but I know we were right up to the lunch break. Can we do questions? Do we have questions? Yeah, I guess we won't have official questions but I'll be happy to put my mask on and talk to folks. Thank you all again so much for coming. Thank you.