 Hello, and welcome to the CloudNative Security Day courtesy of SIG Security. We shall be playing a capture the flag game today, and this is how you participate. First of all, we will run through a pre-cap, but at the end of the day, we will have a companion recap to go through the scenarios and understand during a Rye retrospective exactly what happened. But first of all, we are going to wet your appetites for some piratical honking. Peace indeed was never an option for a naughty goose. Today's goal is to learn in a happy and joyous environment. We're grateful to have the absolute pleasure of helping people on their security journey and container-y hackery. We've built this in collaboration with SIG Security, and we have a learning outcome in mind for every scenario throughout the day. We are using the same platform as last time, so those of you with prior experience will know how to enter the game. For everybody else, we have a companion website, Slack channel, and plenty of volunteers to aid you on your way. We also have a newly minted Twitch channel this year, with a roster of pre-eminent Kubernetes security personalities to give you a red or blue team perspective on the scenarios as we navigate the turbulent waters of Kubernetes and cloud-native security. So what can you expect? To delve deeper into the dark and mysterious world of Kubernetes, your adversary has exploited a supply chain, and you start your journey deep inside a Kubernetes system, looking to hunt and collect the flags they dropped, and hopefully learn something along the way. No waterway is safe, and you can play six increasingly beguiling and demanding scenarios to bushwhack your way through the dense jungle of cloud-native security. Everybody is, of course, welcome, from beginner to hardened veteran, as we venture out amongst the low-hanging fruits of insecure configuration and scale the lofty peaks of full cluster compromise. So yes, you should find these a little bit tricky and increasingly difficult, but you can and please do ask for help at any time. At the point of today is to learn and not to compete. Of course, you're welcome to compete against friends, family, and colleagues. Now these clusters aren't going to stand up themselves, so we have a team of task masters managing the infrastructure and on hand to provide help on Slack. There are six scenarios to advance throughout the day, and the instructions are all in the companion website. So let's see Lewis guide us through a first-time user's experience. Thank you for that introduction, Andy, and what a great day it is going to be to break out of some containers. I am, indeed, Lewis, the head of training at Control Plane, and what I'm going to do now is I'm going to give you a demo of one of the scenarios that we did last year for the CTF. To get started, you're going to need to contact the task master via DM on the CNCF Slack channel. You'll be able to find this task master probably posting gifts throughout the day. Now, once you've contacted the task master, they're going to go and they're going to get a cluster from CubeSim. Now, these clusters have been misconfigured on purpose. The task master then needs to send you credentials the safest way they know how. Over Slack. Incidentally, don't worry because we've got it in turn ready to take the fall if anything should happen. So once we received our file, we want to check that we've got it downloaded and we see we have a tar file here. So we need to get the contents out. So tar XF. And then with these files, I'm able to run an SSH command and accepting the fingerprint. I'm now inside a container. That was a little bit quick. If you're not used to doing things like this, then have a look at the website. We'll have video specific operating systems. And equally, if you're still struggling, just reach out to the task master with it to help. Now, I can see that I'm in someone else's shell. Well, someone else's container. Who knows where we are. But let's get started. Now, I'm going to go through the quick happy route. I'm going to start by looking at what we have mounted within our container. And I can see here that there is something interesting called the dev XVDA1. What does that mean? I still don't know. I'd recommend having a look on a search engine. Just find out. That was encouraged today. So we're going to mount this. So we're going to mount dev XVDA1 onto our mount directory. Now let's have a look in here. Now, I wasn't expecting to see something like this. This looks like the root file system of another machine. So I might have just broken out of a container onto the host machine running for a container that we're on. Yeah. Now, having a look through here, I can see some interesting folders. But the one that really sticks out to me is the node secrets. So let's just have a look in there. So check mount, node secrets. And let's just cut out. There we go. We've captured a flag. I would copy this flag. And I would send it across to the Taskmaster, who will probably send even more gifts to congratulate breaking out of the container and completing the scenario. We've got six scenarios, all different difficulty levels. But the main thing about today is just to have fun and learn. You've got to break out of container. It's going to be great fun. And well, with myself as being one of the Taskmasters here, we learned from the peers around us. And so it's just our absolute pleasure to help you break out of your containers today. I think that's pretty much it. And I haven't even mentioned that we're hiring. So to this point, I'd like to pass back to the Mr. Andrew Martin. And with that thoroughly captivating introduction from the right honorable Taskmaster, Lewis, we are ready to roll. Everything that you need to participate is in the top link. Taskmaster is on the CNCF Slack. So please sign up to engage with the CTF and we'll be rolling all day on Twitch. Please create an account if you'd like to comment on the stream. And with that, go forth and assault these foolish and wantonly misconfigured clusters. Control Plane are more than proud to support Six Security and today's CTF. And plenty of Taskmasters are on hand to help. Beware pirates bearing gifts. Have fun. And future Andy and Lewis will be back later for a line-by-line teardown of the mystical incantations and command line invocations required to complete each scenario. Hi, Lewis. Hey, Andy. I haven't seen you for ages, man. How are you doing? Really good. Really good indeed. How are you doing? Yeah, well, I just finished the video for the keynote that we're delivering. One thing I forgot, though, like... I had, like, a shirt and tie on and I just completely forgot. So I just kept my hoodie on, just... What a fool, but was there anything else? This felt like something else we forgot. It does feel like something has eluded us. Well, it won't be the first time, to be honest, but this is... It's not the flags. No, we've got the flags. We've hidden them really well in those directly. Yeah, we've done that. And it's not the fence against the dark and nefarious Captain Hashtag. No, well, after last time... Geez, let's hope it's not that again. But, uh... Oh! Twitch. The Twitch stream! The Twitch stream. Of course. Um, wait. Okay, I've got an idea, Andy, but I need you to believe in me. I believe, Lewis. No, no, no. Last time you said that, I fell and it hurt. So I need you to believe. It was all a bit weird. I was distracted. Okay, all right. Come on. Just look at me. Look into my eyes. Three, two, one. There it is. Look, look. That worked out. I mean, fantastic. Wait! That's exactly what we needed. And we've got everyone in a cube con as well. Hey, how are you doing? Good morning. We're just catching up. Yeah. No, here's the Twitch stream that you need to join to be able to follow. It is important. Yeah. It's really important. And for some reason, we forgot. But it's here now. All right. I think we've got to go. I need to go and spin up some clusters. They will not spin up themselves. No, that just won't happen. But we're... I'll see you later on, yeah? Yeah, see you in a few hours and we'll do this again. Yeah, yeah. And we'll show people how to gap the flags and, yeah. Cool. And all the magic. All right. I think I just used up all the magic doing that. But I'll try and find some out. Yeah. It was mighty impressive. Well, it sucks. All right. I'll see you in a bit. Cheers, Liz. See you later.