- Can you see where in git we stored the `secrets-config.yml`? If not, just do a search.
5
5
- Take a look at the `Data` field: what can you find there?
6
6
7
-
PLEASE NOTE: The following options will only work when you have access to the K8s API. In this hosted version of WrongSecrets you do not have that access. When you are running a CTF: ask the organizer access to thetargetted K8s API.
7
+
PLEASE NOTE: The following options will only work when you have access to the K8s API. In this hosted version of WrongSecrets you do not have that access. When you are running a CTF: ask the organizer foraccess to the K8s API.
- Now do `env | grep SPECIAL_SPECIAL_K8S_SECRET` and there is your secret.
18
18
19
19
20
-
BTW:with `kubectl get <item> -A` gives you an overview of all the items over all the namespaces you have access to. Thisshowshow important itisnot to give people access to every namespace in your cluster, as this might mean leaking important config/items to them.
20
+
Note: `kubectl get <item> -A` gives you an overview of all the items over all the namespaces you have access to. It's important *not* to give people access to every namespace in your cluster, as this might mean leaking important config/items to them.
- Are you using the docker container? Use `docker logs <containerID>` to get the logs and find the value for challenge8
5
-
- Are you using K8s? Find the Pod (`kubectl get pods | grep secret`) and then do `kubectl logs -f <nameOfThePod>` to get the logs and find the value for challenge 8.
5
+
- Are you using K8s? Find the Pod (`kubectl get pods | grep secret`) and then do `kubectl logs -f <nameOfThePod>` to get the logs and find the value for challenge 8.
6
6
7
7
PLEASE NOTE: you are running this challenge on a hosted version of WrongSecrets. If you are not hosting it yourself, you might not have accesss to the defined outputs above. When you are running a CTF: ask the organizer access to the logging.
Jeroen Willemsen
committed
with
GitHub
2 years ago
1 parent beee99b8