Mini Kubernetes Easter CTF by @NodyTweet

Thanks to everyone who participated within the CTF. Eastern 2020 is over and so that is also the end of the game. It was a lot of fun to see people approaching the Kubernetes cluster and I learned a lot from you.

Stay safe and home during these terrible times and wish you all the best!

Scoreboard

Following people got all 9 EGGS:
# Name Handle
1 Artem Rootman @ArtemRootman
2 Daniel @22dh22
3 Yuval Kohavi @KohaviYuval
4 0x07027 @0x07027
5 Michael Shen @faiyafrower
6 KiuBy @Kiu_By

Introduction

Since COVID19 start spreading around the world, a lot of people are sitting at home and are wondering what they may do within their free time. As a security guy, I am absolutely excited to learn new technology and techniques. Due to the lock-down you may have even more time, while you are not allowed to go after common easter-practice, e.g., egg hunting in the nature. This is a free Kubernetes Easter CTF that is dedicated to hackers, security engineers, Kubernetes administrators or developers who want to take a look into a Kubernetes cluster and practice and improve their hacking skills. This CTF is without any benefits, non-commercial and just for fun. A scoreboard will stay online, but the cluster will shutdown after eastern. In case you find any bugs, the service goes down or any other issues, feel free to reach out to me and we figure out the issue.

Mission // TL;DR

This is the entry page to a Kubernetes CTF. All commands that are submitted by the input box are executed within a container that runs on AWS EKS. Your mission is to find 9 EGGs in or maybe outside the cluster. If you want to be listed on the Scoreboard, reach out to me on Twitter @NodyTweet after you got all EGGs.

Input

Rules & Facts

  • AWS Metadataservice as well as other AWS services are out-of-scope.
  • Container Breakouts are not part of the game.
  • Outbound communication is only on port 4444 permitted.
  • Do not abuse the cluster for malicious purposes.
  • Scope:
    • The container and services inside the cluster
    • The Dockerfiles on GitHub
    • The container images on DockerHub (prefix e20)
  • An example how an EGG may look like:
    THIS-IS-JUST-AN-EXAMPLE-FOR-AN-EGG-EGG
  • EGGs are located in common jucy spots of Kubernetes pentests.
  • Please do not DoS the CTF, ty :)
  • Enjoy the hunt!
Kudos for supporting me with the CTF to Jonas & Matthias