You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What is not working?
Running Kubernetes Attacks when the user is using a KUBECONFIG environment variable
What OS are you using?
Mac OS X
What is your Stratus Red Team version?
2.3.0
Full output?
First run with KUBECONFIG set, output looks like this
stratus detonate k8s.persistence.create-token
2022/08/15 18:30:03 Checking your authentication against kubernetes
2022/08/15 18:30:03 unable to build kube config: stat /Users/rory.mccune/.kube/config:/Users/rory.mccune/.kube/kubeconfigs/kubeadm2nodeconfig.yaml:/Users/rory.mccune/.kube/kubeconfigs/traceeclusterconfig.yaml:/Users/rory.mccune/.kube/kubeconfigs/kubeadm122config.yaml:/Users/rory.mccune/.kube/kubeconfigs/kubeadmcontainerd.yaml:/Users/rory.mccune/.kube/kubeconfigs/calicotracee.yaml:/Users/rory.mccune/.kube/kubeconfigs/kube123.yaml:/Users/rory.mccune/.kube/kubeconfigs/kubeadm118.yaml:/Users/rory.mccune/.kube/kubeconfigs/ubuntu2110.yaml:/Users/rory.mccune/.kube/kubeconfigs/kube124.yaml:/Users/rory.mccune/.kube/kubeconfigs/kubeadm123win.yaml: no such file or directory
If I then unset the KUBECONFIG variable the attack works ok.
stratus detonate k8s.persistence.create-token
2022/08/15 18:30:17 Checking your authentication against kubernetes
2022/08/15 18:30:18 Creating a long-lived token forthe service account clusterrole-aggregation-controllerin kube-system
2022/08/15 18:30:18 Successfully created a long-lived token valid for 1 year:
The text was updated successfully, but these errors were encountered:
So I think the general expectation here is that Stratus would pick up the current-context being used by the user and send requests to the cluster in that context. This should work with environment variables and the default Kubernetes kubeconfig. At the moment stratus is handling some cases ok but not working with a case of an environment variable with multiple kubeconfigs in it.
Thanks, updated the issue name to make clearer what we need to fix
christophetd
changed the title
Running Kubernetes Attacks when the user is using a KUBECONFIG environment variable
K8s provider: support KUBECONFIG environment variable containing multiple paths
Aug 22, 2022
What is not working?
Running Kubernetes Attacks when the user is using a KUBECONFIG environment variable
What OS are you using?
Mac OS X
What is your Stratus Red Team version?
2.3.0
Full output?
First run with KUBECONFIG set, output looks like this
If I then unset the KUBECONFIG variable the attack works ok.
The text was updated successfully, but these errors were encountered: