can-i gtfo?

Kubernetes RBAC Abuse Collection

View on GitHub

update nodes

Verb: update

Resource: nodes

Description: Update nodes

Abuses

Lateral Movement

Modify a node so that all its pods are evicted or no new pods are assigned to it. Repeat with other nodes until the pods are assigned to an attacker controlled node.

# Set NoExecute taint
## This will evict all pods (some pods may tolerate it. In this case use the PodCapacity technique)
# Set PodCapacity=0
## This leads to no new pods being assigned to the node. Wait or delete the running pods with one of the following permissions:
### update/patch pods
### delete pods
### create pods/eviction
← Back to overview