Kubernetes CTF- WIZ K8s LAN Party

n00๐Ÿ”‘
6 min readAug 20, 2024

Challenge: Recon

Statement-

DNSing with the stars
You have shell access to compromised a Kubernetes pod at the bottom of this page, and your next objective is to compromise other internal services further.

As a warmup, utilize DNS scanning to uncover hidden internal services and obtain the flag. We have โ€œloaded your machine with dnscan to ease this process for further challenges.

All the flags in the challenge follow the same format: wiz_k8s_lan_party{*}

Checking current permissions-

 kubectl auth can-i --list

Environment variables-

Found subdomains in .kube folder-

--

--