{"id":4243,"date":"2019-11-30T12:37:49","date_gmt":"2019-11-30T19:37:49","guid":{"rendered":"https:\/\/zed.inguardians.com\/?p=4243"},"modified":"2021-06-30T13:20:28","modified_gmt":"2021-06-30T20:20:28","slug":"peirates","status":"publish","type":"post","link":"https:\/\/zed.inguardians.com\/tools\/peirates\/","title":{"rendered":"Peirates"},"content":{"rendered":"
\n
\n

What is Peirates?<\/strong><\/p>\n

What is Peirates?\u00a0Peirates is a penetration testing tool for Kubernetes, focused on privilege escalation and lateral movement. It has an interactive interface, wherein the penetration tester chooses actions from the techniques that Peirates encodes. Some of the techniques in Peirates will give you administrative access to the cluster in one-shot. Others are intended to get you tokens for an increasing number of service accounts that you can use to move laterally, steal secrets, and chain together to achieve the goals of your penetration test.<\/p>\n

Note: Peirates is focused entirely on attacking a Kubernetes cluster. This may not be legal in your country or in the way that you use it. Please discuss its use with your lawyer and that of any organizations that own or participate in the management of the cluster.<\/p>\n

How Do I Use Peirates?<\/strong><\/p>\n

When you gain or are given remote code execution capability in a container running in a Kubernetes cluster, you use Peirates to expand that access. Peirates is a staticly-compiled binary that you can download or compile yourself using a golang compiler. Place this binary into the container that is your starting point, mark it executable and run it. You\u2019ll be presented with a menu of options \u2013 use these to gain access. Peirates is especially focused on gathering service account\u2019s tokens. If there are actions that you know how to accomplish with kubectl commands that aren\u2019t in Peirates, you have two options: (1) copy the service account token from Peirates into a kubectl command or (2) create code in Peirates to accomplish your goal, and submit a pull request so you can get credit and everyone\u00a0 else gets the benefit.<\/p>\n

What Can Peirates Do?\u00a0<\/strong><\/p>\n

Peirates has a number of Kubernetes penetration testing features. It\u2019s an interactive tool, intended to allow you to escalate privilege, move laterally, and take over clusters.<\/p>\n

The list of features is growing, as this active Open Source project continues to evolve. The current list:<\/p>\n