Working with Kubernetes
How can I use Kubernetes at home?
There are several ways that you can practice kubernetes. Spin up cloud resources, K3S, or my favorite K3d.
K3d is a wrapper around K3s, which run in docker container(s). This allows you to quickly deploy and destory clusters. It also allows you to have multi-node clusters, within a single host, to allow you to see how failover and other high availability services work.
Okay, How can I get started?
First you will need Docker installed. I will not be going over that in this document. Please refer to my other container documents. [links coming soon].
Next will be to install the k3d toolset. This can be accomlplished by the following command.
curl -s https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | bash
Important: As always, please review the script before piping to bash. This could lead to bad things.
Now the hard part. Creating the cluster. Lets create a cluster call[...]
I have the need to run an Azure Devops Agent as a systemD. Typcially I would just run it inside a container. But due to requirements on this system and pipeline I am unable to simply run inside a container. The belows assumes you have an agent already setup. Lets get started.
Creating the service file
First, lets go over the structure of a systemd service file.
There are three important sections. They are [Unit], [Service], and [Install]. The extension is .service and we can make comments with the hash symbol(#).
Lets create a file
[Unit] Description=Devops Service After=multi-user.target [Service] ExecStart=/home/[username]/myagent/run.sh WorkingDirectory=/home/[username]/myagent/ User=opc Group=opc Restart=always Type=simple [Install] WantedBy=default.target
What does each section do?
The [Unit] section helps describe the service and when to start it. In this case we want to ensure the network is up before starting the service. You can include an [...]
Working on another machine using the Hack The Box service and was able to quickly get user Resolute.
The place to start is to perform an always is reconnaissance. Running an NMAP scan against the server reveled that this server had LDAP installed.
sudo nmap -sS 10.10.10.169
We can continue our reconnaissance phase and scan the server's LDAP information with enum4linux.pl.
Running the following command ./enum4linux.pl -a 10.10.10.169 returned some interesting results. This returned an account with a description with a password in it.
Marko Novak has a description of a password being set to Welcome123! I noticed WinRM is enabled. Lets try logging into the system as Marko using EvilWinRM.
evil-winrm -i 10.10.10.169 -u marko -p Welcome123! cmd
It appears that Marko's password is no longer Welcome123!. Lets try that password using[...]
Recently ran into an opportunity that prevented a user from connecting into the network via VPN.
They would click login after entering her username and password and it would take up to 12 minutes before it would attempt to connect. This caused the login attempt to fail due to the secondary password changing several times since it was entered.
After researching the process with tools from SysInternals, it ended up being CScan.exe. The CScan utility was kicking off a scan after entering the credentials and was reading every key in Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages. Cleaning up the windows update files with cleanmgr.exe resolved this.[...]