Challenge URL : https://eksclustergames.com/
so there are total 5 challenges in this CTF , on completion we get a cert as well.
so lets go & solve all of em
in this challenge a policy file is given :
{
"secrets": [
"get",
"list"
]
}
a web shell is also provided.
alright we got some configs, & the challenge name itself is secret keeper , so lets get secrets
by kubectl get secrets command with the provided config.bak
kubectl --kubeconfig config.bak get secrets log-rotate -o yaml
& that’s it , the flag was in base64 , so decoded it & got the flag! 1st challenge solved
Flag : wiz_eks_challenge{omg_over_privileged_secret_access}