Sure, I will be happy if you can look at it.
I am planning to submit a CFP to Black Hat Asia and I can do it till 28.10.
This is the CFP I submitted to BlackHat europe which was declined:
Title: A Hole in The Ship: Exploiting Kubernetes Risky RBAC permissions
Attackers are increasingly targeting Kubernetes clusters to compromise
applications or abuse resources.
At this session we will show how some permissions can be exploited to escalate privileges
and introduce a tool designed to discover and eliminate risky permissions.
As Kubernetes becomes more popular it is inevitable that more clusters will come under attack by malicious actors wanting to compromise specific applications or opportunistic crooks looking to abuse resources for things like crypto-coin mining.
In this talk we are going to explore Kubernetes authentication and authorization mechanisms.
We will focus on the authorization model Role-Based Access Control (RBAC) permissions and talk about risky RBAC permissions and how we can take advantage of them and escalate our privileges (live demo).
We will continue and show how to reduce this attack surface and introduce an open source tool we created called “KubiScan” that’s designed to help blue and red teams to discover these risky permissions and find Pods with privileged service account token.