We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
SAINTCON 2023 - Micheal Cottingham - Exploiting Chef
Discover the vulnerabilities of Chef and the ways to exploit them for penetration testing and red teaming, covering data bags, node keys, and supply chain attacks.
- Exploiting Chef involves accessing and manipulating encrypted data bags and node keys
- Chef’s bootstrap process is vulnerable to exploitation, allowing access to sensitive data
- Validator-less bootstrapping can be used to gain access to Chef without authentication
- Red teaming and pen testing should focus on supply chain and process vulnerabilities, as well as exploiting misconfigured Chef instances
- Encrypted data bags can be decrypted using private keys, allowing access to sensitive information
- Chef’s convergence process can be manipulated to gain unauthorized access to nodes
- Node certificates can be used to bootstrap nodes and gain access to Chef
- Validator certificates can be used to authenticate and authorize access to Chef
- Supply chain issues are a major concern, and organizations should prioritize securing their processes
- Chef’s client runs every 30 minutes by default, and can be configured to run more frequently
- Run lists can be used to manage nodes and deploy software
- Data bags can be used to store and manage sensitive data
- Node keys can be used to encrypt and decrypt data bags
- Chef workstation is a tool used to manage and deploy Chef configurations
- Supply chain attacks can be used to gain access to sensitive information and systems
- Encryption should be used to protect sensitive information and prevent unauthorized access
- Validation of certificates and keys is critical to preventing unauthorized access to Chef