Yet Another Wiki

User Tools

Site Tools

Trace:
informatique:openshift:exploitation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
informatique:openshift:exploitation [2020/03/12 18:19] – created didzkovitchzinformatique:openshift:exploitation [2020/06/17 10:44] (current) didzkovitchz
Line 1: Line 1:
-Exploitation OpenShift+====== Exploitation OpenShift ====== 
 + 
 +===== Récupérer son token, cmd ===== 
 + 
 + 
 +<code> 
 +oc login -u username 
 +oc whoami -t 
 +</code> 
 + 
 +===== Récupérer son token, web ===== 
 + 
 + 
 +''%%curl -kv -u username:password -H "X-CSRF-Token: xxx" https://127.0.0.1:8443/oauth/authorize\?response_type\=token\&client_id\=openshift-challenging-client%%'' 
 + 
 +<code> 
 +* About to connect() to 127.0.0.1 port 8443 (#0) 
 +*   Trying 127.0.0.1... 
 +* Connected to 127.0.0.1 (127.0.0.1) port 8443 (#0) 
 +* Initializing NSS with certpath: sql:/etc/pki/nssdb 
 +* skipping SSL peer certificate verification 
 +* NSS: client certificate not found (nickname not specified) 
 +* SSL connection using TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 
 +* Server certificate: 
 +*       subject: CN=<adresse-IP> 
 +*       start date: août 29 14:11:51 2019 GMT 
 +*       expire date: août 28 14:11:52 2021 GMT 
 +*       common name: <adresse-IP> 
 +*       issuer: CN=openshift-signer@1566296166 
 +* Server auth using Basic with user '<username>' 
 +> GET /oauth/authorize?response_type=token&client_id=openshift-challenging-client HTTP/1.1 
 +> Authorization: Basic <basic-token> 
 +> User-Agent: curl/7.29.0 
 +> Host: 127.0.0.1:8443 
 +> Accept: */* 
 +> X-CSRF-Token: xxx 
 +
 +< HTTP/1.1 302 Found 
 +< Audit-Id: 6ebde094-43d0-432f-862e-9c60457b4c69 
 +< Cache-Control: no-cache, no-store, max-age=0, must-revalidate 
 +< Expires: Fri, 01 Jan 1990 00:00:00 GMT 
 +< Location: https://<FQDN>:8443/oauth/token/implicit#access_token=<token-demandé>&expires_in=86400&scope=user%3Afull&token_type=Bearer 
 +< Pragma: no-cache 
 +< Set-Cookie: ssn=MTU5MjMyMTY0MHxmVmtDenUwWHZTMEpkb0xtOWJXekVEbVZpLWpWRDdoYk9qZFUzRFA4eWZfUV9sdW41bmY3aFNsbFQtSzNNLUlhNVBDb3ZiWDV3a0Z6N2Z6MDJyNXdxdlJkOEdjX01tTkt3Q29nMTE5LTJYUklrc1NUMXprNmJmc0pDZHI2M1cxcTFCaWFOVDhYd3MxQzVFREYyeHJtMXFsT2N5RmEtNGhaRGQ3dWFpWGxmOHAtbC1CVEk4eEJHczVRbGtjUHo5TW9OYkZpSnJWc3x-EX8_3z0h5gEFCMRzXNz19Q2jXVgL_zqufsomSr_UFw==; Path=/; HttpOnly; Secure 
 +< Date: Tue, 16 Jun 2020 15:34:00 GMT 
 +< Content-Length:
 +
 +* Connection #0 to host 127.0.0.1 left intact 
 + 
 +</code> 
 + 
 +On a le token à la ligne :\\ 
 +''%%< Location: https://<FQDN>:8443/oauth/token/implicit#access_token=<token-demandé>&expires_in=86400&scope=user%3Afull&token_type=Bearer%%''
informatique/openshift/exploitation.1584033573.txt.gz · Last modified: 2020/03/12 18:19 by didzkovitchz