====== Exploitation OpenShift ======
===== Récupérer son token, cmd =====
oc login -u username
oc whoami -t
===== Récupérer son token, web =====
''%%curl -kv -u username:password -H "X-CSRF-Token: xxx" https://127.0.0.1:8443/oauth/authorize\?response_type\=token\&client_id\=openshift-challenging-client%%''
* About to connect() to 127.0.0.1 port 8443 (#0)
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 8443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* NSS: client certificate not found (nickname not specified)
* SSL connection using TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
* Server certificate:
* subject: CN=
* start date: août 29 14:11:51 2019 GMT
* expire date: août 28 14:11:52 2021 GMT
* common name:
* issuer: CN=openshift-signer@1566296166
* Server auth using Basic with user ''
> GET /oauth/authorize?response_type=token&client_id=openshift-challenging-client HTTP/1.1
> Authorization: Basic
> User-Agent: curl/7.29.0
> Host: 127.0.0.1:8443
> Accept: */*
> X-CSRF-Token: xxx
>
< HTTP/1.1 302 Found
< Audit-Id: 6ebde094-43d0-432f-862e-9c60457b4c69
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Expires: Fri, 01 Jan 1990 00:00:00 GMT
< Location: https://:8443/oauth/token/implicit#access_token=&expires_in=86400&scope=user%3Afull&token_type=Bearer
< Pragma: no-cache
< Set-Cookie: ssn=MTU5MjMyMTY0MHxmVmtDenUwWHZTMEpkb0xtOWJXekVEbVZpLWpWRDdoYk9qZFUzRFA4eWZfUV9sdW41bmY3aFNsbFQtSzNNLUlhNVBDb3ZiWDV3a0Z6N2Z6MDJyNXdxdlJkOEdjX01tTkt3Q29nMTE5LTJYUklrc1NUMXprNmJmc0pDZHI2M1cxcTFCaWFOVDhYd3MxQzVFREYyeHJtMXFsT2N5RmEtNGhaRGQ3dWFpWGxmOHAtbC1CVEk4eEJHczVRbGtjUHo5TW9OYkZpSnJWc3x-EX8_3z0h5gEFCMRzXNz19Q2jXVgL_zqufsomSr_UFw==; Path=/; HttpOnly; Secure
< Date: Tue, 16 Jun 2020 15:34:00 GMT
< Content-Length: 0
<
* Connection #0 to host 127.0.0.1 left intact
On a le token à la ligne :\\
''%%< Location: https://:8443/oauth/token/implicit#access_token=&expires_in=86400&scope=user%3Afull&token_type=Bearer%%''