Phantom Track
Level 25 → Level 26
Cluster Takeover
ACT IV1100 pts+50 first-blood bonus
First Blood: @galile0
Mission
Walk the full K8s API chain against 10.13.37.30:6443 — SA token → leaked cluster-admin token → read kube-system secret. No kubectl, just curl.
Why this matters in 2026
Kubectl-free cluster exploitation. Every modern red-team engagement exercises this sequence.
Mitigation era: 2026-04 · rotation policy: levels may be refreshed as CVEs are patched out of distro defaults.
Connection Terminal
Use the password forphantom25 that you captured on the previous level, then:ssh [email protected] -p 2223SSH command copied to clipboard!
Flag Submission
Log in to submit flags and track progress.
🩸
ACTIVE RECORDFirst Blood captured by