> For the complete documentation index, see [llms.txt](https://www.heresecurity.wiki/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://www.heresecurity.wiki/yun-an-quan/kubernetes/ding-shi-ren-wu.md).

# 定时任务

```
Cron 可用于调度在指定 pod 上运行的命令。 由于我们可以在 pod 上运行 bash 命令，因此攻击者可以读取服务帐户令牌并将其发送给攻击者。 攻击者可以使用此令牌对 Kubernetes 进行身份验证。
```

![image](https://raw.githubusercontent.com/xiaoy-sec/Pentest_Note/master/img/904.png)

```
创建 yaml 文件后，使用以下命令创建 cron 作业：
> kubectl create -f cron-job.yaml
如上所示，cron 作业每天凌晨 1:00 发出一个 curl 命令，它将“/var/run/secrets/kubernetes.io/serviceaccount/token”的内容发送到我们的域。 一旦我们将服务器帐户令牌附加到 pod，我们就可以登录。
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://www.heresecurity.wiki/yun-an-quan/kubernetes/ding-shi-ren-wu.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.