Kube-alien - Tool To Launches Attack On K8s Cluster From Within

✨ deeznutz

✨ deeznutz

✨ Master ✨
Staff member
Joined
May 15, 2017
Messages
981
Likes
760
Points
1,045
kubernetes.png


This tool launches attack on k8s cluster from within. That means you already need to have an access with permission to deploy pods in a cluster to run it. After running the kube-alien pod it tries to takeover cluster's nodes by adding your public key to node's /root/.ssh/authorized_keys file by using this image https://github.com/nixwizard/dockercloud-authorizedkeys (Can be adjusted using ADD_AUTHKEYS_IMAGE param in config.py) forked from docker/dockercloud-authorizedkeys. The attack succeedes if there is a misconfiguration in one of the cluster's components it goes along the following vectors:
  • Kubernetes API
  • Kubelet service
  • Etcd service
  • Kubernetes-Dashboard
What is the purpose of this tool?
  • While doing security audit of a k8s cluster one can quickly assess it's security posture.
  • Partical demostration of the mentioned attack vectors exploitation.
How can k8s cluster be attacked from within in a real life?
  • RCE or SSRF vunerability in an app which is being run in one of your cluster's pods.
Download Kube-Alien
 
You must log in or register to reply here.
Top Bottom