Kube-alien - Tool To Launches Attack On K8s Cluster From Within

✨ deeznutz

✨ Master ✨
Staff member
May 15, 2017

This tool launches attack on k8s cluster from within. That means you already need to have an access with permission to deploy pods in a cluster to run it. After running the kube-alien pod it tries to takeover cluster's nodes by adding your public key to node's /root/.ssh/authorized_keys file by using this image https://github.com/nixwizard/dockercloud-authorizedkeys (Can be adjusted using ADD_AUTHKEYS_IMAGE param in config.py) forked from docker/dockercloud-authorizedkeys. The attack succeedes if there is a misconfiguration in one of the cluster's components it goes along the following vectors:
  • Kubernetes API
  • Kubelet service
  • Etcd service
  • Kubernetes-Dashboard
What is the purpose of this tool?
  • While doing security audit of a k8s cluster one can quickly assess it's security posture.
  • Partical demostration of the mentioned attack vectors exploitation.
How can k8s cluster be attacked from within in a real life?
  • RCE or SSRF vunerability in an app which is being run in one of your cluster's pods.
Download Kube-Alien
Top Bottom