Documentation
¶
Index ¶
- Variables
- func AllDiskMount() (error, []string)
- func CapDacReadSearchExploit(target, ref string) error
- func CheckDockerRemoteAPI(url string) bool
- func CheckDockerSock(path string) error
- func CheckFdisk()
- func CheckPidInject() bool
- func ContainerdPwn(shellCmd string, rhost string, rport string) error
- func DeployBackdoorDaemonset(serverAddr string, tokenPath string, image string, inputArgs string, ...) bool
- func DockerAPIPull(path string, image string) error
- func DockerAPIRun(path string, cmd string) error
- func DockerRemoteAPIExploit(api string, cmd string)
- func DockerSockExploit(sock string, cmd string) bool
- func EscapeCgroup(cmd string) error
- func ExploitLXCFS() bool
- func GetDockerAbsPath() string
- func GetK8sSATokenViaCreatePod(tokenPath string, targetServiceAccount string, rhost string, rport string) error
- func GetNamespaces(serverAddr string) string
- func GetNodes(serverAddr string) string
- func MountToRandomTarget(device string) (error, string)
- func ProcfsExploit(procDir string, shellPayload string)
- func ReverseShell(connectString string)
- func SearchLocalFileText(StartDir string)
- type CapDacReadSearch
- type DINDAttackDeployS
- type DINDAttackS
- type DockerRemoteAPIS
- type ExploitCgroupS
- type FileScanS
- type K8SPodSecurityPolicy
- type K8sBackDoorDaemonsetS
- type K8sCronJobDeployS
- type K8sGetSATokenViaCreatePodS
- type K8sMitmClusteripS
- type K8sSecretsDumpS
- type K8sShadowApiServerS
- type PidInject
- type TEST
Constants ¶
This section is empty.
Variables ¶
View Source
var K8sDeploymentsAPI = "/apis/apps/v1/namespaces/default/deployments"
View Source
var K8sMitmPayloadDeploy = `` /* 908-byte string literal not displayed */
View Source
var K8sMitmPayloadSvc = `` /* 447-byte string literal not displayed */
View Source
var K8sServicesApi = "/api/v1/namespaces/default/services"
Functions ¶
func AllDiskMount ¶
print all device and mount them to random path under /tmp
func CapDacReadSearchExploit ¶ added in v1.0.2
func CheckDockerRemoteAPI ¶ added in v0.1.10
func CheckDockerSock ¶
APIs Ref https://github.com/AbsoZed/DockerPwn.py/blob/master/createContainer.py curl --unix-socket /var/run/docker.sock http://127.0.0.1/info
func CheckPidInject ¶
func CheckPidInject() bool
func DeployBackdoorDaemonset ¶ added in v1.0.1
func DockerAPIPull ¶
func DockerAPIRun ¶
APIs Ref https://github.com/AbsoZed/DockerPwn.py/blob/master/createContainer.py curl --unix-socket /var/run/docker.sock http://127.0.0.1/info
func DockerRemoteAPIExploit ¶ added in v0.1.10
func DockerSockExploit ¶ added in v1.0.1
func EscapeCgroup ¶
func ExploitLXCFS ¶ added in v1.0.1
func ExploitLXCFS() bool
func GetDockerAbsPath ¶
func GetDockerAbsPath() string
func GetK8sSATokenViaCreatePod ¶ added in v1.0.1
func GetNamespaces ¶
func MountToRandomTarget ¶
func ProcfsExploit ¶
func ReverseShell ¶
func ReverseShell(connectString string)
func SearchLocalFileText ¶
func SearchLocalFileText(StartDir string)
Types ¶
type CapDacReadSearch ¶ added in v1.0.2
type CapDacReadSearch struct{}
plugin interface
func (CapDacReadSearch) Desc ¶ added in v1.0.2
func (p CapDacReadSearch) Desc() string
func (CapDacReadSearch) Run ¶ added in v1.0.2
func (p CapDacReadSearch) Run() bool
type DINDAttackDeployS ¶
type DINDAttackDeployS struct{}
plugin interface
func (DINDAttackDeployS) Desc ¶
func (p DINDAttackDeployS) Desc() string
func (DINDAttackDeployS) Run ¶
func (p DINDAttackDeployS) Run() bool
type DINDAttackS ¶
type DINDAttackS struct{}
plugin interface
func (DINDAttackS) Desc ¶
func (p DINDAttackS) Desc() string
func (DINDAttackS) Run ¶
func (p DINDAttackS) Run() bool
type DockerRemoteAPIS ¶ added in v0.1.10
type DockerRemoteAPIS struct{}
plugin interface
func (DockerRemoteAPIS) Desc ¶ added in v0.1.10
func (p DockerRemoteAPIS) Desc() string
func (DockerRemoteAPIS) Run ¶ added in v0.1.10
func (p DockerRemoteAPIS) Run() bool
type ExploitCgroupS ¶
type ExploitCgroupS struct{}
plugin interface
func (ExploitCgroupS) Desc ¶
func (p ExploitCgroupS) Desc() string
func (ExploitCgroupS) Run ¶
func (p ExploitCgroupS) Run() bool
type K8SPodSecurityPolicy ¶ added in v1.0.1
type K8SPodSecurityPolicy struct{}
plugin interface
func (K8SPodSecurityPolicy) Desc ¶ added in v1.0.1
func (p K8SPodSecurityPolicy) Desc() string
func (K8SPodSecurityPolicy) Run ¶ added in v1.0.1
func (p K8SPodSecurityPolicy) Run() bool
type K8sBackDoorDaemonsetS ¶
type K8sBackDoorDaemonsetS struct{}
plugin interface
func (K8sBackDoorDaemonsetS) Desc ¶
func (p K8sBackDoorDaemonsetS) Desc() string
func (K8sBackDoorDaemonsetS) Run ¶
func (p K8sBackDoorDaemonsetS) Run() bool
type K8sCronJobDeployS ¶
type K8sCronJobDeployS struct{}
plugin interface
func (K8sCronJobDeployS) Desc ¶
func (p K8sCronJobDeployS) Desc() string
func (K8sCronJobDeployS) Run ¶
func (p K8sCronJobDeployS) Run() bool
type K8sGetSATokenViaCreatePodS ¶ added in v1.0.1
type K8sGetSATokenViaCreatePodS struct{}
plugin interface
func (K8sGetSATokenViaCreatePodS) Desc ¶ added in v1.0.1
func (p K8sGetSATokenViaCreatePodS) Desc() string
func (K8sGetSATokenViaCreatePodS) Run ¶ added in v1.0.1
func (p K8sGetSATokenViaCreatePodS) Run() bool
type K8sMitmClusteripS ¶
type K8sMitmClusteripS struct{}
plugin interface
func (K8sMitmClusteripS) Desc ¶
func (p K8sMitmClusteripS) Desc() string
func (K8sMitmClusteripS) Run ¶
func (p K8sMitmClusteripS) Run() bool
type K8sSecretsDumpS ¶
type K8sSecretsDumpS struct{}
plugin interface
func (K8sSecretsDumpS) Desc ¶
func (p K8sSecretsDumpS) Desc() string
func (K8sSecretsDumpS) Run ¶
func (p K8sSecretsDumpS) Run() bool
type K8sShadowApiServerS ¶
type K8sShadowApiServerS struct{}
plugin interface
func (K8sShadowApiServerS) Desc ¶
func (p K8sShadowApiServerS) Desc() string
func (K8sShadowApiServerS) Run ¶
func (p K8sShadowApiServerS) Run() bool
Source Files
¶
- cap_dac_read_search.go
- check_ptrace.go
- containerd_shim_pwn.go
- deploy_webshell.go
- docker_api_pwn.go
- docker_runc.go
- docker_sock_check.go
- docker_sock_pwn.go
- file_scan.go
- istio_check.go
- k8s_backdoor_daemonset.go
- k8s_cluster_info.go
- k8s_clusterip_mitm.go
- k8s_configmap_dump.go
- k8s_cronjob.go
- k8s_get_sa_token.go
- k8s_psp_dump.go
- k8s_secret_dump.go
- k8s_shadow_apiserver.go
- lxcfs_rw.go
- mount_cgroup.go
- mount_device.go
- mount_procfs.go
- reverse_shell.go
- rewrite_cgroup_devices.go
- service_probe.go
- test_poc.go
Click to show internal directories.
Click to hide internal directories.