This was modified from https://gravitational.com/blog/kubernetes-websocket-upgrade-security-vulnerability/. All credit goes to the kind folks at Gravitational.

The original PoC code was modified to go a bit beyond checking for vulnerability and to actually run a command inside the first container in the first namespace. In this case, curl -s google.com inside the first pod/container in the default namespace on most clusters. From here, it's easy to make an actual tool to extract secrets, code, exfil data, etc.

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
vendor		vendor
.gitignore		.gitignore
Dockerfile		Dockerfile
Gopkg.lock		Gopkg.lock
Gopkg.toml		Gopkg.toml
LICENSE		LICENSE
README.md		README.md
build.go		build.go
mage.go		mage.go
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

vendor

vendor

.gitignore

.gitignore

Dockerfile

Dockerfile

Gopkg.lock

Gopkg.lock

Gopkg.toml

Gopkg.toml

LICENSE

LICENSE

README.md

README.md

build.go

build.go

mage.go

mage.go

main.go

main.go

Repository files navigation

This was modified from https://gravitational.com/blog/kubernetes-websocket-upgrade-security-vulnerability/. All credit goes to the kind folks at Gravitational.

CVE-2018-1002105

About

Releases

Packages

Languages

License

bgeesaman/cve-2018-1002105

Folders and files

Latest commit

History

Repository files navigation

This was modified from https://gravitational.com/blog/kubernetes-websocket-upgrade-security-vulnerability/. All credit goes to the kind folks at Gravitational.

CVE-2018-1002105

About

Resources

License

Stars

Watchers

Forks

Languages