You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Note: 提交issue前,请检查你所使用的CDK是否是最新版,有些BUG我们新版本已经修复啦。
Before submitting an issue, please check whether the CDK you are using is the latest version, otherwise there may be some bugs that have been fixed in latest version.
Hi here, I failed to execute k8s-backdoor-daemonset script with the following output:
/ # ./cdk run k8s-backdoor-daemonset default ubuntu
2021/04/05 07:06:51 getting K8s api-server API addr.
Find K8s api-server in ENV: https://10.233.0.1:443
2021/04/05 07:06:51 trying to deploy daemonset with image:kube-proxy to k8s-app:ubuntu
2021/04/05 07:06:51 api-server response:
{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"the server could not find the requested resource","reason":"NotFound","details":{},"code":404}
Here's my k8s version:
root@node1:/home/ubuntu# kubectl version --short
Client Version: v1.20.5
Server Version: v1.20.5
I noticed that my daemonsets resource is in apps/v1 API version, while CDK sends request to extensions/v1beta1:
And according to this Kubernetes Blog, from v1.16 on, DaemonSet in the extensions/v1beta1 and apps/v1beta2 API versions is no longer served. Migrate to use the apps/v1 API version, available since v1.9.
I guess that's why I failed to execute k8s-backdoor-daemonset script. My solution to this problem is checking version of the sever first (this could be done by sending request to /version, example is below), and then choosing the correct API version based on the server version.
By the way, CDK is a fantastic toolkit, thank you!
附加信息(Additional Information)
1、您执行 cdk evaluate --full 的返回结果是?(Full output of your execution of cdk evaluate --full)
$ ./cdk evaluate --full
[Information Gathering - System Info]
2021/04/05 07:13:16 current dir: /
2021/04/05 07:13:16 current user: root uid: 0 gid: 0 home: /root
2021/04/05 07:13:16 alpine alpine 3.13.4 kernel: 5.4.0-70-generic
[Information Gathering - Services]
2021/04/05 07:13:16 sensitive env found:
KUBERNETES_SERVICE_PORT=443
2021/04/05 07:13:16 sensitive env found:
KUBERNETES_PORT=tcp://10.233.0.1:443
2021/04/05 07:13:16 sensitive env found:
KUBERNETES_PORT_443_TCP_ADDR=10.233.0.1
2021/04/05 07:13:16 sensitive env found:
KUBERNETES_PORT_443_TCP_PORT=443
2021/04/05 07:13:16 sensitive env found:
KUBERNETES_PORT_443_TCP_PROTO=tcp
2021/04/05 07:13:16 sensitive env found:
KUBERNETES_PORT_443_TCP=tcp://10.233.0.1:443
2021/04/05 07:13:16 sensitive env found:
KUBERNETES_SERVICE_PORT_HTTPS=443
2021/04/05 07:13:16 sensitive env found:
KUBERNETES_SERVICE_HOST=10.233.0.1
[Information Gathering - Commands and Capabilities]
2021/04/05 07:13:16 available commands:
curl,wget,nc,find,ps,vi,mount,fdisk
2021/04/05 07:13:16 Capabilities:
CapEff: 00000000a80425fb
[Information Gathering - Mounts]
[Information Gathering - Net Namespace]
container net namespace isolated.
[Information Gathering - Sysctl Variables]
2021/04/05 07:13:16 net.ipv4.conf.all.route_localnet = 1
2021/04/05 07:13:16 You may be able to access the localhost service of the current container node or other nodes.
2021/04/05 07:13:16 CVE-2020-8558: The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue
which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Node setting allows for neighboring hosts to bypass localhost boundary.[Discovery - K8s API Server]2021/04/05 07:13:16 checking if api-server allows system:anonymous request. api-server forbids anonymous request. response:{"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"forbidden: User \"system:anonymous\" cannot get path \"/\"","reason":"Forbidden","details":{},"code":403}[Discovery - K8s Service Account] service-account is available2021/04/05 07:13:16 trying to list namespaces success, the service-account have a high authority. now you can make your own request to takeover the entire k8s cluster with `./cdk kcurl` command good luck and have fun.[Discovery - Cloud Provider Metadata API]2021/04/05 07:13:17 failed to dial Alibaba Cloud API.2021/04/05 07:13:18 failed to dial Azure API.2021/04/05 07:13:18 failed to dial Google Cloud API.2021/04/05 07:13:18 failed to dial Tencent Cloud API.[Information Gathering - Sensitive Files] .dockerenv - /.dockerenv /serviceaccount - /run/secrets/kubernetes.io/serviceaccount
2、请贴出完整错误信息,可以是命令行输出、软件报错信息、截图等。(Please post the full error message, which can be command line output, software error message, screenshots, etc.)
注意,请贴出完整错误信息,不要只粘贴错误的最后一行!Attention, please post the full error message, don't paste the last line of the error only!
Here's the screenshot of the error message:
The text was updated successfully, but these errors were encountered:
请详细描述你遇到的问题 (Please describe the issue in detail)
Hi here, I failed to execute
k8s-backdoor-daemonset
script with the following output:Here's my k8s version:
I noticed that my
daemonsets
resource is inapps/v1
API version, whileCDK
sends request toextensions/v1beta1
:CDK/pkg/exploit/k8s_backdoor_daemonset.go
Line 15 in ec5d7e6
And according to this Kubernetes Blog, from
v1.16
on, DaemonSet in theextensions/v1beta1
andapps/v1beta2
API versions is no longer served. Migrate to use theapps/v1
API version, available sincev1.9
.I guess that's why I failed to execute
k8s-backdoor-daemonset
script. My solution to this problem is checking version of the sever first (this could be done by sending request to/version
, example is below), and then choosing the correct API version based on the server version.By the way, CDK is a fantastic toolkit, thank you!
附加信息(Additional Information)
1、您执行
cdk evaluate --full
的返回结果是?(Full output of your execution ofcdk evaluate --full
)2、请贴出完整错误信息,可以是命令行输出、软件报错信息、截图等。(Please post the full error message, which can be command line output, software error message, screenshots, etc.)
注意,请贴出完整错误信息,不要只粘贴错误的最后一行!Attention, please post the full error message, don't paste the last line of the error only!
Here's the screenshot of the error message:
The text was updated successfully, but these errors were encountered: