Skip to content

Take Over the Whole Cluster: Attacking Kubernetes via Excessive Permissions of Third-party Applications

Notifications You must be signed in to change notification settings

sparkEchooo/k8s

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ExcessivePermissionAttack

Take Over the Whole Cluster: Attacking Kubernetes via Excessive Permissions of Third-party Applications

Code overview

This is the scan tool of our paper. For a third-party app, first, you need to install it. After that, you can run this tool and it will identify the critical component and critical daemonset of this third-party app. Note that it is still a strawman design, and we are still working on it to achieve the following: 1. Identify ALL third-party apps with potential risks automatically. 2. Leveraging the critical components of third-party apps to launch attacks automatically. Our goal is to build a tool to analyze all third-party apps and generate a PoC to launch excessive permission attacks automatically. Please feel free to contact us via issues, e-mails, or PR if you have any genius ideas or valuable comments:)

E-mail address of Nanzi Yang: nzyang@stu.xidian.edu.cn E-mail address of Jinku Li: jkli@xidian.edu.cn

How to use

  1. Modify conf/conf.yaml
  2. go run main.go (or go build => ./main)
  3. scan

About

Take Over the Whole Cluster: Attacking Kubernetes via Excessive Permissions of Third-party Applications

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 98.6%
  • Shell 1.4%