Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Kubernetes Pods - API Discovery & Remote Code Execution" module is designed to detect a vulnerability in Kubernetes Pods API. It targets the Kubernetes software and has a critical severity level. The original authors of this module are ilovebinbash, geeknik, and 0xtavian.
When the service port is available, unauthenticated users can execute commands inside the container through this vulnerability. This can lead to unauthorized access and potential compromise of the Kubernetes environment.
The module sends HTTP requests to the "/pods" and "/api/v1/pods" paths using the GET method. It includes matching conditions to identify specific characteristics of the API response. The matching conditions include:
- Checking if the response contains the word "apiVersion" in any part of the response - Verifying if the response header includes the word "application/json" - Ensuring that the response status is 200 (OK)If all the matching conditions are met, the module reports a vulnerability.
Example HTTP request:
GET /pods HTTP/1.1
Host: [target_host]
For more information, you can refer to the following resources:
- https://github.com/officialhocc/Kubernetes-Kubelet-RCE - https://blog.binaryedge.io/2018/12/06/kube