nuclei-templates/http/misconfiguration/kubernetes/kubernetes-pods.yaml

35 lines
879 B
YAML
Raw Normal View History

2020-06-17 17:11:32 +00:00
id: kubernetes-pods-api
2020-09-17 08:50:01 +00:00
2020-06-17 15:56:34 +00:00
info:
name: Kubernetes Pods - API Discovery & Remote Code Execution
2021-06-09 12:20:56 +00:00
author: ilovebinbash,geeknik,0xtavian
severity: critical
description: A Kubernetes Pods API was discovered. When the service port is available, unauthenticated users can execute commands inside the container.
reference:
- https://github.com/officialhocc/Kubernetes-Kubelet-RCE
- https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/
tags: k8,unauth,kubernetes,devops,misconfig
metadata:
max-request: 2
2020-09-17 08:50:01 +00:00
http:
2020-06-17 15:56:34 +00:00
- method: GET
path:
2020-09-17 08:50:01 +00:00
- '{{BaseURL}}/pods'
2020-12-21 19:35:12 +00:00
- '{{BaseURL}}/api/v1/pods'
2021-09-04 10:24:24 +00:00
matchers-condition: and
2020-06-17 15:56:34 +00:00
matchers:
- type: word
words:
- "apiVersion"
2021-09-04 10:24:24 +00:00
2020-06-17 15:56:34 +00:00
- type: word
words:
- "application/json"
part: header
2021-09-04 10:24:24 +00:00
- type: status
status:
- 200