adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3f5bd3de2d1affa01e2f6c2066c6bb0fc6413bc
metasploit-gs/api/Msf/Exploit/Remote/HTTP/Kubernetes/Enumeration.html
T
jenkins-metasploit c3f5bd3de2 Reboot gh-pages
2026-05-08 17:08:43 +00:00

1211 lines
73 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>
Module: Msf::Exploit::Remote::HTTP::Kubernetes::Enumeration
&mdash; Documentation by YARD 0.9.37
</title>
<link rel="stylesheet" href="../../../../../css/style.css" type="text/css" />
<link rel="stylesheet" href="../../../../../css/common.css" type="text/css" />
<script type="text/javascript">
pathId = "Msf::Exploit::Remote::HTTP::Kubernetes::Enumeration";
relpath = '../../../../../';
</script>
<script type="text/javascript" charset="utf-8" src="../../../../../js/jquery.js"></script>
<script type="text/javascript" charset="utf-8" src="../../../../../js/app.js"></script>
</head>
<body>
<div class="nav_wrap">
<iframe id="nav" src="../../../../../class_list.html?1"></iframe>
<div id="resizer"></div>
</div>
<div id="main" tabindex="-1">
<div id="header">
<div id="menu">
<a href="../../../../../_index.html">Index (E)</a> &raquo;
<span class='title'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span> &raquo; <span class='title'><span class='object_link'><a href="../Kubernetes.html" title="Msf::Exploit::Remote::HTTP::Kubernetes (module)">Kubernetes</a></span></span>
&raquo;
<span class="title">Enumeration</span>
</div>
<div id="search">
<a class="full_list_link" id="class_list_link"
href="../../../../../class_list.html">
<svg width="24" height="24">
<rect x="0" y="4" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="12" width="24" height="4" rx="1" ry="1"></rect>
<rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
</svg>
</a>
</div>
<div class="clear"></div>
</div>
<div id="content"><h1>Module: Msf::Exploit::Remote::HTTP::Kubernetes::Enumeration
</h1>
<div class="box_info">
<dl>
<dt>Defined in:</dt>
<dd>lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb</dd>
</dl>
</div>
<h2>Overview</h2><div class="docstring">
<div class="discussion">
<p>The mixin for enumerating a Msf::Exploit::Remote::HTTP::Kubernetes API</p>
</div>
</div>
<div class="tags">
</div>
<h2>Instance Attribute Summary <small><a href="#" class="summary_toggle">collapse</a></small></h2>
<ul class="summary">
<li class="protected ">
<span class="summary_signature">
<a href="#kubernetes_client-instance_method" title="#kubernetes_client (instance method)">#<strong>kubernetes_client</strong> &#x21d2; Object </a>
</span>
<span class="note title readonly">readonly</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute kubernetes_client.</p>
</div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#output-instance_method" title="#output (instance method)">#<strong>output</strong> &#x21d2; Object </a>
</span>
<span class="note title readonly">readonly</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'>
<p>Returns the value of attribute output.</p>
</div></span>
</li>
</ul>
<h2>
Instance Method Summary
<small><a href="#" class="summary_toggle">collapse</a></small>
</h2>
<ul class="summary">
<li class="protected ">
<span class="summary_signature">
<a href="#attempt_enum-instance_method" title="#attempt_enum (instance method)">#<strong>attempt_enum</strong>(resource, &amp;block) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_all-instance_method" title="#enum_all (instance method)">#<strong>enum_all</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_auth-instance_method" title="#enum_auth (instance method)">#<strong>enum_auth</strong>(namespace) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_namespaces-instance_method" title="#enum_namespaces (instance method)">#<strong>enum_namespaces</strong>(name: nil) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_pods-instance_method" title="#enum_pods (instance method)">#<strong>enum_pods</strong>(namespace, name: nil) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_secrets-instance_method" title="#enum_secrets (instance method)">#<strong>enum_secrets</strong>(namespace, name: nil) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#enum_version-instance_method" title="#enum_version (instance method)">#<strong>enum_version</strong> &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="public ">
<span class="summary_signature">
<a href="#initialize-instance_method" title="#initialize (instance method)">#<strong>initialize</strong>(info = {}) &#x21d2; Object </a>
</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#parse_jwt-instance_method" title="#parse_jwt (instance method)">#<strong>parse_jwt</strong>(token) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#parse_private_key-instance_method" title="#parse_private_key (instance method)">#<strong>parse_private_key</strong>(data) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
<li class="protected ">
<span class="summary_signature">
<a href="#report_secrets-instance_method" title="#report_secrets (instance method)">#<strong>report_secrets</strong>(namespace, secrets) &#x21d2; Object </a>
</span>
<span class="note title protected">protected</span>
<span class="summary_desc"><div class='inline'></div></span>
</li>
</ul>
<div id="instance_attr_details" class="attr_details">
<h2>Instance Attribute Details</h2>
<span id=""></span>
<div class="method_details first">
<h3 class="signature first" id="kubernetes_client-instance_method">
#<strong>kubernetes_client</strong> &#x21d2; <tt>Object</tt> <span class="extras">(readonly, protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the value of attribute kubernetes_client.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
103
104
105</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 103</span>
<span class='kw'>def</span> <span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span>
<span class='ivar'>@kubernetes_client</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<span id=""></span>
<div class="method_details ">
<h3 class="signature " id="output-instance_method">
#<strong>output</strong> &#x21d2; <tt>Object</tt> <span class="extras">(readonly, protected)</span>
</h3><div class="docstring">
<div class="discussion">
<p>Returns the value of attribute output.</p>
</div>
</div>
<div class="tags">
</div><table class="source_code">
<tr>
<td>
<pre class="lines">
103
104
105</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 103</span>
<span class='kw'>def</span> <span class='id identifier rubyid_output'>output</span>
<span class='ivar'>@output</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
<div id="instance_method_details" class="method_details_list">
<h2>Instance Method Details</h2>
<div class="method_details first">
<h3 class="signature first" id="attempt_enum-instance_method">
#<strong>attempt_enum</strong>(resource, &amp;block) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
105
106
107
108
109</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 105</span>
<span class='kw'>def</span> <span class='id identifier rubyid_attempt_enum'>attempt_enum</span><span class='lparen'>(</span><span class='id identifier rubyid_resource'>resource</span><span class='comma'>,</span> <span class='op'>&amp;</span><span class='id identifier rubyid_block'>block</span><span class='rparen'>)</span>
<span class='id identifier rubyid_block'>block</span><span class='period'>.</span><span class='id identifier rubyid_call'>call</span>
<span class='kw'>rescue</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kubernetes.html" title="Msf::Exploit::Remote::HTTP::Kubernetes (module)">Kubernetes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Error.html" title="Msf::Exploit::Remote::HTTP::Kubernetes::Error (module)">Error</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Error/ApiError.html" title="Msf::Exploit::Remote::HTTP::Kubernetes::Error::ApiError (class)">ApiError</a></span></span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_e'>e</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_enum_failure'>print_enum_failure</span><span class='lparen'>(</span><span class='id identifier rubyid_resource'>resource</span><span class='comma'>,</span> <span class='id identifier rubyid_e'>e</span><span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_all-instance_method">
#<strong>enum_all</strong> &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 15</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_all'>enum_all</span>
<span class='id identifier rubyid_token_claims'>token_claims</span> <span class='op'>=</span> <span class='id identifier rubyid_parse_jwt'>parse_jwt</span><span class='lparen'>(</span><span class='id identifier rubyid_api_token'>api_token</span><span class='rparen'>)</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_claims'>print_claims</span><span class='lparen'>(</span><span class='id identifier rubyid_token_claims'>token_claims</span><span class='rparen'>)</span> <span class='kw'>if</span> <span class='id identifier rubyid_token_claims'>token_claims</span>
<span class='id identifier rubyid_enum_version'>enum_version</span>
<span class='id identifier rubyid_namespace_items'>namespace_items</span> <span class='op'>=</span> <span class='id identifier rubyid_enum_namespaces'>enum_namespaces</span>
<span class='id identifier rubyid_namespaces_name'>namespaces_name</span> <span class='op'>=</span> <span class='id identifier rubyid_namespace_items'>namespace_items</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_item'>item</span><span class='op'>|</span> <span class='id identifier rubyid_item'>item</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:metadata</span><span class='comma'>,</span> <span class='symbol'>:name</span><span class='rparen'>)</span> <span class='rbrace'>}</span>
<span class='comment'># If there&#39;s no permissions to access namespaces, we can use the current token&#39;s namespace,
</span> <span class='comment'># as well as trying some common namespaces
</span> <span class='kw'>if</span> <span class='id identifier rubyid_namespace_items'>namespace_items</span><span class='period'>.</span><span class='id identifier rubyid_empty?'>empty?</span>
<span class='id identifier rubyid_current_token_namespace'>current_token_namespace</span> <span class='op'>=</span> <span class='id identifier rubyid_token_claims'>token_claims</span><span class='op'>&amp;.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>kubernetes.io</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>namespace</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_possible_namespaces'>possible_namespaces</span> <span class='op'>=</span> <span class='lparen'>(</span><span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>NAMESPACE_LIST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_split'>split</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>,</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>+</span> <span class='lbracket'>[</span><span class='id identifier rubyid_current_token_namespace'>current_token_namespace</span><span class='rbracket'>]</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_uniq'>uniq</span><span class='period'>.</span><span class='id identifier rubyid_compact'>compact</span>
<span class='id identifier rubyid_namespaces_name'>namespaces_name</span> <span class='op'>+=</span> <span class='id identifier rubyid_possible_namespaces'>possible_namespaces</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Unable to extract namespaces. Attempting the current token&#39;s namespace and common namespaces: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_namespaces_name'>namespaces_name</span><span class='period'>.</span><span class='id identifier rubyid_join'>join</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>, </span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='comment'># Split the information for each namespace separately
</span> <span class='id identifier rubyid_namespaces_name'>namespaces_name</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span><span class='period'>.</span><span class='id identifier rubyid_with_index'>with_index</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span> <span class='id identifier rubyid_index'>index</span><span class='op'>|</span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Namespace </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_index'>index</span><span class='embexpr_end'>}</span><span class='tstring_content'>: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_namespace'>namespace</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_enum_auth'>enum_auth</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span>
<span class='id identifier rubyid_enum_pods'>enum_pods</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span>
<span class='id identifier rubyid_enum_secrets'>enum_secrets</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_line'>print_line</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_auth-instance_method">
#<strong>enum_auth</strong>(namespace) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
69
70
71
72
73
74</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 69</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_auth'>enum_auth</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span>
<span class='id identifier rubyid_attempt_enum'>attempt_enum</span><span class='lparen'>(</span><span class='symbol'>:auth</span><span class='rparen'>)</span> <span class='kw'>do</span>
<span class='id identifier rubyid_auth'>auth</span> <span class='op'>=</span> <span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span><span class='period'>.</span><span class='id identifier rubyid_list_auth'>list_auth</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_auth'>print_auth</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span> <span class='id identifier rubyid_auth'>auth</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_namespaces-instance_method">
#<strong>enum_namespaces</strong>(name: nil) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
54
55
56
57
58
59
60
61
62
63
64
65
66
67</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 54</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_namespaces'>enum_namespaces</span><span class='lparen'>(</span><span class='label'>name:</span> <span class='kw'>nil</span><span class='rparen'>)</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>Enumerating namespaces</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_namespace_items'>namespace_items</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='rbracket'>]</span>
<span class='id identifier rubyid_attempt_enum'>attempt_enum</span><span class='lparen'>(</span><span class='symbol'>:namespace</span><span class='rparen'>)</span> <span class='kw'>do</span>
<span class='kw'>if</span> <span class='id identifier rubyid_name'>name</span>
<span class='id identifier rubyid_namespace_items'>namespace_items</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span><span class='period'>.</span><span class='id identifier rubyid_get_namespace'>get_namespace</span><span class='lparen'>(</span><span class='id identifier rubyid_name'>name</span><span class='rparen'>)</span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_namespace_items'>namespace_items</span> <span class='op'>=</span> <span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span><span class='period'>.</span><span class='id identifier rubyid_list_namespaces'>list_namespaces</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:items</span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_namespaces'>print_namespaces</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace_items'>namespace_items</span><span class='rparen'>)</span>
<span class='id identifier rubyid_namespace_items'>namespace_items</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_pods-instance_method">
#<strong>enum_pods</strong>(namespace, name: nil) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
76
77
78
79
80
81
82
83
84
85
86</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 76</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_pods'>enum_pods</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span> <span class='label'>name:</span> <span class='kw'>nil</span><span class='rparen'>)</span>
<span class='id identifier rubyid_attempt_enum'>attempt_enum</span><span class='lparen'>(</span><span class='symbol'>:pod</span><span class='rparen'>)</span> <span class='kw'>do</span>
<span class='kw'>if</span> <span class='id identifier rubyid_name'>name</span>
<span class='id identifier rubyid_pods'>pods</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span><span class='period'>.</span><span class='id identifier rubyid_get_pod'>get_pod</span><span class='lparen'>(</span><span class='id identifier rubyid_name'>name</span><span class='comma'>,</span> <span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_pods'>pods</span> <span class='op'>=</span> <span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span><span class='period'>.</span><span class='id identifier rubyid_list_pods'>list_pods</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:items</span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_pods'>print_pods</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span> <span class='id identifier rubyid_pods'>pods</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_secrets-instance_method">
#<strong>enum_secrets</strong>(namespace, name: nil) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
88
89
90
91
92
93
94
95
96
97
98
99</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 88</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_secrets'>enum_secrets</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span> <span class='label'>name:</span> <span class='kw'>nil</span><span class='rparen'>)</span>
<span class='id identifier rubyid_attempt_enum'>attempt_enum</span><span class='lparen'>(</span><span class='symbol'>:secret</span><span class='rparen'>)</span> <span class='kw'>do</span>
<span class='kw'>if</span> <span class='id identifier rubyid_name'>name</span>
<span class='id identifier rubyid_secrets'>secrets</span> <span class='op'>=</span> <span class='lbracket'>[</span><span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span><span class='period'>.</span><span class='id identifier rubyid_get_secret'>get_secret</span><span class='lparen'>(</span><span class='id identifier rubyid_name'>name</span><span class='comma'>,</span> <span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span><span class='rbracket'>]</span>
<span class='kw'>else</span>
<span class='id identifier rubyid_secrets'>secrets</span> <span class='op'>=</span> <span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span><span class='period'>.</span><span class='id identifier rubyid_list_secrets'>list_secrets</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_fetch'>fetch</span><span class='lparen'>(</span><span class='symbol'>:items</span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_secrets'>print_secrets</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span> <span class='id identifier rubyid_secrets'>secrets</span><span class='rparen'>)</span>
<span class='id identifier rubyid_report_secrets'>report_secrets</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span> <span class='id identifier rubyid_secrets'>secrets</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="enum_version-instance_method">
#<strong>enum_version</strong> &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
45
46
47
48
49
50
51
52</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 45</span>
<span class='kw'>def</span> <span class='id identifier rubyid_enum_version'>enum_version</span>
<span class='id identifier rubyid_version'>version</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='id identifier rubyid_attempt_enum'>attempt_enum</span><span class='lparen'>(</span><span class='symbol'>:version</span><span class='rparen'>)</span> <span class='kw'>do</span>
<span class='id identifier rubyid_version'>version</span> <span class='op'>=</span> <span class='id identifier rubyid_kubernetes_client'>kubernetes_client</span><span class='period'>.</span><span class='id identifier rubyid_get_version'>get_version</span>
<span class='id identifier rubyid_output'>output</span><span class='period'>.</span><span class='id identifier rubyid_print_version'>print_version</span><span class='lparen'>(</span><span class='id identifier rubyid_version'>version</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_version'>version</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="initialize-instance_method">
#<strong>initialize</strong>(info = {}) &#x21d2; <tt>Object</tt>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
5
6
7
8
9
10
11
12
13</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 5</span>
<span class='kw'>def</span> <span class='id identifier rubyid_initialize'>initialize</span><span class='lparen'>(</span><span class='id identifier rubyid_info'>info</span> <span class='op'>=</span> <span class='lbrace'>{</span><span class='rbrace'>}</span><span class='rparen'>)</span>
<span class='kw'>super</span>
<span class='id identifier rubyid_register_options'>register_options</span><span class='lparen'>(</span>
<span class='lbracket'>[</span>
<span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../OptString.html" title="Msf::OptString (class)">OptString</a></span></span><span class='period'>.</span><span class='id identifier rubyid_new'><span class='object_link'><a href="../../../../OptString.html#initialize-instance_method" title="Msf::OptString#initialize (method)">new</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>NAMESPACE_LIST</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='lbracket'>[</span><span class='kw'>false</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>The default namespace list to iterate when the current token does not have the permission to retrieve the available namespaces</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>default,dev,staging,production,kube-public,kube-node-lease,kube-lease,kube-system</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='rbracket'>]</span>
<span class='rparen'>)</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="parse_jwt-instance_method">
#<strong>parse_jwt</strong>(token) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
222
223
224
225
226
227</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 222</span>
<span class='kw'>def</span> <span class='id identifier rubyid_parse_jwt'>parse_jwt</span><span class='lparen'>(</span><span class='id identifier rubyid_token'>token</span><span class='rparen'>)</span>
<span class='id identifier rubyid_parsed_token'>parsed_token</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../JWT.html" title="Msf::Exploit::Remote::HTTP::JWT (class)">JWT</a></span></span><span class='period'>.</span><span class='id identifier rubyid_decode'><span class='object_link'><a href="../JWT.html#decode-class_method" title="Msf::Exploit::Remote::HTTP::JWT.decode (method)">decode</a></span></span><span class='lparen'>(</span><span class='id identifier rubyid_token'>token</span><span class='rparen'>)</span>
<span class='id identifier rubyid_parsed_token'>parsed_token</span><span class='period'>.</span><span class='id identifier rubyid_payload'>payload</span>
<span class='kw'>rescue</span> <span class='const'>ArgumentError</span>
<span class='kw'>nil</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="parse_private_key-instance_method">
#<strong>parse_private_key</strong>(data) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
212
213
214
215
216
217
218
219
220</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 212</span>
<span class='kw'>def</span> <span class='id identifier rubyid_parse_private_key'>parse_private_key</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span>
<span class='id identifier rubyid_passphrase'>passphrase</span> <span class='op'>=</span> <span class='kw'>nil</span>
<span class='id identifier rubyid_ask_passphrase'>ask_passphrase</span> <span class='op'>=</span> <span class='kw'>false</span>
<span class='id identifier rubyid_private_key'>private_key</span> <span class='op'>=</span> <span class='const'>Net</span><span class='op'>::</span><span class='const'>SSH</span><span class='op'>::</span><span class='const'>KeyFactory</span><span class='period'>.</span><span class='id identifier rubyid_load_data_private_key'>load_data_private_key</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='comma'>,</span> <span class='id identifier rubyid_passphrase'>passphrase</span><span class='comma'>,</span> <span class='id identifier rubyid_ask_passphrase'>ask_passphrase</span><span class='rparen'>)</span>
<span class='id identifier rubyid_private_key'>private_key</span>
<span class='kw'>rescue</span> <span class='const'>StandardError</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid__e'>_e</span>
<span class='kw'>nil</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
<div class="method_details ">
<h3 class="signature " id="report_secrets-instance_method">
#<strong>report_secrets</strong>(namespace, secrets) &#x21d2; <tt>Object</tt> <span class="extras">(protected)</span>
</h3><table class="source_code">
<tr>
<td>
<pre class="lines">
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210</pre>
</td>
<td>
<pre class="code"><span class="info file"># File 'lib/msf/core/exploit/remote/http/kubernetes/enumeration.rb', line 111</span>
<span class='kw'>def</span> <span class='id identifier rubyid_report_secrets'>report_secrets</span><span class='lparen'>(</span><span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span> <span class='id identifier rubyid_secrets'>secrets</span><span class='rparen'>)</span>
<span class='id identifier rubyid_origin'>origin</span> <span class='op'>=</span> <span class='id identifier rubyid_create_credential_origin_service'>create_credential_origin_service</span><span class='lparen'>(</span>
<span class='lbrace'>{</span>
<span class='label'>address:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>port:</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RPORT</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='label'>service_name:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>kubernetes</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='label'>protocol:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>tcp</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span>
<span class='label'>module_fullname:</span> <span class='id identifier rubyid_fullname'>fullname</span><span class='comma'>,</span>
<span class='label'>workspace_id:</span> <span class='id identifier rubyid_myworkspace_id'>myworkspace_id</span>
<span class='rbrace'>}</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_secrets'>secrets</span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_secret'>secret</span><span class='op'>|</span>
<span class='id identifier rubyid_credential_data'>credential_data</span> <span class='op'>=</span> <span class='lbrace'>{</span>
<span class='label'>origin:</span> <span class='id identifier rubyid_origin'>origin</span><span class='comma'>,</span>
<span class='label'>origin_type:</span> <span class='symbol'>:service</span><span class='comma'>,</span>
<span class='label'>module_fullname:</span> <span class='id identifier rubyid_fullname'>fullname</span><span class='comma'>,</span>
<span class='label'>workspace_id:</span> <span class='id identifier rubyid_myworkspace_id'>myworkspace_id</span><span class='comma'>,</span>
<span class='label'>status:</span> <span class='const'><span class='object_link'><a href="../../../../../Metasploit.html" title="Metasploit (module)">Metasploit</a></span></span><span class='op'>::</span><span class='const'>Model</span><span class='op'>::</span><span class='const'>Login</span><span class='op'>::</span><span class='const'>Status</span><span class='op'>::</span><span class='const'>UNTRIED</span>
<span class='rbrace'>}</span>
<span class='id identifier rubyid_resource_name'>resource_name</span> <span class='op'>=</span> <span class='id identifier rubyid_secret'>secret</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:metadata</span><span class='comma'>,</span> <span class='symbol'>:name</span><span class='rparen'>)</span>
<span class='id identifier rubyid_loot_name_prefix'>loot_name_prefix</span> <span class='op'>=</span> <span class='lbracket'>[</span>
<span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
<span class='id identifier rubyid_namespace'>namespace</span><span class='comma'>,</span>
<span class='id identifier rubyid_resource_name'>resource_name</span><span class='comma'>,</span>
<span class='id identifier rubyid_secret'>secret</span><span class='lbracket'>[</span><span class='symbol'>:type</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_gsub'>gsub</span><span class='lparen'>(</span><span class='tstring'><span class='regexp_beg'>/</span><span class='tstring_content'>[a-zA-Z]</span><span class='regexp_end'>/</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>-</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_downcase'>downcase</span>
<span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>_</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='kw'>case</span> <span class='id identifier rubyid_secret'>secret</span><span class='lbracket'>[</span><span class='symbol'>:type</span><span class='rbracket'>]</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kubernetes.html" title="Msf::Exploit::Remote::HTTP::Kubernetes (module)">Kubernetes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret (module)">Secret</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html#BasicAuth-constant" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret::BasicAuth (constant)">BasicAuth</a></span></span>
<span class='id identifier rubyid_username'>username</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_decode_base64'>decode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_secret'>secret</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:data</span><span class='comma'>,</span> <span class='symbol'>:username</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_password'>password</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_decode_base64'>decode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_secret'>secret</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:data</span><span class='comma'>,</span> <span class='symbol'>:password</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_credential'>credential</span> <span class='op'>=</span> <span class='id identifier rubyid_credential_data'>credential_data</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span>
<span class='lbrace'>{</span>
<span class='label'>username:</span> <span class='id identifier rubyid_username'>username</span><span class='comma'>,</span>
<span class='label'>private_type:</span> <span class='symbol'>:password</span><span class='comma'>,</span>
<span class='label'>private_data:</span> <span class='id identifier rubyid_password'>password</span>
<span class='rbrace'>}</span>
<span class='rparen'>)</span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>basic_auth </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource_name'>resource_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_username'>username</span><span class='embexpr_end'>}</span><span class='tstring_content'>:</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_password'>password</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_create_credential'>create_credential</span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kubernetes.html" title="Msf::Exploit::Remote::HTTP::Kubernetes (module)">Kubernetes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret (module)">Secret</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html#TLSAuth-constant" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret::TLSAuth (constant)">TLSAuth</a></span></span>
<span class='id identifier rubyid_tls_cert'>tls_cert</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_decode_base64'>decode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_secret'>secret</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:data</span><span class='comma'>,</span> <span class='symbol'>:&quot;tls.crt&quot;</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_tls_key'>tls_key</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_decode_base64'>decode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_secret'>secret</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:data</span><span class='comma'>,</span> <span class='symbol'>:&quot;tls.key&quot;</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_tls_subject'>tls_subject</span> <span class='op'>=</span> <span class='kw'>begin</span>
<span class='const'>OpenSSL</span><span class='op'>::</span><span class='const'>X509</span><span class='op'>::</span><span class='const'>Certificate</span><span class='period'>.</span><span class='id identifier rubyid_new'>new</span><span class='lparen'>(</span><span class='id identifier rubyid_tls_cert'>tls_cert</span><span class='rparen'>)</span><span class='period'>.</span><span class='id identifier rubyid_subject'>subject</span>
<span class='kw'>rescue</span> <span class='const'>StandardError</span>
<span class='kw'>nil</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_loot_name'>loot_name</span> <span class='op'>=</span> <span class='id identifier rubyid_loot_name_prefix'>loot_name_prefix</span> <span class='op'>+</span> <span class='lparen'>(</span><span class='id identifier rubyid_tls_subject'>tls_subject</span> <span class='op'>?</span> <span class='id identifier rubyid_tls_subject'>tls_subject</span><span class='period'>.</span><span class='id identifier rubyid_to_a'>to_a</span><span class='period'>.</span><span class='id identifier rubyid_map'>map</span> <span class='lbrace'>{</span> <span class='op'>|</span><span class='id identifier rubyid_name'>name</span><span class='comma'>,</span> <span class='id identifier rubyid_data'>data</span><span class='comma'>,</span> <span class='id identifier rubyid__type'>_type</span><span class='op'>|</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_name'>name</span><span class='embexpr_end'>}</span><span class='tstring_content'>-</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_data'>data</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span> <span class='rbrace'>}</span><span class='period'>.</span><span class='id identifier rubyid_join'><span class='object_link'><a href="../../../../../top-level-namespace.html#join-instance_method" title="#join (method)">join</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>-</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span> <span class='op'>:</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_end'>&#39;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_path'>path</span> <span class='op'>=</span> <span class='id identifier rubyid_store_loot'>store_loot</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>tls.key</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>text/plain</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_tls_key'>tls_key</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_loot_name'>loot_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>.key</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>tls_key </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource_name'>resource_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_path'>path</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_path'>path</span> <span class='op'>=</span> <span class='id identifier rubyid_store_loot'>store_loot</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>tls.cert</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>application/x-pem-file</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_tls_cert'>tls_cert</span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&quot;</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_loot_name'>loot_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>.crt</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>tls_cert </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource_name'>resource_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_path'>path</span><span class='embexpr_end'>}</span><span class='tstring_content'> (</span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_tls_subject'>tls_subject</span> <span class='op'>||</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>No Subject</span><span class='tstring_end'>&#39;</span></span><span class='embexpr_end'>}</span><span class='tstring_content'>)</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kubernetes.html" title="Msf::Exploit::Remote::HTTP::Kubernetes (module)">Kubernetes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret (module)">Secret</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html#ServiceAccountToken-constant" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret::ServiceAccountToken (constant)">ServiceAccountToken</a></span></span>
<span class='id identifier rubyid_data'>data</span> <span class='op'>=</span> <span class='id identifier rubyid_secret'>secret</span><span class='lbracket'>[</span><span class='symbol'>:data</span><span class='rbracket'>]</span><span class='period'>.</span><span class='id identifier rubyid_clone'>clone</span>
<span class='comment'># decode keys to a human readable format that might be useful for users
</span> <span class='qsymbols_beg'>%i[</span><span class='tstring_content'>namespace</span><span class='words_sep'> </span><span class='tstring_content'>token</span><span class='tstring_end'>]</span></span><span class='period'>.</span><span class='id identifier rubyid_each'>each</span> <span class='kw'>do</span> <span class='op'>|</span><span class='id identifier rubyid_key'>key</span><span class='op'>|</span>
<span class='id identifier rubyid_data'>data</span><span class='lbracket'>[</span><span class='id identifier rubyid_key'>key</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_decode_base64'>decode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='lbracket'>[</span><span class='id identifier rubyid_key'>key</span><span class='rbracket'>]</span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_loot_name'>loot_name</span> <span class='op'>=</span> <span class='id identifier rubyid_loot_name_prefix'>loot_name_prefix</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>.json</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_path'>path</span> <span class='op'>=</span> <span class='id identifier rubyid_store_loot'>store_loot</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>kubernetes.token</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>application/json</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='id identifier rubyid_datastore'>datastore</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>RHOST</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span> <span class='const'>JSON</span><span class='period'>.</span><span class='id identifier rubyid_pretty_generate'>pretty_generate</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span><span class='comma'>,</span> <span class='id identifier rubyid_loot_name'>loot_name</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>service token </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource_name'>resource_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_path'>path</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kubernetes.html" title="Msf::Exploit::Remote::HTTP::Kubernetes (module)">Kubernetes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret (module)">Secret</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html#DockerConfigurationJson-constant" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret::DockerConfigurationJson (constant)">DockerConfigurationJson</a></span></span>
<span class='id identifier rubyid_json'>json</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_decode_base64'>decode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_secret'>secret</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:data</span><span class='comma'>,</span> <span class='symbol'>:&quot;.dockerconfigjson&quot;</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_loot_name'>loot_name</span> <span class='op'>=</span> <span class='id identifier rubyid_loot_name_prefix'>loot_name_prefix</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>.json</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_path'>path</span> <span class='op'>=</span> <span class='id identifier rubyid_store_loot'>store_loot</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>docker.json</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>application/json</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_json'>json</span><span class='comma'>,</span> <span class='id identifier rubyid_loot_name'>loot_name</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>dockerconfig json </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource_name'>resource_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_path'>path</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>when</span> <span class='const'><span class='object_link'><a href="../../../../../Msf.html" title="Msf (module)">Msf</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../../Exploit.html" title="Msf::Exploit (class)">Exploit</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../../Remote.html" title="Msf::Exploit::Remote (class)">Remote</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../../HTTP.html" title="Msf::Exploit::Remote::HTTP (module)">HTTP</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="../Kubernetes.html" title="Msf::Exploit::Remote::HTTP::Kubernetes (module)">Kubernetes</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret (module)">Secret</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="Secret.html#SSHAuth-constant" title="Msf::Exploit::Remote::HTTP::Kubernetes::Secret::SSHAuth (constant)">SSHAuth</a></span></span>
<span class='id identifier rubyid_data'>data</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="../../../../../Rex.html" title="Rex (module)">Rex</a></span></span><span class='op'>::</span><span class='const'>Text</span><span class='period'>.</span><span class='id identifier rubyid_decode_base64'>decode_base64</span><span class='lparen'>(</span><span class='id identifier rubyid_secret'>secret</span><span class='period'>.</span><span class='id identifier rubyid_dig'>dig</span><span class='lparen'>(</span><span class='symbol'>:data</span><span class='comma'>,</span> <span class='symbol'>:&quot;ssh-privatekey&quot;</span><span class='rparen'>)</span><span class='rparen'>)</span>
<span class='id identifier rubyid_loot_name'>loot_name</span> <span class='op'>=</span> <span class='id identifier rubyid_loot_name_prefix'>loot_name_prefix</span> <span class='op'>+</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>.key</span><span class='tstring_end'>&#39;</span></span>
<span class='id identifier rubyid_private_key'>private_key</span> <span class='op'>=</span> <span class='id identifier rubyid_parse_private_key'>parse_private_key</span><span class='lparen'>(</span><span class='id identifier rubyid_data'>data</span><span class='rparen'>)</span>
<span class='id identifier rubyid_credential'>credential</span> <span class='op'>=</span> <span class='id identifier rubyid_credential_data'>credential_data</span><span class='period'>.</span><span class='id identifier rubyid_merge'>merge</span><span class='lparen'>(</span>
<span class='lbrace'>{</span>
<span class='label'>private_type:</span> <span class='symbol'>:ssh_key</span><span class='comma'>,</span>
<span class='label'>public_data:</span> <span class='id identifier rubyid_private_key'>private_key</span><span class='op'>&amp;.</span><span class='id identifier rubyid_public_key'>public_key</span><span class='comma'>,</span>
<span class='label'>private_data:</span> <span class='id identifier rubyid_private_key'>private_key</span>
<span class='rbrace'>}</span>
<span class='rparen'>)</span>
<span class='kw'>begin</span>
<span class='id identifier rubyid_create_credential'>create_credential</span><span class='lparen'>(</span><span class='id identifier rubyid_credential'>credential</span><span class='rparen'>)</span>
<span class='kw'>rescue</span> <span class='const'>StandardError</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid__e'>_e</span>
<span class='id identifier rubyid_vprint_error'>vprint_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Unable to store </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_loot_name'>loot_name</span><span class='embexpr_end'>}</span><span class='tstring_content'> as a valid ssh_key pair</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='id identifier rubyid_path'>path</span> <span class='op'>=</span> <span class='id identifier rubyid_store_loot'>store_loot</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>id_rsa</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>text/plain</span><span class='tstring_end'>&#39;</span></span><span class='comma'>,</span> <span class='kw'>nil</span><span class='comma'>,</span> <span class='id identifier rubyid_data'>data</span><span class='comma'>,</span> <span class='id identifier rubyid_loot_name'>loot_name</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_good'>print_good</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>ssh_key </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource_name'>resource_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_path'>path</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>rescue</span> <span class='const'>StandardError</span> <span class='op'>=&gt;</span> <span class='id identifier rubyid_e'>e</span>
<span class='id identifier rubyid_elog'><span class='object_link'><a href="../../../../../top-level-namespace.html#elog-instance_method" title="#elog (method)">elog</a></span></span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Failed parsing secret </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource_name'>resource_name</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='comma'>,</span> <span class='label'>error:</span> <span class='id identifier rubyid_e'>e</span><span class='rparen'>)</span>
<span class='id identifier rubyid_print_error'>print_error</span><span class='lparen'>(</span><span class='tstring'><span class='tstring_beg'>&quot;</span><span class='tstring_content'>Failed parsing secret </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_resource_name'>resource_name</span><span class='embexpr_end'>}</span><span class='tstring_content'>: </span><span class='embexpr_beg'>#{</span><span class='id identifier rubyid_e'>e</span><span class='period'>.</span><span class='id identifier rubyid_message'>message</span><span class='embexpr_end'>}</span><span class='tstring_end'>&quot;</span></span><span class='rparen'>)</span>
<span class='kw'>end</span>
<span class='kw'>end</span></pre>
</td>
</tr>
</table>
</div>
</div>
</div>
<div id="footer">
Generated on Fri May 8 17:02:43 2026 by
<a href="https://yardoc.org" title="Yay! A Ruby Documentation Tool" target="_parent">yard</a>
0.9.37 (ruby-3.1.5).
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink