Merge branch 'master' into master
This commit is contained in:
well123cs
@@ -26814,6 +26814,10 @@ execution:
|
||||
description: Command to run
|
||||
type: string
|
||||
default: uname
|
||||
path:
|
||||
description: Path to busybox.yaml file
|
||||
type: string
|
||||
default: "$PathtoAtomicsFolder/T1609/src/busybox.yaml"
|
||||
dependencies:
|
||||
- description: 'kubectl must be installed
|
||||
|
||||
@@ -26826,7 +26830,9 @@ execution:
|
||||
'
|
||||
executor:
|
||||
command: |
|
||||
kubectl create -f src/busybox.yaml -n #{namespace}
|
||||
kubectl create -f #{path} -n #{namespace}
|
||||
# wait 3 seconds for the instance to come up
|
||||
sleep 3
|
||||
kubectl exec -n #{namespace} busybox -- #{command}
|
||||
cleanup_command: 'kubectl delete pod busybox -n #{namespace}
|
||||
|
||||
|
||||
@@ -46394,6 +46394,10 @@ execution:
|
||||
description: Command to run
|
||||
type: string
|
||||
default: uname
|
||||
path:
|
||||
description: Path to busybox.yaml file
|
||||
type: string
|
||||
default: "$PathtoAtomicsFolder/T1609/src/busybox.yaml"
|
||||
dependencies:
|
||||
- description: 'kubectl must be installed
|
||||
|
||||
@@ -46406,7 +46410,9 @@ execution:
|
||||
'
|
||||
executor:
|
||||
command: |
|
||||
kubectl create -f src/busybox.yaml -n #{namespace}
|
||||
kubectl create -f #{path} -n #{namespace}
|
||||
# wait 3 seconds for the instance to come up
|
||||
sleep 3
|
||||
kubectl exec -n #{namespace} busybox -- #{command}
|
||||
cleanup_command: 'kubectl delete pod busybox -n #{namespace}
|
||||
|
||||
|
||||
@@ -30,13 +30,16 @@ Attackers who have permissions, can run malicious commands in containers in the
|
||||
|------|-------------|------|---------------|
|
||||
| namespace | K8s namespace to use | string | default|
|
||||
| command | Command to run | string | uname|
|
||||
| path | Path to busybox.yaml file | string | $PathtoAtomicsFolder/T1609/src/busybox.yaml|
|
||||
|
||||
|
||||
#### Attack Commands: Run with `bash`!
|
||||
|
||||
|
||||
```bash
|
||||
kubectl create -f src/busybox.yaml -n #{namespace}
|
||||
kubectl create -f #{path} -n #{namespace}
|
||||
# wait 3 seconds for the instance to come up
|
||||
sleep 3
|
||||
kubectl exec -n #{namespace} busybox -- #{command}
|
||||
```
|
||||
|
||||
|
||||
@@ -16,6 +16,10 @@ atomic_tests:
|
||||
description: Command to run
|
||||
type: string
|
||||
default: uname
|
||||
path:
|
||||
description: Path to busybox.yaml file
|
||||
type: string
|
||||
default: $PathtoAtomicsFolder/T1609/src/busybox.yaml
|
||||
dependencies:
|
||||
- description: |
|
||||
kubectl must be installed
|
||||
@@ -25,7 +29,9 @@ atomic_tests:
|
||||
which kubectl
|
||||
executor:
|
||||
command: |
|
||||
kubectl create -f src/busybox.yaml -n #{namespace}
|
||||
kubectl create -f #{path} -n #{namespace}
|
||||
# wait 3 seconds for the instance to come up
|
||||
sleep 3
|
||||
kubectl exec -n #{namespace} busybox -- #{command}
|
||||
cleanup_command: |
|
||||
kubectl delete pod busybox -n #{namespace}
|
||||
|
||||
@@ -5,10 +5,10 @@ metadata:
|
||||
spec:
|
||||
containers:
|
||||
- name: busybox
|
||||
image: busybox:stable
|
||||
imagePullPolicy: IfNotPresent
|
||||
image: busybox
|
||||
imagePullPolicy: Always
|
||||
command:
|
||||
- /bin/sh
|
||||
- -c
|
||||
- while true; do sleep 30; done;
|
||||
restartPolicy: OnFailure
|
||||
restartPolicy: OnFailure
|
||||
|
||||
Reference in New Issue
Block a user