Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Kubernetes: Kubelet API containerLogs endpoint

published on 2019-01-11 14:00:00 UTC by Unknown
Content:

How to get the info that kube-hunter reports for open /containerLogs endpoint

Vulnerabilities
+---------------+-------------+------------------+----------------------+----------------+
| LOCATION       CATEGORY     | VULNERABILITY    | DESCRIPTION          | EVIDENCE       |
+---------------+-------------+------------------+----------------------+----------------+
+----------------+------------+------------------+----------------------+----------------+
| 1.2.3.4:10250 | Information | Exposed Container| Output logs from a   |                |
|               | Disclosure  | Logs             | running container    |                |
|               |             |                  | are using the        |                |
|               |             |                  | exposed              |                |
|               |             |                  | /containerLogs       |                |
|               |             |                  | endpoint             |                |
+---------------+-------------+------------------+----------------------+----------------+

 First step, grab the output from /runningpods/ example below:

You'll need the namespace, pod name and container name.

 Thus given the below runningpods output:

 
{"metadata":{"name":"monitoring-influxdb-grafana-v4-6679c46745-zhvjw","namespace":"kube-system","uid":"0d22cdad-06e5-11e9-a7f3-6ac885fbc092","creationTimestamp":null},"spec":{"containers":[{"name":"grafana","image":"sha256:8cb3de219af7bdf0b3ae66439aecccf94cebabb230171fa4b24d66d4a786f4f7","resources":{}},{"name":"influxdb","image":"sha256:577260d221dbb1be2d83447402d0d7c5e15501a89b0e2cc1961f0b24ed56c77c","resources":{}}]},






turns into:








https://1.2.3.4:10250/containerLogs/kube-system/monitoring-influxdb-grafana-v4-6679c46745-zhvjw/grafana




















and






https://1.2.3.4:10250/containerLogs/kube-system/monitoring-influxdb-grafana-v4-6679c46745-zhvjw/influxdb













        

      

      Article: Kubernetes: Kubelet API containerLogs endpoint  -  published over 5 years ago.

      

       https://blog.carnal0wnage.com/2019/01/kubernetes-kubelet-api-containerlogs.html    

      
        Published: 2019 01 11 14:00:00

        Received: 2023 03 31 08:24:33

      Feed: Carnal0wnage and Attack Research Blog

      Source: Carnal0wnage and Attack Research Blog

      Category: News

      Topic: Hacking

      Views: 1
    

  





            

        

    











    
Custom HTML Block

    
    
Click to Open Code Editor