Releases: cdk-team/CDK
Releases · cdk-team/CDK
CDK v1.5.4
Release Date: 2024-11-15
📜 Changelog
💣 Exploits
- Fix (exp shim-pwn): #104 merged directory appears twice in path
- Fix(github action):add test poc, panic in Github Action with an unknown error
- Feat(exp): a better output in exploit list
- Refactor(exp): add type string in all exploit
- Fix(exp test): github action check failed with unknown issue
- Refactor(exp): add base struct of Exploit
- Refactor(exp): reorganize exp files in exploit package
🧰 Tools
- Refactor(exp): add base struct of Exploit
- Feat(tools): a keep path for run binary native kubectl in cmd line
✨ Others
- Fix(gh action - gox): gox not found in path
- Fix(gh action - release): automatically failed because it uses a deprecated version
- Chore(.gitignore): /cdk
- Add util: new KubeConfig struct and K8sPod struct
- Add util: new KubeConfig struct
- Add utils(kubelet): util only, add kubelet api response
- Refactor(exp): reorganize exp files in exploit package
- Chore: add assets embed in gitignore
- Chore(test): a simple run test script
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| f0fc4517a1a74f1922e41886cc4584c7683f7726111e40f03b26edc6bd9c6642 | cdk_darwin_amd64 |
| bca1f1c7d9253bafb3442c4dd95a0b18a82be404ab9442a373b2ff91a47f5164 | cdk_linux_386 |
| c52ebc7882d730dcd1d32551e8ed3eca5997f56079efb92c591e62292d3c0c09 | cdk_linux_386_thin |
| fe43248d33a0e7bd20c619186b757febef4508bea3787671d3ecc95ed742b729 | cdk_linux_386_thin_upx |
| edfc7e6329aeeb8cb0df8734ad9083840020e9d2d81d4ae71609dc7339552a0a | cdk_linux_386_upx |
| 20f2e5e7e74953d37c5986b751d8d2e0cdd21d2275dfdfc21a5f4f8b4a37776f | cdk_linux_amd64 |
| d3d1a4bc05989627fc32615a0ec5b280f521577437a7bbce5dbd2e06a9a54602 | cdk_linux_amd64_thin |
| 8b1b47c29bc124e99ea4e2d0b9d16ae4c8042b26f4592c46bcadb208dd780f76 | cdk_linux_amd64_thin_upx |
| a53d0d8ca3a89a4e43ea2993031c375499cc01810dc18c65097993c43cc03ea9 | cdk_linux_amd64_upx |
| 4a1e4478704d8ad1fbec9b3258f315028fedd0dfbf739508ab1438d42625cbef | cdk_linux_arm |
| b6fb74cf4bcf1ad06bc0424af481dff96e98cf06803d450c4d9a3b621b63966e | cdk_linux_arm64 |
| 68a231b29bc22ff2f956bbfc0215f5c74880da394ddd484144a8ef1013c696d1 | cdk_linux_arm64_thin |
What's Changed
- [Exploit] Many commit from CDK Plus, for a better list of exploit by @neargle in #103
- fix: fix slice init length by @cuishuang in #105
- kcurl anonymous mode,add random ip addresses to confuse ip addresses by @lufeirider in #106
- Many utils code from cdk plus, for the future exploits. by @neargle in #107
- fix (exp shim-pwn): #104 merged directory appears twice in path by @neargle in #108
Full Changelog: v1.5.3...v1.5.4-alpha
Contributors
neargle, lufeirider, and cuishuang
Assets 14
- 9.98 MB
2024-11-15T14:53:18Z - 9.66 MB
2024-11-15T14:53:19Z - 5.96 MB
2024-11-15T14:53:20Z - 2.31 MB
2024-11-15T14:53:21Z - 3.47 MB
2024-11-15T14:53:21Z - 9.91 MB
2024-11-15T14:53:22Z - 6.17 MB
2024-11-15T14:53:23Z - 2.53 MB
2024-11-15T14:53:24Z - 3.77 MB
2024-11-15T14:53:24Z - 9.75 MB
2024-11-15T14:53:25Z -
2024-11-15T12:27:40Z -
2024-11-15T12:27:40Z - Loading
CDK v.1.5.4 Pre Release
What's Changed
- [Exploit] Many commit from CDK Plus, for a better list of exploit by @neargle in #103
- fix: fix slice init length by @cuishuang in #105
- kcurl anonymous mode,add random ip addresses to confuse ip addresses by @lufeirider in #106
- Many utils code from cdk plus, for the future exploits. by @neargle in #107
- fix (exp shim-pwn): #104 merged directory appears twice in path by @neargle in #108
New Contributors
- @cuishuang made their first contribution in #105
- @lufeirider made their first contribution in #106
Full Changelog: v1.5.3...v1.5.4
Contributors
neargle, lufeirider, and cuishuang
Assets 2
CDK v1.5.3
Release Date: 2024-05-19
📜 Changelog
💣 Exploits
- Feat(exp): adapt docker devicemapper file system when get docker rootfs
🧰 Tools
- 增加查看网络连接信息
- Fix(eva): long standing timeout in discovery k8s apiserver with sa, error msg: GET, ...connection timed out
✨ Others
- Feat(tool docs): add netstat document
- Fix(cgroup): latter part slice len error (#87)
- Chore: os.SEEK_END has been deprecated since Go 1.7
- Feat(exp): adapt docker devicemapper file system when get docker rootfs
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| 64b40a70b232b7e23a187a11c52ef8d8b7f3e16a5b869af16b390cbbe4aab935 | cdk_darwin_amd64 |
| 4c7260ac051907d12896054145fe103f9ea06de3bb2f04f0aab953dff32028de | cdk_linux_386 |
| 2c757f0065c167e633318ff8d43cb85cf936eae2db224f4e066098f4a8cb324a | cdk_linux_386_thin |
| 197c42343c75fbbb7d77f3aaa92e04e43ddec927887e889197db72fcff5e9df4 | cdk_linux_386_thin_upx |
| 17b096ff5df1b612abc12887e65fae97280533bfe058ce6becb9c0920f4d4c42 | cdk_linux_386_upx |
| d7f0690e41786270f345ff4851fd4b239631d4c1e7a6b9f74ad139565cbdb2ed | cdk_linux_amd64 |
| 13f42e004a25be9ba99aee3396a1d810026d7750d1e199774c5ba8410b15ae30 | cdk_linux_amd64_thin |
| cdac5cd3d0ff424315da3e233a79f72663c26e53fc4ac2e5031ea08154630514 | cdk_linux_amd64_thin_upx |
| ccbc5c84af4045835e6b001cdf845d63802e081cbb97d9625c12d8d0f9b6f852 | cdk_linux_amd64_upx |
| 896b8d804debd233200375a5b7c1218d5b8bf5f53aaaa685b9d411c0770e27d4 | cdk_linux_arm |
| 381448682cb5ea5ff1bc8bfd3462e637da0445fc74fdb60e0de5e11d8c2dc90d | cdk_linux_arm64 |
| 2b92652d4909d39e12fc9320188f9e834b82f80d3aba92dea4267608f3543861 | cdk_linux_arm64_thin |
CDK v1.5.2
Release Date: 2023-03-12
What's Changed
📜 Changelog
💣 Exploits
- Fix 78(exp): support containerd and other linux path
🧰 Tools
- Fix #77(exp shadow-apiserver): anonymous-auth is not valid, support v1.23.1
✨ Others
- Fix 78(exp): support containerd and other linux path
- Chore(exp): add alert message about flag auto-escape is deprecated
✨ In Chinese
- 支持 linux 环境下的不同容器运行时,如 containerd、runc、docker;
- 修复shadow-apiserver匿名访问无效的issue,支持新版本的k8s,如 v1.23.1;
- 添加迭代部分功能的消息提醒
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| 9f63e35d7b9d0814ad9f0ef23b89deb4f823d3b07bcd33df9abc5b957bb8be0f | cdk_darwin_amd64 |
| d5c8e759b790c6ffb3134c8f0aae5865e2ae4c672dc09eaa312bc928fd0d78bd | cdk_linux_386 |
| 64c86a12800b8d5064e7313a43eb6f5504a7043ab15c227cecfddaf84cc74ced | cdk_linux_386_thin |
| 364fcacd8b55d7d54162849b620cd83e9f50ddb3c7c08478f391cce09449b452 | cdk_linux_386_thin_upx |
| 242a11999f0c5b776400f2462854ef1d07101bd1085e3b29c9b7ba825c93a3fb | cdk_linux_386_upx |
| af751c690671ffc0da6380ef94a25df3dfc5911c448319f7f6b90df55cca7b7d | cdk_linux_amd64 |
| f118a70fa7b02b858bb4fffb96d9a861e4b02f62df054a0d69854449682c8f85 | cdk_linux_amd64_thin |
| 3dc271adc2565c38eda5fdaee3070bda8962159d17ba625467a0f3a6e5e440d0 | cdk_linux_amd64_thin_upx |
| 924fb2bd1fe001f9eb62509a05546d1aaf97ebbfca73c75eb665a38b34559c4e | cdk_linux_amd64_upx |
| 594811dafdfb9f5cc56b604d8fe97777c23057e37803ec34afdf5680bf9276ea | cdk_linux_arm |
| 828aede9a7bc193899b66e8c10ac10d24398cf79575e771d9a970d3f9a4cdd92 | cdk_linux_arm64 |
| 2eb30e2abc71fadaee5980bd89a8e4a2c95bcc5d60857a3c13b006c186307e8e | cdk_linux_arm64_thin |
Full Changelog: v1.5.1...v1.5.2
CDK v1.5.1
Release Date: 2023-01-01
🎉 Happy New Year to everyone in 2023~
📜 Changelog
💣 Exploits
- Fix #71 (exp): k8s-shadow-apiserver check apiserver error in invalid to list pods
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| fb8e1c7fbb5f253cffd87b965e587b4cb611ca2e5a38a13db70a082d8b8fe49c | cdk_darwin_amd64 |
| 225ae3f948ca67c0f37ad69a5ce542c27c370993806599aeb927079bf8553acb | cdk_linux_386 |
| 9a4d894cc0d020b03fbbf1ad8d147fc7a871a633fdc67497685a8b8d52b465e4 | cdk_linux_386_thin |
| 254cf55fb776afbcf5ff93f9647303be1f8bee48bcb78f138881e4dc17c34b81 | cdk_linux_386_thin_upx |
| b2e2d49036ddaebaab3cbcd26b3d1742fca27ce42926f2fbb10791ce8af6f2a6 | cdk_linux_386_upx |
| b18a6f563afe5afa141713e2a569de7faac174adef1d3fa467a44d7cd8598a8a | cdk_linux_amd64 |
| 1d2e4fa684a99e31479bcc0e5e14aa7f3c56cce3de71028241a9745c67ebf034 | cdk_linux_amd64_thin |
| db192e3adff9cfb3777dc44fbe037aee648af60c203832d7a5f7ac41e265f01b | cdk_linux_amd64_thin_upx |
| f930268ff8e01585865f3190c10570175b0ef11c1b17172c93b413df8507bcbe | cdk_linux_amd64_upx |
| ca6d09368c87c863029065d8d134bea7edefe73e270b599336185bec60dc68ab | cdk_linux_arm |
| 8de962c37d5fd876e8b402dd86e334a6ab66b6fa8242a2c8eeef4b6d1d0457ec | cdk_linux_arm64 |
| d0315c0ae104a656d1b6787f8929a324193f65935b54514107f9ddb7639784d3 | cdk_linux_arm64_thin |
What's Changed
Full Changelog: v1.5.0...v1.5.1
Contributors
neargle
Assets 14
CDK v1.5.0
🏠 During the 7-day holiday, are there any technical activities in Xiamen that I can participate in?
Release Date: 2022-09-25
📜 Changelog
🔍 About Evaluate
- Feat(evaluate): check kernel exploit, use mzet-/linux-exploit-suggester
- Feat(evaluate): support check setuid files in path
- Perf(capabilities): red color for add caps
✨ Others
- Perf(evaluate): support two new formatted print func
- Perf(eva): a nice head 2 of title
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| 9484ea212c59a9ada48f9f08204448eaf013891b7b722f9d111f4346f7f17a4c | cdk_darwin_amd64 |
| e8eb686267d1017f0c044f8725a91d2a3b0111156975f4918c9b3839b571483f | cdk_linux_386 |
| cf649763c47c27458c5af325697d002c0768efb7b45e5a0246d529519df56ea4 | cdk_linux_386_thin |
| d29a6e6ff589b020cadb8f8815eafd2a1a6224a1e042e6649c9747e924048dcb | cdk_linux_386_thin_upx |
| 06a53f84d7e034e563a8fc3747000bcdc6b9945efd0ecbc990322ff527b3ad04 | cdk_linux_386_upx |
| 4bd863af3ba70c958caf5b048ddd90a32a54bb9ae5d3e7578e8e0f1330a7d68f | cdk_linux_amd64 |
| 588f790b5ea620a3077e6231bef7180951410f445c5d5b9aac8289b3a8d3cf1a | cdk_linux_amd64_thin |
| f1a3a780227dec46aa938096d1a8d8f6240e711d757a25aaec0f6c6adf0a495a | cdk_linux_amd64_thin_upx |
| a20e531b0117f484e0b2aa0debccc8edc597fbaf43578cc1c862eb98fb6a849d | cdk_linux_amd64_upx |
| 03c387fcf1090b813124a067e3434845c6242e7d6d4f0a835f78a96d6fb6f731 | cdk_linux_arm |
| 3fc8aac43db6c83112f9bc168ae5a32f1cdd942376941341c621fa36bff26647 | cdk_linux_arm64 |
| 1e82c733ecbf30e06bfa200e327fad167e79a55854a198f92afa2fa7d0f9337f | cdk_linux_arm64_thin |
What's Changed
Full Changelog: v1.4.1...v1.5.0
Contributors
neargle
Assets 14
CDK v1.4.1
Release Date: 2022-09-19
📜 Changelog
🔍 About Evaluate
- Feat(evaluate): support check setuid files in path (#67)
- More colorful in Evaluate
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| fb88b7cf0b5a1136829a3cf1c25f536713e6d7033c8b95cf31ea1e1c14c33a55 | cdk_darwin_amd64 |
| d7020b26924bfcef8d88089ad6f9f496cc9b39ed08ffaf3ae857703ae154c198 | cdk_linux_386 |
| 2c901d5da52c1766eb638b8d1b35a276121f0fb2a7156cb591b4f7ca054c1ed7 | cdk_linux_386_thin |
| 6bfc3e0664e6aab7d6925ad1c191c75bc1f1f5b4dd4f8c073c5eef063ec92de7 | cdk_linux_386_thin_upx |
| 54e82ce2900876594c573f74437a23034f70f959e428bb2cf046afe73f6abc56 | cdk_linux_386_upx |
| 5b313e80767783165c9f99079a6210582b5f57fe4c3f34ab2c5d27e6b1a09695 | cdk_linux_amd64 |
| 762df2cf658c629e22e2f30827bd2b42de41749e2a387635db41849911641121 | cdk_linux_amd64_thin |
| b5c59b19f4a9301c29b40a6565a3c21dc71fd3baf14a755c67ca735b3d18cb9e | cdk_linux_amd64_thin_upx |
| c417429bfef774a5aad6d5a745b741f291fc0bd1b48514bfd4fbca9345e43384 | cdk_linux_amd64_upx |
| 6da016cefca0a050afb4c3dbf5e07f1af4fe69b24f1be45e56444fef537fd2b3 | cdk_linux_arm |
| b6ef9851d887120994e19521814b994f750f0eac77ddc2ae60efd75ad085b02f | cdk_linux_arm64 |
| de0be23b564e470725a91e72bf431667ab1d2d4e8cb318a1c18e66b3ba97340e | cdk_linux_arm64_thin |
What's Changed
Full Changelog: v1.4.0...v1.4.1
CDK v1.4.0
Release Date: 2022-09-04
📜 Changelog
💣 Exploits
- Perf(exp): add recommend message for
lxcfs-rwandlxcfs-rw-cgroupexploit - Fix(exp): function undefined in macos
- Feat(exp): support Exploit lxcfs-rw with cgroup release_agent
🔍 About Evaluate
- Feat(evaluate): output all mount info and more colorfu (#64)
- Perf(exp): add recommend message for
lxcfs-rwandlxcfs-rw-cgroupexploit
✨ Others
- Feat(evaluate): output all mount info and more colorfu (#64)
- Perf(exp) #62: add recommend message for
lxcfs-rwandlxcfs-rw-cgroup - Feat(exp): support Exploit lxcfs-rw with cgroup release_agent
- Test(fix): fix import circle in TestParseCDKMain
What's Changed
- feat(exp): support Exploit lxcfs-rw with cgroup release_agent by @lockedtang in #61
- perf(exp): add recommend message for
lxcfs-rwandlxcfs-rw-cgroup… by @neargle in #62 - feat(evaluate): output all mount info and more colorfu by @neargle in #64
New Contributors
- @lockedtang made their first contribution in #61
Full Changelog: v1.3.0...v1.4.0
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| dbbe29d4095a98dbfc4e2ef1a26e0696f75930a04a274a2a207c0bd0296b7a24 | cdk_darwin_amd64 |
| b75d4f2cb82be9e774f78020bb86d8df9a8eeb6ceac18b823c4c6459a3ca7faf | cdk_linux_386 |
| d836bdb64f2112e1fff1080145cd2f349478ba67e1d68bdfd9e734b114f7627d | cdk_linux_386_thin |
| 1c8de7031ee8dbf83ffde0f1d6401dbc9d95059c984290b115bd58c20b86e8a6 | cdk_linux_386_thin_upx |
| c02322e9bf5f1a0655cdaf316371f91257b9008d2ee6dde791bac5e8b2e5064d | cdk_linux_386_upx |
| 954c9e0a1f8f731d410d27e525225760bf46f9df26d7fa63fac9cf848c1fea97 | cdk_linux_amd64 |
| 28009247ff5f8ee93dcf3fa06e60eb43374eec61f816feb61081e2d53f4806be | cdk_linux_amd64_thin |
| 37bfb3819257d612a6dfed9954c9ba4a8da62f6967ec8221c802d7eb97723113 | cdk_linux_amd64_thin_upx |
| e3b434dad7f4330a5402271014b6a450ecf998aa10d66c640798d5b1d057639a | cdk_linux_amd64_upx |
| 0dc31dff0221a2907f19a6feff091161297598b7fab68a0272f7ce0d7698abff | cdk_linux_arm |
| a9f51500eba6088cde85a398ebe8d14f4fb52a931f9988049ab7e14570f39498 | cdk_linux_arm64 |
| 7abda12808ebda750211656c4a931ca9794121b42d2a0be50dee43b9fcc84718 | cdk_linux_arm64_thin |
CDK v1.3.0
Release Date: 2022-07-10
🔮 Support for some function on the kubelet. Waiting for July 18?
📜 Changelog
💣 Exploits
- Test(main function): add unit test for ParseCDKMain
- Feat(exp): support "Exploit container escape with kubelet log access & /var/log mount"
- Feat(exp) (#55): Exploit a kubelet endpoint, default 10250
🧰 Tools
- Test(main function): add unit test for ParseCDKMain
✨ Others
- Test(github action): add go test
- Fix(network): support getgateway in linux container
- Docs(readme): add Quick Start
- Feat(network): get gateway in pods
- Feat(exp) (#55): Exploit a kubelet endpoint, default 10250
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| c142ea52e700259405c0de3aae652fcbbe9d476ca40aafb4309c60538d03f6a0 | cdk_darwin_amd64 |
| c6b8be2b81f56a9f4330f7ccae161bda9de8deaf375bb8d1150264aa6fb502e9 | cdk_linux_386 |
| 5866ad6e1eb1d3c5481179c4eae84fc733fca93782827f08b8e980dd455f8e1d | cdk_linux_386_thin |
| f116626cb8bd2787d19bbb0dbf578cbd09093e19ab27911beb1f61d46abb3845 | cdk_linux_386_thin_upx |
| ae96f988b56a4ae501aa125e99d11308714290e287a21f97a4116b2bd9964079 | cdk_linux_386_upx |
| ddf4573b4c5fdfd92657979d79b8d8c7658dbb36e9a794628438ff01d7cca1a5 | cdk_linux_amd64 |
| 3ca57afb3c9a3154212ad9f9eb323ce2cae89d046e5bf05acb5730a311e4e9f3 | cdk_linux_amd64_thin |
| 0dcb0ef0bd6b1a018108265c2bd1acf0a34ac94f2fe012a3aea22a23b8a151c2 | cdk_linux_amd64_thin_upx |
| 9275c94ba6160e9de488089ba5e4df9f831aaa8a9e2dbe04d0c7ca7feb3a4cb8 | cdk_linux_amd64_upx |
| 99a0e78b14a0147999489e76b275e0a4503b03ed682cb382338a19472123b74d | cdk_linux_arm |
| 023fbd9f1d087ec3cb0761e01d95503f055e72209f85513380ed1b32177ef570 | cdk_linux_arm64 |
| b92a34dfe966a9540d853cb5762574e659a33f965b532e453f5f0a2619505096 | cdk_linux_arm64_thin |
Contributor
Full Changelog: v1.2.0...v1.3.0
CDK v1.2.0
Release Date: 2022-06-25
☑️ Release a new version in the hospital 💊.
What's Changed
- add etcd get k8s token by @404tk in #52
- perf(probe): output ending message by @neargle in #53
- Fix #49 (shadow-apiserver): Flag --insecure-port has been deprecated by @neargle in #50
New Contributors
- @404tk made their first contribution in #52
- Thanks to @路飞 for privately reporting a bug, we fixed it in #49
📜 Changelog
💣 Exploits
- Feat(etcd) #52: get K8s service account token in ETCD
🧰 Tools
- Feat(etcd) #52: get K8s service account token in ETCD
- Perf(probe): output ending message
🔑 Hash Table
| SHA256 | EXECTUE FILE |
|---|---|
| 139c41629e75329a9582b0a3ca07327a134860d4cc3686795a5fb69d09ee50aa | cdk_darwin_amd64 |
| 1ff183ed7b15612ef77d444187d44d2e1d76df09fa1762c24c54ab45440c77b9 | cdk_linux_386 |
| c8664d51b579d5922ab8325a777048d8d661baf2767744829becb979784f76d9 | cdk_linux_386_thin |
| eaa6c3fcb9e722d690183ae349ac2ca935aa9bcd2942f6f103fd8eb842dc5168 | cdk_linux_386_thin_upx |
| bb6ca78dc8a3774eb3db52580c52bc6b47ca885d9881f5cb422c915ca2c2a7a9 | cdk_linux_386_upx |
| 5f62f9a20546e50fcb59aedca67b9fd9252c1c026ef81649bd9eb7366c4376aa | cdk_linux_amd64 |
| 0e411f4a58f7ca4e77a39c810bd1cb44eca9f8cbae2a20d1c3ed6d3f1b9c4f81 | cdk_linux_amd64_thin |
| eec9b210d157d0ef16e7238c21bf66c6dd4806471853c3e976927f7be14ab918 | cdk_linux_amd64_thin_upx |
| 131c1f2e3e3062392bece1caca144ef426920af8c8a54912f8ec23321a766b5a | cdk_linux_amd64_upx |
| 39f6d556d0567606d5763e60fecafeb3e5d16afd986c05602c06d2486d8d72c2 | cdk_linux_arm |
| cca9d8bb94c36f2e971f834b980801d3fefd23fd8a25852867bb1be94d116963 | cdk_linux_arm64 |
| 770e9e98e3ed07a224cbaf8fb78c5c9804b580f04470884cead4413616200621 | cdk_linux_arm64_thin |