nginx

ingress

tools

penetration-testing

Exploit Code for Ingress Nginx CVE-2023-5044

18 January 2024

I was delivering a Kubernetes Security Review this week and the cluster was running version 1.7 of the ingress-nginx controller. This is affected by a few CVEs but notably CVE-2023-5044. This is a quick post about a PoC tool I’ve released to exploit it.

Background

CVE-2023-5044 allows for …

Read

kubeletmein

tools

Seccomp in Kubernetes

27 October 2022

kubeletmein

tools

Kubeletmein EKS (and other) Updates

5 March 2021

penetration-testing

kubernetes

Hacking DigitalOcean’s New Kubernetes Service

13 December 2018

penetration-testing

kubernetes

Kubeletmein - A tool for abusing kubelet credentials

6 December 2018

penetration-testing

kubernetes

Hacking Kubelet on Google Kubernetes Engine

29 November 2018