Added TTP to backdoor Kubernetes nodes with rogue SSH keys for persistence #127

l50 · 2024-08-23T15:29:25Z

Summary:
Added:

Created backdoor-k8s-nodes-authorized-keys.yaml TTP to inject rogue SSH keys into Kubernetes nodes
Added steps for deploying a privileged pod to modify authorized_keys files on all nodes
Included cleanup logic to restore original authorized_keys files after the attack
Created a detailed README.md explaining arguments, requirements, and usage examples

Changed:

Updated extract-k8s-secrets/README.md with correct example command for running TTP

Differential Revision: D61690546

facebook-github-bot · 2024-08-23T15:29:34Z

This pull request was exported from Phabricator. Differential Revision: D61690546

…tence (facebookincubator#127) Summary: **Added:** - Created `backdoor-k8s-nodes-authorized-keys.yaml` TTP to inject rogue SSH keys into Kubernetes nodes - Added steps for deploying a privileged pod to modify `authorized_keys` files on all nodes - Included cleanup logic to restore original `authorized_keys` files after the attack - Created a detailed `README.md` explaining arguments, requirements, and usage examples **Changed:** - Updated `extract-k8s-secrets/README.md` with correct example command for running TTP Differential Revision: D61690546

facebook-github-bot · 2024-08-23T15:35:16Z

This pull request was exported from Phabricator. Differential Revision: D61690546

facebook-github-bot · 2024-08-23T15:58:16Z

This pull request has been merged in 9b454a6.

l50 requested review from d3sch41n, cedowens, d0n601 and CrimsonK1ng as code owners August 23, 2024 15:29

facebook-github-bot added the cla signed label Aug 23, 2024

facebook-github-bot added the fb-exported label Aug 23, 2024

l50 force-pushed the export-D61690546 branch from fd5a924 to 4029946 Compare August 23, 2024 15:35

facebook-github-bot closed this in 9b454a6 Aug 23, 2024

facebook-github-bot added the Merged label Aug 23, 2024

l50 deleted the export-D61690546 branch September 4, 2024 05:31

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Added TTP to backdoor Kubernetes nodes with rogue SSH keys for persistence #127

Added TTP to backdoor Kubernetes nodes with rogue SSH keys for persistence #127

l50 commented Aug 23, 2024

facebook-github-bot commented Aug 23, 2024

facebook-github-bot commented Aug 23, 2024

facebook-github-bot commented Aug 23, 2024

Added TTP to backdoor Kubernetes nodes with rogue SSH keys for persistence #127

Added TTP to backdoor Kubernetes nodes with rogue SSH keys for persistence #127

Conversation

l50 commented Aug 23, 2024

facebook-github-bot commented Aug 23, 2024

facebook-github-bot commented Aug 23, 2024

facebook-github-bot commented Aug 23, 2024