Exploiting applications using liveness probes in Kubernetes

Introduction

Startup, readiness, and liveness probes are very well described in the Kubernetes documentation. kubelet uses these probes defined in the pod manifest to verify whether a pod is booting, ready to accept traffic and still alive. It is kubelet who actually executes the probes (and not the pod itself).

There are different ways the probes are executed.

  • httpGet
  • exec

The problems described here are considered ‘as designed’, as you should download containers from a trusted source according to the reviewers.

The examples below shows that trusted sources of container images will not solve the problem, neither will image scanning.

To prevent an attack from happening, it is mandatory to scan the Kubernetes pod and deployment manifests rigorously before deploying (and not use any pre-canned examples :-))

This example overwrites the pods /etc/hostfile to spoof hostnames.

Conclusion

Many things are written on securely deploying applications on kubernetes. Keep in mind that all aspects need full attention and generating and building Kubernetes manifest is also developping code.

 by the author.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Philippe Bogaerts

Philippe Bogaerts

#BruCON co-founder, #OWASP supporter, Application Delivery and Web Application Security, #Kubernetes and #container, #pentesting enthousiast, BBQ & cocktails !!