CDK v1.5.5

Release Date: 2025-02-22

📜 Changelog

💣 Exploits

• Fix #114 (shim_pwn): a new log for debug, need to fix the bug in future

✨ Others

• Fix #114 (shim_pwn): a new log for debug, need to fix the bug in future
• Fix(gh action - gox): gox not found in path
• Fix(gh action - release): automatically failed because it uses a deprecated version
• Fix (exp shim-pwn): #104 merged directory appears twice in path

🔑 Hash Table

SHA256	EXECTUE FILE
648b581dc3ccac79f531ac7a98ae9ee08a6bfcc6dc99f7a21e6c44d25b9721a3	cdk_darwin_amd64
2da619e14967c731a11885453314d50ea65363d4eb16bf6ecb354a9ef325b772	cdk_linux_386
6539591b891254aeefdc0194da11dbd4a7198003f484d6d2334a82718f374c30	cdk_linux_386_thin
e31a5eda08002b69d488c79bb8fbba95eb20f620f0121ae4b9a2117b434051f9	cdk_linux_386_thin_upx
e809e2ef4684c8c18ee2cc1f619ad91cbc9d58115cfd6af7395dbedef7c41794	cdk_linux_386_upx
202f3fc5babfcb64b3c1d99bf24563f1bbce31cbbf4216a83116c8f6149efe80	cdk_linux_amd64
45b730eace5801d1c1ffd549c4e1acaea05eba80c542aae93bd79673cd2ce7c8	cdk_linux_amd64_thin
e8d07bb3b8abd665d49cf67024580dfbca72fbb96d429b123539f59f326ae474	cdk_linux_amd64_thin_upx
f157d104917236c2c6431f12921b0d0c0e0295e94c55ba28d3bde2cf4d7d6cf3	cdk_linux_amd64_upx
08528e8e45f22b9a834e4489f3ddaa08475052402a1766c7ea3d89462d88127d	cdk_linux_arm
fab9a9a2661d7ecd3670c550fdf7e904d21abbccddf98bc29c310a60fab49d7b	cdk_linux_arm64
5fbec9b2c17c6fe98aaa21e905408abecfee8e09bcc67a3762383e052ca69765	cdk_linux_arm64_thin

CDK v1.5.4

Release Date: 2024-11-15

📜 Changelog

💣 Exploits

• Fix (exp shim-pwn): #104 merged directory appears twice in path
• Fix(github action):add test poc, panic in Github Action with an unknown error
• Feat(exp): a better output in exploit list
• Refactor(exp): add type string in all exploit
• Fix(exp test): github action check failed with unknown issue
• Refactor(exp): add base struct of Exploit
• Refactor(exp): reorganize exp files in exploit package

🧰 Tools

• Refactor(exp): add base struct of Exploit
• Feat(tools): a keep path for run binary native kubectl in cmd line

✨ Others

• Fix(gh action - gox): gox not found in path
• Fix(gh action - release): automatically failed because it uses a deprecated version
• Chore(.gitignore): /cdk
• Add util: new KubeConfig struct and K8sPod struct
• Add util: new KubeConfig struct
• Add utils(kubelet): util only, add kubelet api response
• Refactor(exp): reorganize exp files in exploit package
• Chore: add assets embed in gitignore
• Chore(test): a simple run test script

🔑 Hash Table

SHA256	EXECTUE FILE
f0fc4517a1a74f1922e41886cc4584c7683f7726111e40f03b26edc6bd9c6642	cdk_darwin_amd64
bca1f1c7d9253bafb3442c4dd95a0b18a82be404ab9442a373b2ff91a47f5164	cdk_linux_386
c52ebc7882d730dcd1d32551e8ed3eca5997f56079efb92c591e62292d3c0c09	cdk_linux_386_thin
fe43248d33a0e7bd20c619186b757febef4508bea3787671d3ecc95ed742b729	cdk_linux_386_thin_upx
edfc7e6329aeeb8cb0df8734ad9083840020e9d2d81d4ae71609dc7339552a0a	cdk_linux_386_upx
20f2e5e7e74953d37c5986b751d8d2e0cdd21d2275dfdfc21a5f4f8b4a37776f	cdk_linux_amd64
d3d1a4bc05989627fc32615a0ec5b280f521577437a7bbce5dbd2e06a9a54602	cdk_linux_amd64_thin
8b1b47c29bc124e99ea4e2d0b9d16ae4c8042b26f4592c46bcadb208dd780f76	cdk_linux_amd64_thin_upx
a53d0d8ca3a89a4e43ea2993031c375499cc01810dc18c65097993c43cc03ea9	cdk_linux_amd64_upx
4a1e4478704d8ad1fbec9b3258f315028fedd0dfbf739508ab1438d42625cbef	cdk_linux_arm
b6fb74cf4bcf1ad06bc0424af481dff96e98cf06803d450c4d9a3b621b63966e	cdk_linux_arm64
68a231b29bc22ff2f956bbfc0215f5c74880da394ddd484144a8ef1013c696d1	cdk_linux_arm64_thin

What's Changed

• [Exploit] Many commit from CDK Plus, for a better list of exploit by @neargle in #103
• fix: fix slice init length by @cuishuang in #105
• kcurl anonymous mode，add random ip addresses to confuse ip addresses by @lufeirider in #106
• Many utils code from cdk plus, for the future exploits. by @neargle in #107
• fix (exp shim-pwn): #104 merged directory appears twice in path by @neargle in #108

Full Changelog: v1.5.3...v1.5.4-alpha

CDK v.1.5.4 Pre Release

What's Changed

• [Exploit] Many commit from CDK Plus, for a better list of exploit by @neargle in #103
• fix: fix slice init length by @cuishuang in #105
• kcurl anonymous mode，add random ip addresses to confuse ip addresses by @lufeirider in #106
• Many utils code from cdk plus, for the future exploits. by @neargle in #107
• fix (exp shim-pwn): #104 merged directory appears twice in path by @neargle in #108

New Contributors

• @cuishuang made their first contribution in #105
• @lufeirider made their first contribution in #106

Full Changelog: v1.5.3...v1.5.4

CDK v1.5.3

Release Date: 2024-05-19

📜 Changelog

💣 Exploits

• Feat(exp): adapt docker devicemapper file system when get docker rootfs

🧰 Tools

• 增加查看网络连接信息
• Fix(eva): long standing timeout in discovery k8s apiserver with sa, error msg: GET, ...connection timed out

✨ Others

• Feat(tool docs): add netstat document
• Fix(cgroup): latter part slice len error (#87)
• Chore: os.SEEK_END has been deprecated since Go 1.7
• Feat(exp): adapt docker devicemapper file system when get docker rootfs

🔑 Hash Table

SHA256	EXECTUE FILE
64b40a70b232b7e23a187a11c52ef8d8b7f3e16a5b869af16b390cbbe4aab935	cdk_darwin_amd64
4c7260ac051907d12896054145fe103f9ea06de3bb2f04f0aab953dff32028de	cdk_linux_386
2c757f0065c167e633318ff8d43cb85cf936eae2db224f4e066098f4a8cb324a	cdk_linux_386_thin
197c42343c75fbbb7d77f3aaa92e04e43ddec927887e889197db72fcff5e9df4	cdk_linux_386_thin_upx
17b096ff5df1b612abc12887e65fae97280533bfe058ce6becb9c0920f4d4c42	cdk_linux_386_upx
d7f0690e41786270f345ff4851fd4b239631d4c1e7a6b9f74ad139565cbdb2ed	cdk_linux_amd64
13f42e004a25be9ba99aee3396a1d810026d7750d1e199774c5ba8410b15ae30	cdk_linux_amd64_thin
cdac5cd3d0ff424315da3e233a79f72663c26e53fc4ac2e5031ea08154630514	cdk_linux_amd64_thin_upx
ccbc5c84af4045835e6b001cdf845d63802e081cbb97d9625c12d8d0f9b6f852	cdk_linux_amd64_upx
896b8d804debd233200375a5b7c1218d5b8bf5f53aaaa685b9d411c0770e27d4	cdk_linux_arm
381448682cb5ea5ff1bc8bfd3462e637da0445fc74fdb60e0de5e11d8c2dc90d	cdk_linux_arm64
2b92652d4909d39e12fc9320188f9e834b82f80d3aba92dea4267608f3543861	cdk_linux_arm64_thin

CDK v1.5.2

Release Date: 2023-03-12

What's Changed

• V1.5.2 alpha by @neargle in #80

📜 Changelog

💣 Exploits

• Fix 78(exp): support containerd and other linux path

🧰 Tools

• Fix #77(exp shadow-apiserver): anonymous-auth is not valid, support v1.23.1

✨ Others

• Fix 78(exp): support containerd and other linux path
• Chore(exp): add alert message about flag auto-escape is deprecated

✨ In Chinese

• 支持 linux 环境下的不同容器运行时，如 containerd、runc、docker；
• 修复shadow-apiserver匿名访问无效的issue，支持新版本的k8s，如 v1.23.1；
• 添加迭代部分功能的消息提醒

🔑 Hash Table

SHA256	EXECTUE FILE
9f63e35d7b9d0814ad9f0ef23b89deb4f823d3b07bcd33df9abc5b957bb8be0f	cdk_darwin_amd64
d5c8e759b790c6ffb3134c8f0aae5865e2ae4c672dc09eaa312bc928fd0d78bd	cdk_linux_386
64c86a12800b8d5064e7313a43eb6f5504a7043ab15c227cecfddaf84cc74ced	cdk_linux_386_thin
364fcacd8b55d7d54162849b620cd83e9f50ddb3c7c08478f391cce09449b452	cdk_linux_386_thin_upx
242a11999f0c5b776400f2462854ef1d07101bd1085e3b29c9b7ba825c93a3fb	cdk_linux_386_upx
af751c690671ffc0da6380ef94a25df3dfc5911c448319f7f6b90df55cca7b7d	cdk_linux_amd64
f118a70fa7b02b858bb4fffb96d9a861e4b02f62df054a0d69854449682c8f85	cdk_linux_amd64_thin
3dc271adc2565c38eda5fdaee3070bda8962159d17ba625467a0f3a6e5e440d0	cdk_linux_amd64_thin_upx
924fb2bd1fe001f9eb62509a05546d1aaf97ebbfca73c75eb665a38b34559c4e	cdk_linux_amd64_upx
594811dafdfb9f5cc56b604d8fe97777c23057e37803ec34afdf5680bf9276ea	cdk_linux_arm
828aede9a7bc193899b66e8c10ac10d24398cf79575e771d9a970d3f9a4cdd92	cdk_linux_arm64
2eb30e2abc71fadaee5980bd89a8e4a2c95bcc5d60857a3c13b006c186307e8e	cdk_linux_arm64_thin

Full Changelog: v1.5.1...v1.5.2

CDK v1.5.1

Release Date: 2023-01-01

🎉 Happy New Year to everyone in 2023~

📜 Changelog

💣 Exploits

• Fix #71 (exp): k8s-shadow-apiserver check apiserver error in invalid to list pods

🔑 Hash Table

SHA256	EXECTUE FILE
fb8e1c7fbb5f253cffd87b965e587b4cb611ca2e5a38a13db70a082d8b8fe49c	cdk_darwin_amd64
225ae3f948ca67c0f37ad69a5ce542c27c370993806599aeb927079bf8553acb	cdk_linux_386
9a4d894cc0d020b03fbbf1ad8d147fc7a871a633fdc67497685a8b8d52b465e4	cdk_linux_386_thin
254cf55fb776afbcf5ff93f9647303be1f8bee48bcb78f138881e4dc17c34b81	cdk_linux_386_thin_upx
b2e2d49036ddaebaab3cbcd26b3d1742fca27ce42926f2fbb10791ce8af6f2a6	cdk_linux_386_upx
b18a6f563afe5afa141713e2a569de7faac174adef1d3fa467a44d7cd8598a8a	cdk_linux_amd64
1d2e4fa684a99e31479bcc0e5e14aa7f3c56cce3de71028241a9745c67ebf034	cdk_linux_amd64_thin
db192e3adff9cfb3777dc44fbe037aee648af60c203832d7a5f7ac41e265f01b	cdk_linux_amd64_thin_upx
f930268ff8e01585865f3190c10570175b0ef11c1b17172c93b413df8507bcbe	cdk_linux_amd64_upx
ca6d09368c87c863029065d8d134bea7edefe73e270b599336185bec60dc68ab	cdk_linux_arm
8de962c37d5fd876e8b402dd86e334a6ab66b6fa8242a2c8eeef4b6d1d0457ec	cdk_linux_arm64
d0315c0ae104a656d1b6787f8929a324193f65935b54514107f9ddb7639784d3	cdk_linux_arm64_thin

What's Changed

• fix #71 (exp): k8s-shadow-apiserver check apiserver error in invalid … by @neargle in #73

Full Changelog: v1.5.0...v1.5.1

CDK v1.5.0

🏠 During the 7-day holiday, are there any technical activities in Xiamen that I can participate in?

Release Date: 2022-09-25

📜 Changelog

🔍 About Evaluate

• Feat(evaluate): check kernel exploit, use mzet-/linux-exploit-suggester
• Feat(evaluate): support check setuid files in path
• Perf(capabilities): red color for add caps

✨ Others

• Perf(evaluate): support two new formatted print func
• Perf(eva): a nice head 2 of title

🔑 Hash Table

SHA256	EXECTUE FILE
9484ea212c59a9ada48f9f08204448eaf013891b7b722f9d111f4346f7f17a4c	cdk_darwin_amd64
e8eb686267d1017f0c044f8725a91d2a3b0111156975f4918c9b3839b571483f	cdk_linux_386
cf649763c47c27458c5af325697d002c0768efb7b45e5a0246d529519df56ea4	cdk_linux_386_thin
d29a6e6ff589b020cadb8f8815eafd2a1a6224a1e042e6649c9747e924048dcb	cdk_linux_386_thin_upx
06a53f84d7e034e563a8fc3747000bcdc6b9945efd0ecbc990322ff527b3ad04	cdk_linux_386_upx
4bd863af3ba70c958caf5b048ddd90a32a54bb9ae5d3e7578e8e0f1330a7d68f	cdk_linux_amd64
588f790b5ea620a3077e6231bef7180951410f445c5d5b9aac8289b3a8d3cf1a	cdk_linux_amd64_thin
f1a3a780227dec46aa938096d1a8d8f6240e711d757a25aaec0f6c6adf0a495a	cdk_linux_amd64_thin_upx
a20e531b0117f484e0b2aa0debccc8edc597fbaf43578cc1c862eb98fb6a849d	cdk_linux_amd64_upx
03c387fcf1090b813124a067e3434845c6242e7d6d4f0a835f78a96d6fb6f731	cdk_linux_arm
3fc8aac43db6c83112f9bc168ae5a32f1cdd942376941341c621fa36bff26647	cdk_linux_arm64
1e82c733ecbf30e06bfa200e327fad167e79a55854a198f92afa2fa7d0f9337f	cdk_linux_arm64_thin

What's Changed

• Feat(evaluate): check kernel exploit, use mzet-/linux-exploit-suggester by @neargle in #69

Full Changelog: v1.4.1...v1.5.0

CDK v1.4.1

Release Date: 2022-09-19

📜 Changelog

🔍 About Evaluate

• Feat(evaluate): support check setuid files in path (#67)
• More colorful in Evaluate

🔑 Hash Table

SHA256	EXECTUE FILE
fb88b7cf0b5a1136829a3cf1c25f536713e6d7033c8b95cf31ea1e1c14c33a55	cdk_darwin_amd64
d7020b26924bfcef8d88089ad6f9f496cc9b39ed08ffaf3ae857703ae154c198	cdk_linux_386
2c901d5da52c1766eb638b8d1b35a276121f0fb2a7156cb591b4f7ca054c1ed7	cdk_linux_386_thin
6bfc3e0664e6aab7d6925ad1c191c75bc1f1f5b4dd4f8c073c5eef063ec92de7	cdk_linux_386_thin_upx
54e82ce2900876594c573f74437a23034f70f959e428bb2cf046afe73f6abc56	cdk_linux_386_upx
5b313e80767783165c9f99079a6210582b5f57fe4c3f34ab2c5d27e6b1a09695	cdk_linux_amd64
762df2cf658c629e22e2f30827bd2b42de41749e2a387635db41849911641121	cdk_linux_amd64_thin
b5c59b19f4a9301c29b40a6565a3c21dc71fd3baf14a755c67ca735b3d18cb9e	cdk_linux_amd64_thin_upx
c417429bfef774a5aad6d5a745b741f291fc0bd1b48514bfd4fbca9345e43384	cdk_linux_amd64_upx
6da016cefca0a050afb4c3dbf5e07f1af4fe69b24f1be45e56444fef537fd2b3	cdk_linux_arm
b6ef9851d887120994e19521814b994f750f0eac77ddc2ae60efd75ad085b02f	cdk_linux_arm64
de0be23b564e470725a91e72bf431667ab1d2d4e8cb318a1c18e66b3ba97340e	cdk_linux_arm64_thin

What's Changed

• Better eva - feat(evaluate): support check setuid files in path by @neargle in #67

Full Changelog: v1.4.0...v1.4.1

CDK v1.4.0

Release Date: 2022-09-04

📜 Changelog

💣 Exploits

• Perf(exp): add recommend message for lxcfs-rw and lxcfs-rw-cgroup exploit
• Fix(exp): function undefined in macos
• Feat(exp): support Exploit lxcfs-rw with cgroup release_agent

🔍 About Evaluate

• Feat(evaluate): output all mount info and more colorfu (#64)
• Perf(exp): add recommend message for lxcfs-rw and lxcfs-rw-cgroup exploit

✨ Others

• Feat(evaluate): output all mount info and more colorfu (#64)
• Perf(exp) #62: add recommend message for lxcfs-rw and lxcfs-rw-cgroup
• Feat(exp): support Exploit lxcfs-rw with cgroup release_agent
• Test(fix): fix import circle in TestParseCDKMain

What's Changed

• feat(exp): support Exploit lxcfs-rw with cgroup release_agent by @lockedtang in #61
• perf(exp): add recommend message for lxcfs-rw and lxcfs-rw-cgroup… by @neargle in #62
• feat(evaluate): output all mount info and more colorfu by @neargle in #64

New Contributors

• @lockedtang made their first contribution in #61

Full Changelog: v1.3.0...v1.4.0

🔑 Hash Table

SHA256	EXECTUE FILE
dbbe29d4095a98dbfc4e2ef1a26e0696f75930a04a274a2a207c0bd0296b7a24	cdk_darwin_amd64
b75d4f2cb82be9e774f78020bb86d8df9a8eeb6ceac18b823c4c6459a3ca7faf	cdk_linux_386
d836bdb64f2112e1fff1080145cd2f349478ba67e1d68bdfd9e734b114f7627d	cdk_linux_386_thin
1c8de7031ee8dbf83ffde0f1d6401dbc9d95059c984290b115bd58c20b86e8a6	cdk_linux_386_thin_upx
c02322e9bf5f1a0655cdaf316371f91257b9008d2ee6dde791bac5e8b2e5064d	cdk_linux_386_upx
954c9e0a1f8f731d410d27e525225760bf46f9df26d7fa63fac9cf848c1fea97	cdk_linux_amd64
28009247ff5f8ee93dcf3fa06e60eb43374eec61f816feb61081e2d53f4806be	cdk_linux_amd64_thin
37bfb3819257d612a6dfed9954c9ba4a8da62f6967ec8221c802d7eb97723113	cdk_linux_amd64_thin_upx
e3b434dad7f4330a5402271014b6a450ecf998aa10d66c640798d5b1d057639a	cdk_linux_amd64_upx
0dc31dff0221a2907f19a6feff091161297598b7fab68a0272f7ce0d7698abff	cdk_linux_arm
a9f51500eba6088cde85a398ebe8d14f4fb52a931f9988049ab7e14570f39498	cdk_linux_arm64
7abda12808ebda750211656c4a931ca9794121b42d2a0be50dee43b9fcc84718	cdk_linux_arm64_thin

CDK v1.3.0

Release Date: 2022-07-10

🔮 Support for some function on the kubelet. Waiting for July 18?

📜 Changelog

💣 Exploits

• Test(main function): add unit test for ParseCDKMain
• Feat(exp): support "Exploit container escape with kubelet log access & /var/log mount"
• Feat(exp) (#55): Exploit a kubelet endpoint, default 10250

🧰 Tools

• Test(main function): add unit test for ParseCDKMain

✨ Others

• Test(github action): add go test
• Fix(network): support getgateway in linux container
• Docs(readme): add Quick Start
• Feat(network): get gateway in pods
• Feat(exp) (#55): Exploit a kubelet endpoint, default 10250

🔑 Hash Table

SHA256	EXECTUE FILE
c142ea52e700259405c0de3aae652fcbbe9d476ca40aafb4309c60538d03f6a0	cdk_darwin_amd64
c6b8be2b81f56a9f4330f7ccae161bda9de8deaf375bb8d1150264aa6fb502e9	cdk_linux_386
5866ad6e1eb1d3c5481179c4eae84fc733fca93782827f08b8e980dd455f8e1d	cdk_linux_386_thin
f116626cb8bd2787d19bbb0dbf578cbd09093e19ab27911beb1f61d46abb3845	cdk_linux_386_thin_upx
ae96f988b56a4ae501aa125e99d11308714290e287a21f97a4116b2bd9964079	cdk_linux_386_upx
ddf4573b4c5fdfd92657979d79b8d8c7658dbb36e9a794628438ff01d7cca1a5	cdk_linux_amd64
3ca57afb3c9a3154212ad9f9eb323ce2cae89d046e5bf05acb5730a311e4e9f3	cdk_linux_amd64_thin
0dcb0ef0bd6b1a018108265c2bd1acf0a34ac94f2fe012a3aea22a23b8a151c2	cdk_linux_amd64_thin_upx
9275c94ba6160e9de488089ba5e4df9f831aaa8a9e2dbe04d0c7ca7feb3a4cb8	cdk_linux_amd64_upx
99a0e78b14a0147999489e76b275e0a4503b03ed682cb382338a19472123b74d	cdk_linux_arm
023fbd9f1d087ec3cb0761e01d95503f055e72209f85513380ed1b32177ef570	cdk_linux_arm64
b92a34dfe966a9540d853cb5762574e659a33f965b532e453f5f0a2619505096	cdk_linux_arm64_thin

Contributor

@neargle @404tk

Full Changelog: v1.2.0...v1.3.0