容器渗透横向
本质上要获得
1.获得容器IP段
2.获得主机IP段
3.获得本机IP
4.通过CNI或Docker0等扫描本机端口
Flannel
容器信息
root@ubuntu-linux-22-04-desktop:/home/parallels/Desktop# k get po -A -o wide
NAMESPACE NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
default escaper 1/1 Running 0 24h 10.244.0.53 ubuntu-linux-22-04-desktop <none> <none>
default rootdir-escape-7d96587449-cjhz7 1/1 Running 4 (3d2h ago) 33d 10.244.1.94 node2 <none> <none>
default rootdir-escape-7d96587449-ftmhp 0/1 ContainerStatusUnknown 4 (33d ago) 83d 10.244.1.56 node2 <none> <none>
default tomcat01-7f555c84f7-hgzjh 0/1 ImagePullBackOff 0 25h 10.244.0.49 ubuntu-linux-22-04-desktop <none> <none>
default tomcat01-7fd8849567-gthhh 0/1 ImagePullBackOff 1 (3d2h ago) 33d 10.244.1.93 node2 <none> <none>
kube-flannel kube-flannel-ds-7jmkz 1/1 Running 10 (3d2h ago) 57d 10.211.55.7 node2 <none> <none>
kube-flannel kube-flannel-ds-fg7wh 1/1 Running 89 (3d ago) 439d 10.211.55.6 ubuntu-linux-22-04-desktop <none> <none>
kube-system coredns-6d8c4cb4d-7ll4q 1/1 Running 14966 (3d ago) 439d 10.244.0.48 ubuntu-linux-22-04-desktop <none> <none>
kube-system coredns-6d8c4cb4d-v2v6s 1/1 Running 14970 (3d ago) 439d 10.244.0.46 ubuntu-linux-22-04-desktop <none> <none>
kube-system etcd-ubuntu-linux-22-04-desktop 1/1 Running 11 (3d ago) 118d 10.211.55.6 ubuntu-linux-22-04-desktop <none> <none>
kube-system kube-apiserver-ubuntu-linux-22-04-desktop 1/1 Running 433 (3d ago) 400d 10.211.55.6 ubuntu-linux-22-04-desktop <none> <none>
kube-system kube-controller-manager-ubuntu-linux-22-04-desktop 1/1 Running 855 (3d ago) 439d 10.211.55.6 ubuntu-linux-22-04-desktop <none> <none>
kube-system kube-proxy-wbhzx 1/1 Running 84 (3d ago) 439d 10.211.55.6 ubuntu-linux-22-04-desktop <none> <none>
kube-system kube-proxy-wbnkq 1/1 Running 9 (3d2h ago) 57d 10.211.55.7 node2 <none> <none>
kube-system kube-scheduler-ubuntu-linux-22-04-desktop 1/1 Running 900 (3d ago) 439d 10.211.55.6 ubuntu-linux-22-04-desktop <none> <none>
sectest detector-5qvmq 1/1 Running 4 (3d ago) 21d 10.244.0.47 ubuntu-linux-22-04-desktop <none> <none>
sectest detector-kd6hm 1/1 Running 3 (3d2h ago) 21d 10.244.1.92 node2 网卡信息
node1
root@ubuntu-linux-22-04-desktop:/home/parallels/code/CloudPentestSuite# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: enp0s5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000link/ether 00:1c:42:23:16:2f brd ff:ff:ff:ff:ff:ffinet 10.211.55.6/24 metric 100 brd 10.211.55.255 scope global dynamic enp0s5valid_lft 1002sec preferred_lft 1002secinet6 fdb2:2c26:f4e4:0:21c:42ff:fe23:162f/64 scope global dynamic mngtmpaddr noprefixroute valid_lft 2591674sec preferred_lft 604474secinet6 fe80::21c:42ff:fe23:162f/64 scope link valid_lft forever preferred_lft forever
3: docker_gwbridge: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:a9:12:87:bc brd ff:ff:ff:ff:ff:ffinet 172.19.0.1/16 brd 172.19.255.255 scope global docker_gwbridgevalid_lft forever preferred_lft forever
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:95:9f:9c:b1 brd ff:ff:ff:ff:ff:ffinet 172.17.0.1/16 brd 172.17.255.255 scope global docker0valid_lft forever preferred_lft foreverinet6 fe80::42:95ff:fe9f:9cb1/64 scope link valid_lft forever preferred_lft forever
5: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default link/ether 2e:52:7e:36:bb:f6 brd ff:ff:ff:ff:ff:ffinet 10.244.0.0/32 scope global flannel.1valid_lft forever preferred_lft foreverinet6 fe80::2c52:7eff:fe36:bbf6/64 scope link valid_lft forever preferred_lft forever
6: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000link/ether 5e:2b:ff:49:bf:21 brd ff:ff:ff:ff:ff:ffinet 10.244.0.1/24 brd 10.244.0.255 scope global cni0valid_lft forever preferred_lft foreverinet6 fe80::5c2b:ffff:fe49:bf21/64 scope link valid_lft forever preferred_lft forever
7: veth8c1b6acf@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether 62:67:e7:13:1f:2e brd ff:ff:ff:ff:ff:ff link-netnsid 0inet6 fe80::6067:e7ff:fe13:1f2e/64 scope link valid_lft forever preferred_lft forever
8: vethbaadb61c@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether ca:ee:34:ac:90:d1 brd ff:ff:ff:ff:ff:ff link-netnsid 1inet6 fe80::c8ee:34ff:feac:90d1/64 scope link valid_lft forever preferred_lft forever
8: veth49d153e6@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether f2:d0:0f:78:59:37 brd ff:ff:ff:ff:ff:ff link-netnsid 2inet6 fe80::f0d0:fff:fe78:5937/64 scope link valid_lft forever preferred_lft forever
10: veth49b58a71@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether 4a:7d:06:37:d8:7d brd ff:ff:ff:ff:ff:ff link-netnsid 3inet6 fe80::487d:6ff:fe37:d87d/64 scope link valid_lft forever preferred_lft forever
11: vethd96bd702@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether 6a:a7:34:e5:00:86 brd ff:ff:ff:ff:ff:ff link-netnsid 4inet6 fe80::68a7:34ff:fee5:86/64 scope link valid_lft forever preferred_lft forever
12: veth7f1682e@if30: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default link/ether e6:a8:05:01:40:16 brd ff:ff:ff:ff:ff:ff link-netnsid 5inet6 fe80::e4a8:5ff:fe01:4016/64 scope link valid_lft forever preferred_lft forevernode2
root@node2:/home/parallels# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: enp0s5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000link/ether 00:1c:42:ea:e4:e4 brd ff:ff:ff:ff:ff:ffinet 10.211.55.7/24 brd 10.211.55.255 scope global enp0s5valid_lft forever preferred_lft foreverinet6 fdb2:2c26:f4e4:0:21c:42ff:feea:e4e4/64 scope global dynamic mngtmpaddr noprefixroute valid_lft 2591800sec preferred_lft 604600secinet6 fe80::21c:42ff:feea:e4e4/64 scope link valid_lft forever preferred_lft forever
3: br-2133897d2ca9: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:fe:62:1e:ce brd ff:ff:ff:ff:ff:ff
4: br-53b41bbd8455: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:0d:36:42:b5 brd ff:ff:ff:ff:ff:ffinet6 fe80::42:dff:fe36:42b5/64 scope link valid_lft forever preferred_lft forever
5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:0a:01:3e:44 brd ff:ff:ff:ff:ff:ff
15: veth3a2c643@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-53b41bbd8455 state UP group default link/ether 4e:ae:51:95:b0:96 brd ff:ff:ff:ff:ff:ff link-netnsid 1inet6 fe80::4cae:51ff:fe95:b096/64 scope link valid_lft forever preferred_lft forever
17: vethcf86640@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-53b41bbd8455 state UP group default link/ether b6:a5:9e:65:ee:ec brd ff:ff:ff:ff:ff:ff link-netnsid 0inet6 fe80::b4a5:9eff:fe65:eeec/64 scope link valid_lft forever preferred_lft forever
19: veth52d72dd@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-53b41bbd8455 state UP group default link/ether 82:b1:11:13:d4:0c brd ff:ff:ff:ff:ff:ff link-netnsid 2inet6 fe80::80b1:11ff:fe13:d40c/64 scope link valid_lft forever preferred_lft forever
34: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default link/ether be:22:e7:6f:f7:ef brd ff:ff:ff:ff:ff:ffinet 10.244.1.0/32 scope global flannel.1valid_lft forever preferred_lft foreverinet6 fe80::bc22:e7ff:fe6f:f7ef/64 scope link valid_lft forever preferred_lft forever
35: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000link/ether 92:63:7e:1c:2f:9d brd ff:ff:ff:ff:ff:ffinet 10.244.1.1/24 brd 10.244.1.255 scope global cni0valid_lft forever preferred_lft foreverinet6 fe80::9063:7eff:fe1c:2f9d/64 scope link valid_lft forever preferred_lft forever
36: vethd3d21947@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether 92:43:ba:8b:b6:78 brd ff:ff:ff:ff:ff:ff link-netnsid 4inet6 fe80::9043:baff:fe8b:b678/64 scope link valid_lft forever preferred_lft forever
37: veth31c95721@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether b6:ee:ea:c9:59:3a brd ff:ff:ff:ff:ff:ff link-netnsid 5inet6 fe80::b4ee:eaff:fec9:593a/64 scope link valid_lft forever preferred_lft forever
38: veth1b480f08@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether 7a:02:0b:ac:22:59 brd ff:ff:ff:ff:ff:ff link-netnsid 6inet6 fe80::6410:d3ff:fea2:2626/64 scope link valid_lft forever preferred_lft forever
25913: veth4ca56da@if25912: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-53b41bbd8455 state UP group default link/ether 0a:24:ac:9b:8b:07 brd ff:ff:ff:ff:ff:ff link-netnsid 3inet6 fe80::824:acff:fe9b:8b07/64 scope link valid_lft forever preferred_lft forever
root@node2:/home/parallels#
root@node2:/home/parallels#
root@node2:/home/parallels#
root@node2:/home/parallels#
root@node2:/home/parallels# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: enp0s5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000link/ether 00:1c:42:ea:e4:e4 brd ff:ff:ff:ff:ff:ffinet 10.211.55.7/24 brd 10.211.55.255 scope global enp0s5valid_lft forever preferred_lft foreverinet6 fdb2:2c26:f4e4:0:21c:42ff:feea:e4e4/64 scope global dynamic mngtmpaddr noprefixroute valid_lft 2591796sec preferred_lft 604596secinet6 fe80::21c:42ff:feea:e4e4/64 scope link valid_lft forever preferred_lft forever
3: br-2133897d2ca9: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:fe:62:1e:ce brd ff:ff:ff:ff:ff:ff
4: br-53b41bbd8455: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:0d:36:42:b5 brd ff:ff:ff:ff:ff:ffinet6 fe80::42:dff:fe36:42b5/64 scope link valid_lft forever preferred_lft forever
5: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default link/ether 02:42:0a:01:3e:44 brd ff:ff:ff:ff:ff:ff
15: veth3a2c643@if14: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-53b41bbd8455 state UP group default link/ether 4e:ae:51:95:b0:96 brd ff:ff:ff:ff:ff:ff link-netnsid 1inet6 fe80::4cae:51ff:fe95:b096/64 scope link valid_lft forever preferred_lft forever
17: vethcf86640@if16: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-53b41bbd8455 state UP group default link/ether b6:a5:9e:65:ee:ec brd ff:ff:ff:ff:ff:ff link-netnsid 0inet6 fe80::b4a5:9eff:fe65:eeec/64 scope link valid_lft forever preferred_lft forever
19: veth52d72dd@if18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-53b41bbd8455 state UP group default link/ether 82:b1:11:13:d4:0c brd ff:ff:ff:ff:ff:ff link-netnsid 2inet6 fe80::80b1:11ff:fe13:d40c/64 scope link valid_lft forever preferred_lft forever
34: flannel.1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default link/ether be:22:e7:6f:f7:ef brd ff:ff:ff:ff:ff:ffinet 10.244.1.0/32 scope global flannel.1valid_lft forever preferred_lft foreverinet6 fe80::bc22:e7ff:fe6f:f7ef/64 scope link valid_lft forever preferred_lft forever
35: cni0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000link/ether 92:63:7e:1c:2f:9d brd ff:ff:ff:ff:ff:ffinet 10.244.1.1/24 brd 10.244.1.255 scope global cni0valid_lft forever preferred_lft foreverinet6 fe80::9063:7eff:fe1c:2f9d/64 scope link valid_lft forever preferred_lft forever
36: vethd3d21947@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether 92:43:ba:8b:b6:78 brd ff:ff:ff:ff:ff:ff link-netnsid 4inet6 fe80::9043:baff:fe8b:b678/64 scope link valid_lft forever preferred_lft forever
37: veth31c95721@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether b6:ee:ea:c9:59:3a brd ff:ff:ff:ff:ff:ff link-netnsid 5inet6 fe80::b4ee:eaff:fec9:593a/64 scope link valid_lft forever preferred_lft forever
38: veth1b480f08@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master cni0 state UP group default link/ether 7a:02:0b:ac:22:59 brd ff:ff:ff:ff:ff:ff link-netnsid 6inet6 fe80::6410:d3ff:fea2:2626/64 scope link valid_lft forever preferred_lft forever
25963: veth6a3543e@if25962: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-53b41bbd8455 state UP group default link/ether a2:ca:b6:cd:19:7a brd ff:ff:ff:ff:ff:ff link-netnsid 3inet6 fe80::a0ca:b6ff:fecd:197a/64 scope link valid_lft forever preferred_lft forever
通过Docker运行容器
root@18c7d48fca76:/# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft forever
30: eth0@if31: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0valid_lft forever preferred_lft forever自身IP 失败
root@18c7d48fca76:/# curl https://172.17.0.2:10250/pods --insecure
curl: (7) Failed to connect to 172.17.0.2 port 10250 after 0 ms: Connection refused
docker0 成功
root@18c7d48fca76:/# curl https://172.17.0.1:10250/pods --insecure
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":[{"metadata":{"name":"coredns-6d8c4cb4d-7ll4q","generateName":"coredns-6d8c4cb4d-","namespace":"kube-system","uid":"a12aa7c3-ba0a-425e-ac58-96d372e6d473","resourceVersion":"13905304","creationTimestamp":"2023-11-02T09:41:34Z","labels":{"k8s-app":"kube-dns","pod-template-hash":"6d8c4cb4d"},"annotations":{"kubernetes.io/config.seen":"2025-01-12T12:24:55.886401680+08:00","kubernetes.io/config.source":"api"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"coredns-6d8c4cb4d","uid":"32c3b707-2c34-4bd0-bbc9-cc724c9ab8e3","controller":true,"blockOwnerDeletion":true}],"managedFields":[{"manager":"kube-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-11-02T09:41:34Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:k8s-app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\"32c3b707-2c34-4bd0-bbc9-cc724c9ab8e3\"}":{}}},"f:spec":{"f:containers":{"k:{\"name\":\"coredns\"}":{".":{},"f:args":{},"f:image":{},"f:imagePullPolicy":{},"f:livenessProbe":{".":{},"f:failureThreshold":{},"f:httpGet":{".":{},"f:path":{},"f:port":{},"f:scheme":{}},"f:initialDelaySeconds":{},"f:periodSeconds":{},"f:successThreshold":{},"f:timeoutSeconds":{}},"f:name":{},"f:ports":{".":{},"k:{\"containerPort\":53,\"protocol\":\"TCP\"}":{".":{},"f:containerPort":{},"f:name":{},"f:protocol":{}},"k:{\"contaiflannel.1 成功
root@18c7d48fca76:/# curl https://10.244.0.0:10250/pods --insecure
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":[{"metadata":{"name":"coredns-6d8c4cb4d-v2v6s","generateName":"coredns-6d8c4cb4d-","namespace":"kube-system","uid":"7fbaad56-7595-460a-9687-a295ed79b24c","resourceVersion":"13905287","creationTimestamp":"2023-11-02T09:41:34Z","labels":{"k8s-app":"kube-dns","pod-template-hash":"6d8c4cb4d"},"annotations":{"kubernetes.io/config.seen":"2025-01-12T12:24:55.886404222+08:00","kubernetes.io/config.source":"api"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"coredns-6d8c4cb4d","uid":"32c3b707-2c34-4bd0-bbc9-cc724c9ab8e3","controller":true,"blockOwnerDeletion":true}],"managedFields":[{"manager":"kube-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-11-02T09:41:34Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:k8s-app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\cni0 成功
root@18c7d48fca76:/# curl https://10.244.0.0:10250/pods --insecure
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":[{"metadata":{"name":"coredns-6d8c4cb4d-v2v6s","generateName":"coredns-6d8c4cb4d-","namespace":"kube-system","uid":"7fbaad56-7595-460a-9687-a295ed79b24c","resourceVersion":"13905287","creationTimestamp":"2023-11-02T09:41:34Z","labels":{"k8s-app":"kube-dns","pod-template-hash":"6d8c4cb4d"},"annotations":{"kubernetes.io/config.seen":"2025-01-12T12:24:55.886404222+08:00","kubernetes.io/config.source":"api"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"coredns-6d8c4cb4d","uid":"32c3b707-2c34-4bd0-bbc9-cc724c9ab8e3","controller":true,"blockOwnerDeletion":true}],"managedFields":[{"manager":"kube-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-11-02T09:41:34Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:k8s-app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\自身节点主机IP 成功
root@18c7d48fca76:/# curl https://10.211.55.6:10250/pods --insecure
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":[{"metadata":{"name":"kube-flannel-ds-fg7wh","generateName":"kube-flannel-ds-","namespace":"kube-flannel","uid":"cffe6a8a-c03b-4cab-aaf5-52af441f2b15","resourceVersion":"13864130","creationTimestamp":"2023-11-02T09:45:27Z","labels":{"app":"flannel","controller-revision-hash":"6b69bb98dd","pod-template-generation":"1","tier":"node"},"annotations":{"kubernetes.io/config.seen":"2025-01-12T12:24:55.886404972+08:00","kubernetes.io/config.source":"api"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"DaemonSet","name":"kube-flannel-ds","uid":"8beb07f0-980c-48a5-bdfa-ae1b5ca4bbca","controller":true,"blockOwnerDeletion":true}],"managedFields":[{"manager":"kube-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-11-02T09:45:27Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:app":{},"f:controller-revision-hash":{},"f:pod-template-generation":{},"f:tier":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\"8beb07f0-980c-48a5-bdfa-ae1b5ca4bbca\"}":{}}},"f:spec":{"f:affinity":{".":{},"f:nodeAffinity":{".":{},"f:requiredDuringSchedulingIgnoredDuringExecution":{}}},"f:containers":{"k:{\"name\":\"kube-flannel\"}":{".":{},"f:args":{},其他节点 成功(由于未开Kubelet未授权,所以用ping替代)
root@18c7d48fca76:/# ping 10.211.55.7
PING 10.211.55.7 (10.211.55.7): 56 data bytes
64 bytes from 10.211.55.7: icmp_seq=0 ttl=63 time=2.653 ms
64 bytes from 10.211.55.7: icmp_seq=1 ttl=63 time=0.610 ms
^C--- 10.211.55.7 ping statistics ---通过k8s容器运行的容器
root@escaper:/home# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft forever
2: eth0@if27: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default link/ether 46:a7:ed:f5:62:a7 brd ff:ff:ff:ff:ff:ff link-netnsid 0inet 10.244.0.53/24 brd 10.244.0.255 scope global eth0valid_lft forever preferred_lft forever自身IP 失败
root@escaper:/home# curl https://10.244.0.53:10250/pods --insecure
curl: (7) Failed to connect to 10.244.0.53 port 10250 after 0 ms: Connection refuseddocker0 成功
root@18c7d48fca76:/# curl https://172.17.0.1:10250/pods --insecure
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":[{"metadata":{"name":"coredns-6d8c4cb4d-7ll4q","generateName":"coredns-6d8c4cb4d-","namespace":"kube-system","uid":"a12aa7c3-ba0a-425e-ac58-96d372e6d473","resourceVersion":"13905304","creationTimestamp":"2023-11-02T09:41:34Z","labels":{"k8s-app":"kube-dns","pod-template-hash":"6d8c4cb4d"},"annotations":{"kubernetes.io/config.seen":"2025-01-12T12:24:55.886401680+08:00","kubernetes.io/config.source":"api"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"coredns-6d8c4cb4d","uid":"32c3b707-2c34-4bd0-bbc9-cc724c9ab8e3","controller":true,"blockOwnerDeletion":true}],"managedFields":[{"manager":"kube-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-11-02T09:41:34Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:k8s-app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\"32c3b707-2c34-4bd0-bbc9-cc724c9ab8e3\"}":{}}},"f:spec":{"f:containers":{"k:{\"name\":\"coredns\"}":{".":{},"f:args":{},"f:image":{},"f:imagePullPolicy":{},"f:livenessProbe":{".":{},"f:failureThreshold":{},"f:httpGet":{".":{},"f:path":{},"f:port":{},"f:scheme":{}},"f:initialDelaySeconds":{},"f:periodSeconds":{},"f:successThreshold":{},"f:timeoutSeconds":{}},"f:name":{},"f:ports":{".":{},"k:{\"containerPort\":53,\"protocol\":\"TCP\"}":{".":{},"f:containerPort":{},"f:name":{},"f:protocol":{}},"k:{\"contaiflannel.1 成功
root@18c7d48fca76:/# curl https://10.244.0.0:10250/pods --insecure
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":[{"metadata":{"name":"coredns-6d8c4cb4d-v2v6s","generateName":"coredns-6d8c4cb4d-","namespace":"kube-system","uid":"7fbaad56-7595-460a-9687-a295ed79b24c","resourceVersion":"13905287","creationTimestamp":"2023-11-02T09:41:34Z","labels":{"k8s-app":"kube-dns","pod-template-hash":"6d8c4cb4d"},"annotations":{"kubernetes.io/config.seen":"2025-01-12T12:24:55.886404222+08:00","kubernetes.io/config.source":"api"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"coredns-6d8c4cb4d","uid":"32c3b707-2c34-4bd0-bbc9-cc724c9ab8e3","controller":true,"blockOwnerDeletion":true}],"managedFields":[{"manager":"kube-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-11-02T09:41:34Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:k8s-app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\cni0 成功
root@18c7d48fca76:/# curl https://10.244.0.0:10250/pods --insecure
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":[{"metadata":{"name":"coredns-6d8c4cb4d-v2v6s","generateName":"coredns-6d8c4cb4d-","namespace":"kube-system","uid":"7fbaad56-7595-460a-9687-a295ed79b24c","resourceVersion":"13905287","creationTimestamp":"2023-11-02T09:41:34Z","labels":{"k8s-app":"kube-dns","pod-template-hash":"6d8c4cb4d"},"annotations":{"kubernetes.io/config.seen":"2025-01-12T12:24:55.886404222+08:00","kubernetes.io/config.source":"api"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"coredns-6d8c4cb4d","uid":"32c3b707-2c34-4bd0-bbc9-cc724c9ab8e3","controller":true,"blockOwnerDeletion":true}],"managedFields":[{"manager":"kube-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-11-02T09:41:34Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:k8s-app":{},"f:pod-template-hash":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\自身节点IP
root@18c7d48fca76:/# curl https://10.211.55.6:10250/pods --insecure
{"kind":"PodList","apiVersion":"v1","metadata":{},"items":[{"metadata":{"name":"kube-flannel-ds-fg7wh","generateName":"kube-flannel-ds-","namespace":"kube-flannel","uid":"cffe6a8a-c03b-4cab-aaf5-52af441f2b15","resourceVersion":"13864130","creationTimestamp":"2023-11-02T09:45:27Z","labels":{"app":"flannel","controller-revision-hash":"6b69bb98dd","pod-template-generation":"1","tier":"node"},"annotations":{"kubernetes.io/config.seen":"2025-01-12T12:24:55.886404972+08:00","kubernetes.io/config.source":"api"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"DaemonSet","name":"kube-flannel-ds","uid":"8beb07f0-980c-48a5-bdfa-ae1b5ca4bbca","controller":true,"blockOwnerDeletion":true}],"managedFields":[{"manager":"kube-controller-manager","operation":"Update","apiVersion":"v1","time":"2023-11-02T09:45:27Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:generateName":{},"f:labels":{".":{},"f:app":{},"f:controller-revision-hash":{},"f:pod-template-generation":{},"f:tier":{}},"f:ownerReferences":{".":{},"k:{\"uid\":\"8beb07f0-980c-48a5-bdfa-ae1b5ca4bbca\"}":{}}},"f:spec":{"f:affinity":{".":{},"f:nodeAffinity":{".":{},"f:requiredDuringSchedulingIgnoredDuringExecution":{}}},"f:containers":{"k:{\"name\":\"kube-flannel\"}":{".":{},"f:args":{},参考
Lateral movement risks in the cloud and how to prevent them – Part 2: from compromised container to cloud takeover | Wiz Blog
An Insight into RSAC 2023: Lateral Movement in Kubernetes - NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Lateral Movement - Threat Matrix for Kubernetes
Taking a look at the Kube-Proxy API
相关文章:
容器渗透横向
本质上要获得 1.获得容器IP段 2.获得主机IP段 3.获得本机IP 4.通过CNI或Docker0等扫描本机端口 Flannel 容器信息 rootubuntu-linux-22-04-desktop:/home/parallels/Desktop# k get po -A -o wide NAMESPACE NAME …...
黑马Java面试教程_P1_导学与准备篇
系列博客目录 文章目录 系列博客目录导学Why?举例 准备篇企业是如何筛选简历的(筛选简历的规则)HR如何筛选简历部门负责人筛选简历 简历注意事项简历整体结构个人技能该如何描述项目该如何描述 应届生该如何找到合适的练手项目项目来源找到项目后,如何深入学习项目…...
《自动驾驶与机器人中的SLAM技术》ch4:预积分学
目录 1 预积分的定义 2 预积分的测量模型 ( 预积分的测量值可由 IMU 的测量值积分得到 ) 2.1 旋转部分 2.2 速度部分 2.3 平移部分 2.4 将预积分测量和误差式代回最初的定义式 3 预积分的噪声模型和协方差矩阵 3.1 旋转部分 3.2 速度部分 3.3 平移部分 3.4 噪声项合并 4 零偏的…...
Docker部署MySQL 5.7:持久化数据的实战技巧
在生产环境中使用Docker启动MySQL 5.7时,需要考虑数据持久化、配置文件管理、安全性等多个方面。以下是一个详细的步骤指南。 1. 准备工作 (1)创建挂载目录 在宿主机上创建用于挂载的目录,以便持久化数据和配置文件。 sudo mkdi…...
Spring框架 了解
深入浅出Spring框架:为初学者量身定制的入门指南 引言 在现代Java开发中,Spring框架无疑是构建企业级应用的核心技术之一。无论是初学者还是经验丰富的开发者,掌握Spring都能极大地提升你的编程技能和项目开发效率。本文将带你深入了解Spri…...
低代码独特架构带来的编译难点及多线程解决方案
前言 在当今软件开发领域,低代码平台以其快速构建应用的能力,吸引了众多开发者与企业的目光。然而,低代码平台独特的架构在带来便捷的同时,也给编译过程带来了一系列棘手的难点。 一,低代码编译的难点 (1…...
如何使用Ultralytics训练自己的yolo5 yolo8 yolo10 yolo11等目标检测模型
Ultralytics正在以惊人的速度吸收优秀的CV算法,之前Ultralytics定位于YOLOV8,但逐渐地扩展到支持其他版本的YOLO,最新版本的ultralytics全面支持yolo5 yolo7 yolo8 yolo9 yolo10 yolo11,包含模型的训练、验证、预测、部署等。毫无…...
Java技术栈 —— Andorid开发入门
Java技术栈 —— Andorid开发入门 一、搭建开发环境二、HelloWorld三、将Andorid项目打包成APK文件,并安装至手机上四、开发常见问题 一、搭建开发环境 不用Intellij,而是用Andorid Studio(免费),这是专门给Andorid的IDE。 参考文章或视频链…...
Qt天气预报系统获取天气数据
Qt天气预报系统获取天气数据 1、获取天气数据1.1添加天气类头文件1.2定义今天和未来几天天气数据类1.3定义一个解析JSON数据的函数1.4在mainwindow中添加weatherData.h1.5创建今天天气数据和未来几天天气数据对象1.6添加parseJson定义1.7把解析JSON数据添加进去1.8添加错误1.9解…...
力扣 搜索二维矩阵
二分查找,闭区间与开区间的不同解法。 题目 乍一看,不是遍历一下找到元素就可以了。 class Solution {public boolean searchMatrix(int[][] matrix, int target) {for (int[] ints : matrix) {for (int ans : ints) {if (ans target) return true;}}…...
JavaScript 操作符与表达式
Hi, 我是布兰妮甜,编写流畅、愉悦用户体验的程序员。JavaScript 是一种功能强大且灵活的编程语言,广泛应用于前端和后端开发。它提供了一系列丰富的操作符和表达式来处理数据、执行逻辑判断以及控制程序流程。理解这些概念对于编写高效、可读性强的代码至…...
深度学习 Pytorch 张量(Tensor)的创建和常用方法
1 张量的基本创建及其类型 和Numpy中的array一样,张量的本质也是结构化地组织了大量的数据。 并且在实际操作中,张量的创建和基本功能也与其非常类似。 1.1 张量(Tensor)函数创建方法 张量的最基本创建方法和Numpy中创建Array的格式一致。 # Numpy创建…...
在VMwareFusion中使用Ubuntu
在VMwareFusion使用Ubuntu 在VMwareFusion使用Ubuntu背景在VMwareFusion虚拟机里使用Ubuntu1、集成桌面工具2、主机和虚拟机之间共享剪贴板内容3、设置root用户密码4、设置静态ip4.1、静态ip和动态ip的区别4.2、查看当前ip4.2、linux网络配置文件所在位置4.3、基于ubuntu22.04.…...
%.*s——C语言中printf 函数中的一种格式化输出方式
在C语言中,%.*s 是 printf 函数中的一种格式化输出方式,用于控制字符串的输出长度。具体来说,%.*s 中的 * 表示输出宽度(即最多输出的字符数)是一个变量,这个变量的值在运行时通过 printf 函数的参数传递。…...
基于微信小程序的摄影竞赛系统设计与实现(LW+源码+讲解)
专注于大学生项目实战开发,讲解,毕业答疑辅导,欢迎高校老师/同行前辈交流合作✌。 技术范围:SpringBoot、Vue、SSM、HLMT、小程序、Jsp、PHP、Nodejs、Python、爬虫、数据可视化、安卓app、大数据、物联网、机器学习等设计与开发。 主要内容:…...
hydra破解密码
hydra九头蛇是常用的密码破解工具 1、破解centos ssh密码 hydra -l root -P password.txt ssh://192.168.1.107:2222 hydra -l root -P password.txt -s 2222 192.168.1.107 ssh2、破解ftp hydra -l allen -P e:\aa.txt ftp://127.0.0.1 hydra -l allen -P e:\aa.txt ftp:…...
JAVA之外观模式
外观模式,又称门面模式,是一种结构型设计模式,旨在为复杂的子系统提供一个统一且简化的接口。通过这一模式,客户端可以更加便捷地与子系统交互,而无需深入了解其内部结构和实现细节。外观模式不仅简化了客户端的使用&a…...
如何选择合适的服务器?服务器租赁市场趋势分析
服务器租赁市场概览 服务器租赁 market可以分为两种类型:按小时、按月和按年,每种模式都有其特点和适用场景,按小时租赁是最经济实惠的选择,适用于短期需求;按月租赁则适合中长期使用;而按年租赁则是最灵活…...
CentOS 下载软件时报Error: Failed to synchronize cache for repo ‘AppStream‘解决方法
下载软件时出现以下问题 直接把CentOS-AppStream.repo改个名字就行 cd /etc/yum.repos.d/ mv CentOS-AppStream.repo CentOS-AppStream.repo.bak就可以了 解决思路 把AI问遍,无人会,解决法 想要下载软件通通失败了,解决方法当然是问AI&am…...
鲍厚霖:引领AI广告创新,搭建中美合作桥梁
2024年是鲍厚霖和她领导的超能S咨询公司(Triple S AI)收获颇丰的一年。这一年中,她以卓越的战略眼光和创新能力,为中美教育、文化与技术的深度融合注入了新的活力。2025年,Triple S AI计划推出全新2.0版本平台,进一步深化人工智能驱动的营销与文化合作领域,推动产业变革与社会福…...
学习记录1
[SUCTF 2019]EasyWeb 直接给了源代码,分析一下 <?php function get_the_flag(){// webadmin will remove your upload file every 20 min!!!! $userdir "upload/tmp_".md5($_SERVER[REMOTE_ADDR]);if(!file_exists($userdir)){mkdir($userdir);}if…...
【Gossip 协议】Golang的实现库Memberlist 库简介
Gossip 协议简介 Gossip 协议是一种分布式协议,用于在节点之间传播信息,常用于成员管理、故障检测、服务发现等场景。在这个协议中,每个节点定期与其他节点交换信息,最终保证所有节点达到一致的状态。它的工作原理类似于人群中的…...
LDD3学习7--硬件接口I/O端口(以short为例)
1 理论 1.1 基本概念 目前对外设的操作,都是通过寄存器。寄存器的概念,其实就是接口,访问硬件接口,有I/O端口通信和内存映射I/O (Memory-Mapped I/O),I/O端口通信是比较老的那种,都是老的串口并口设备&am…...
openharmony电源管理子系统
电源管理子系统 简介目录使用说明相关仓 简介 电源管理子系统提供如下功能: 重启服务:系统重启和下电。系统电源管理服务:系统电源状态管理和休眠运行锁管理。显示相关的能耗调节:包括根据环境光调节背光亮度,和根…...
【Rust自学】13.4. 闭包 Pt.4:使用闭包捕获环境
13.4.0. 写在正文之前 Rust语言在设计过程中收到了很多语言的启发,而函数式编程对Rust产生了非常显著的影响。函数式编程通常包括通过将函数作为值传递给参数、从其他函数返回它们、将它们分配给变量以供以后执行等等。 在本章中,我们会讨论 Rust 的一…...
在 macOS 上,用命令行连接 MySQL(/usr/local/mysql/bin/mysql -u root -p)
根据你提供的文件内容,MySQL 的安装路径是 /usr/local/mysql。要直接使用 mysql 命令,你需要找到 mysql 可执行文件的路径。 在 macOS 上,mysql 客户端通常位于 MySQL 安装目录的 bin 子目录中。因此,完整的路径应该是࿱…...
mono3d汇总
lidar坐标系 lidar坐标系可以简单归纳为标准lidar坐标系和nucense lidar坐标系,参考链接。这个坐标系和车辆的ego坐标系是一致的。 标准lidar坐标系 opendet3d,mmdetection3d和kitt都i使用了该坐标系 up z^ x front| /| /left y <------ 0kitti采…...
K8S 节点选择器
今天我们来实验 pod 调度的 nodeName 与 nodeSelector。官网描述如下: 假设有如下三个节点的 K8S 集群: k8s31master 是控制节点 k8s31node1、k8s31node2 是工作节点 容器运行时是 containerd 一、镜像准备 1.1、镜像拉取 docker pull tomcat:8.5-jre8…...
【2024年华为OD机试】 (C卷,200分)- 反射计数(Java JS PythonC/C++)
一、问题描述 题目解析 题目描述 给定一个包含 0 和 1 的二维矩阵,一个物体从给定的初始位置出发,在给定的速度下进行移动。遇到矩阵的边缘时会发生镜面反射。无论物体经过 0 还是 1,都不影响其速度。请计算并给出经过 t 时间单位后&#…...
AI编程工具使用技巧——通义灵码
活动介绍通义灵码1. 理解通义灵码的基本概念示例代码生成 2. 使用明确的描述示例代码生成 3. 巧妙使用注释示例代码生成 4. 注意迭代与反馈原始代码反馈后生成优化代码 5. 结合生成的代码进行调试示例测试代码 其他功能定期优化生成的代码合作与分享结合其他工具 总结 活动介绍…...