Skip to content

Instantly share code, notes, and snippets.

@Esonhugh

Esonhugh/kubectl-hack

Last active April 5, 2023 13:55
Show Gist options
  • Save Esonhugh/bdb1c4c2bb3cb50b3a93bfbe5f05c1ff to your computer and use it in GitHub Desktop.
Save Esonhugh/bdb1c4c2bb3cb50b3a93bfbe5f05c1ff to your computer and use it in GitHub Desktop.
Download ZIP
kubectl api token abuse function named kube
Raw
kubectl-hack
#!/usr/bin/env $SHELL
# Author: Esonhugh
# Date: 2023/04/05 21:01
function kube() {
if [[ "$1" == "help" ]]
then
echo "============================================ KubeHack ============================================"
echo "version\t\tkubectl hack plugin version."
echo "server\t\tset env var.value is the kube api server endpoint. Example: https://127.0.0.1:6443"
echo "token\t\tset env var.value is the service account or other JWT token. Example: eyJhxx.x.x"
echo "*\t\texecute kubectl comamnd with server and token"
echo "help\t\tThis help banner"
echo "=================================================================================================="
return
fi
echo "KubeHack Plugin is waiting your order. use "kube help" to get usage"
if [[ "$1" == "version" ]]
then
echo "1.0.0"
return
fi
if [[ "$1" == "server" ]]
then
export KUBE_HACK_PLUGIN_VAR_SERVER=$2
echo "successfully set KUBE_HACK_PLUGIN_VAR_SERVER as $KUBE_HACK_PLUGIN_VAR_SERVER"
return
fi
if [[ "$1" == "token" ]]
then
export KUBE_HACK_PLUGIN_VAR_TOKEN=$2
echo "successfully set KUBE_HACK_PLUGIN_VAR_TOKEN as $KUBE_HACK_PLUGIN_VAR_TOKEN"
return
fi
echo "Executing command: kubectl --token=${KUBE_HACK_PLUGIN_VAR_TOKEN:0:7}...${KUBE_HACK_PLUGIN_VAR_TOKEN: -7} --server=$KUBE_HACK_PLUGIN_VAR_SERVER --insecure-skip-tls-verify=true $@"
kubectl --token=$KUBE_HACK_PLUGIN_VAR_TOKEN --server=$KUBE_HACK_PLUGIN_VAR_SERVER --insecure-skip-tls-verify=true $@
return
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment