├── README.md ├── appendix ├── 100_云计算简介.pdf ├── 101_代码安全.pdf ├── 200_容器技术.pdf ├── 201_容器编排.pdf ├── 202_微服务.pdf ├── 203_服务网格.pdf ├── 204_DevOps.pdf ├── CVE-2017-1002101:突破隔离访问宿主机文件系统.pdf ├── CVE-2018-1002103:远程代码执行与虚拟机逃逸.pdf ├── CVE-2020-8595:Istio认证绕过.pdf └── 靶机实验:综合场景下的渗透实战.pdf ├── code ├── 0302-开发侧攻击 │ ├── 02-CVE-2018-15664 │ │ └── symlink_race │ │ │ ├── build │ │ │ ├── Dockerfile │ │ │ └── symlink_swap.c │ │ │ ├── run_read.sh │ │ │ └── run_write.sh │ └── 03-CVE-2019-14271 │ │ ├── breakout │ │ └── file-service.c ├── 0303-供应链攻击 │ ├── 01-CVE-2019-5021-alpine │ │ └── Dockerfile │ └── 02-CVE-2016-5195-malicious-image │ │ └── build.sh ├── 0304-运行时攻击 │ ├── 01-容器逃逸 │ │ ├── CVE-2016-5195 │ │ │ ├── 0xdeadbeef.c │ │ │ ├── Makefile │ │ │ └── payload.s │ │ ├── CVE-2019-5736 │ │ │ └── main.go │ │ ├── cause-core-dump.c │ │ └── tmp-dot-x.py │ ├── 02-安全容器逃逸 │ │ ├── build.sh │ │ ├── change_container_runtime.sh │ │ ├── clean_kata.sh │ │ ├── docker │ │ │ ├── Dockerfile │ │ │ ├── attack.sh │ │ │ ├── bash │ │ │ └── evil_bin │ │ ├── evil_agent_src │ │ │ ├── grpc.go │ │ │ └── mount.go │ │ ├── evil_bin.c │ │ ├── exploit.sh │ │ ├── get_kata_src.sh │ │ └── install_kata.sh │ └── 03-资源耗尽型攻击 │ │ ├── exhaust_cpu.sh │ │ ├── exhaust_disk.sh │ │ ├── exhaust_mem.sh │ │ └── exhaust_pid.sh ├── 0402-Kubernetes组件不安全配置 │ └── deploy_escape_pod_on_remote_host.sh ├── 0403-CVE-2018-1002105 │ ├── attacker.yaml │ ├── cve_2018_1002105_namespace.yaml │ ├── cve_2018_1002105_pod.yaml │ ├── cve_2018_1002105_role.yaml │ ├── cve_2018_1002105_role_binding.yaml │ ├── exploit.py │ └── test-token.csv ├── 0404-K8s拒绝服务攻击 │ ├── CVE-2019-11253-poc.sh │ └── CVE-2019-9512-poc.py └── 0405-云原生网络攻击 │ ├── Dockerfile │ ├── attacker.yaml │ ├── build_image.sh │ ├── cleanup.sh │ ├── exploit.sh │ ├── k8s_dns_mitm.py │ └── victim.yaml └── images ├── book.jpg └── yjtx.png /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/README.md -------------------------------------------------------------------------------- /appendix/100_云计算简介.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/100_云计算简介.pdf -------------------------------------------------------------------------------- /appendix/101_代码安全.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/101_代码安全.pdf -------------------------------------------------------------------------------- /appendix/200_容器技术.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/200_容器技术.pdf -------------------------------------------------------------------------------- /appendix/201_容器编排.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/201_容器编排.pdf -------------------------------------------------------------------------------- /appendix/202_微服务.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/202_微服务.pdf -------------------------------------------------------------------------------- /appendix/203_服务网格.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/203_服务网格.pdf -------------------------------------------------------------------------------- /appendix/204_DevOps.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/204_DevOps.pdf -------------------------------------------------------------------------------- /appendix/CVE-2017-1002101:突破隔离访问宿主机文件系统.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/CVE-2017-1002101:突破隔离访问宿主机文件系统.pdf -------------------------------------------------------------------------------- /appendix/CVE-2018-1002103:远程代码执行与虚拟机逃逸.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/CVE-2018-1002103:远程代码执行与虚拟机逃逸.pdf -------------------------------------------------------------------------------- /appendix/CVE-2020-8595:Istio认证绕过.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/CVE-2020-8595:Istio认证绕过.pdf -------------------------------------------------------------------------------- /appendix/靶机实验:综合场景下的渗透实战.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/appendix/靶机实验:综合场景下的渗透实战.pdf -------------------------------------------------------------------------------- /code/0302-开发侧攻击/02-CVE-2018-15664/symlink_race/build/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0302-开发侧攻击/02-CVE-2018-15664/symlink_race/build/Dockerfile -------------------------------------------------------------------------------- /code/0302-开发侧攻击/02-CVE-2018-15664/symlink_race/build/symlink_swap.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0302-开发侧攻击/02-CVE-2018-15664/symlink_race/build/symlink_swap.c -------------------------------------------------------------------------------- /code/0302-开发侧攻击/02-CVE-2018-15664/symlink_race/run_read.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0302-开发侧攻击/02-CVE-2018-15664/symlink_race/run_read.sh -------------------------------------------------------------------------------- /code/0302-开发侧攻击/02-CVE-2018-15664/symlink_race/run_write.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0302-开发侧攻击/02-CVE-2018-15664/symlink_race/run_write.sh -------------------------------------------------------------------------------- /code/0302-开发侧攻击/03-CVE-2019-14271/breakout: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0302-开发侧攻击/03-CVE-2019-14271/breakout -------------------------------------------------------------------------------- /code/0302-开发侧攻击/03-CVE-2019-14271/file-service.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0302-开发侧攻击/03-CVE-2019-14271/file-service.c -------------------------------------------------------------------------------- /code/0303-供应链攻击/01-CVE-2019-5021-alpine/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0303-供应链攻击/01-CVE-2019-5021-alpine/Dockerfile -------------------------------------------------------------------------------- /code/0303-供应链攻击/02-CVE-2016-5195-malicious-image/build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0303-供应链攻击/02-CVE-2016-5195-malicious-image/build.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/01-容器逃逸/CVE-2016-5195/0xdeadbeef.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/01-容器逃逸/CVE-2016-5195/0xdeadbeef.c -------------------------------------------------------------------------------- /code/0304-运行时攻击/01-容器逃逸/CVE-2016-5195/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/01-容器逃逸/CVE-2016-5195/Makefile -------------------------------------------------------------------------------- /code/0304-运行时攻击/01-容器逃逸/CVE-2016-5195/payload.s: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/01-容器逃逸/CVE-2016-5195/payload.s -------------------------------------------------------------------------------- /code/0304-运行时攻击/01-容器逃逸/CVE-2019-5736/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/01-容器逃逸/CVE-2019-5736/main.go -------------------------------------------------------------------------------- /code/0304-运行时攻击/01-容器逃逸/cause-core-dump.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/01-容器逃逸/cause-core-dump.c -------------------------------------------------------------------------------- /code/0304-运行时攻击/01-容器逃逸/tmp-dot-x.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/01-容器逃逸/tmp-dot-x.py -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/build.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/change_container_runtime.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/change_container_runtime.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/clean_kata.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/clean_kata.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/docker/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/docker/Dockerfile -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/docker/attack.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/docker/attack.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/docker/bash: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/docker/bash -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/docker/evil_bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/docker/evil_bin -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/evil_agent_src/grpc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/evil_agent_src/grpc.go -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/evil_agent_src/mount.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/evil_agent_src/mount.go -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/evil_bin.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/evil_bin.c -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/exploit.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/exploit.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/get_kata_src.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/get_kata_src.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/02-安全容器逃逸/install_kata.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/02-安全容器逃逸/install_kata.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/03-资源耗尽型攻击/exhaust_cpu.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/03-资源耗尽型攻击/exhaust_cpu.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/03-资源耗尽型攻击/exhaust_disk.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/03-资源耗尽型攻击/exhaust_disk.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/03-资源耗尽型攻击/exhaust_mem.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0304-运行时攻击/03-资源耗尽型攻击/exhaust_mem.sh -------------------------------------------------------------------------------- /code/0304-运行时攻击/03-资源耗尽型攻击/exhaust_pid.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | :() { :|:& };: -------------------------------------------------------------------------------- /code/0402-Kubernetes组件不安全配置/deploy_escape_pod_on_remote_host.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0402-Kubernetes组件不安全配置/deploy_escape_pod_on_remote_host.sh -------------------------------------------------------------------------------- /code/0403-CVE-2018-1002105/attacker.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0403-CVE-2018-1002105/attacker.yaml -------------------------------------------------------------------------------- /code/0403-CVE-2018-1002105/cve_2018_1002105_namespace.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0403-CVE-2018-1002105/cve_2018_1002105_namespace.yaml -------------------------------------------------------------------------------- /code/0403-CVE-2018-1002105/cve_2018_1002105_pod.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0403-CVE-2018-1002105/cve_2018_1002105_pod.yaml -------------------------------------------------------------------------------- /code/0403-CVE-2018-1002105/cve_2018_1002105_role.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0403-CVE-2018-1002105/cve_2018_1002105_role.yaml -------------------------------------------------------------------------------- /code/0403-CVE-2018-1002105/cve_2018_1002105_role_binding.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0403-CVE-2018-1002105/cve_2018_1002105_role_binding.yaml -------------------------------------------------------------------------------- /code/0403-CVE-2018-1002105/exploit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0403-CVE-2018-1002105/exploit.py -------------------------------------------------------------------------------- /code/0403-CVE-2018-1002105/test-token.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0403-CVE-2018-1002105/test-token.csv -------------------------------------------------------------------------------- /code/0404-K8s拒绝服务攻击/CVE-2019-11253-poc.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0404-K8s拒绝服务攻击/CVE-2019-11253-poc.sh -------------------------------------------------------------------------------- /code/0404-K8s拒绝服务攻击/CVE-2019-9512-poc.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0404-K8s拒绝服务攻击/CVE-2019-9512-poc.py -------------------------------------------------------------------------------- /code/0405-云原生网络攻击/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0405-云原生网络攻击/Dockerfile -------------------------------------------------------------------------------- /code/0405-云原生网络攻击/attacker.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0405-云原生网络攻击/attacker.yaml -------------------------------------------------------------------------------- /code/0405-云原生网络攻击/build_image.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | docker build -t k8s_dns_mitm:1.0 . -------------------------------------------------------------------------------- /code/0405-云原生网络攻击/cleanup.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0405-云原生网络攻击/cleanup.sh -------------------------------------------------------------------------------- /code/0405-云原生网络攻击/exploit.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0405-云原生网络攻击/exploit.sh -------------------------------------------------------------------------------- /code/0405-云原生网络攻击/k8s_dns_mitm.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0405-云原生网络攻击/k8s_dns_mitm.py -------------------------------------------------------------------------------- /code/0405-云原生网络攻击/victim.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/code/0405-云原生网络攻击/victim.yaml -------------------------------------------------------------------------------- /images/book.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/images/book.jpg -------------------------------------------------------------------------------- /images/yjtx.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Metarget/cloud-native-security-book/HEAD/images/yjtx.png --------------------------------------------------------------------------------