Custom Metasploit Module for CVE 2023-2728 and CVE 2024-3177 Description This custom module exploits CVE 2023-2728 and CVE 2024-3177 in Kubernetes versions that are vulnerables to each of them (e.g. v1.27.2 is vulnerable to both), both related to bypassing the imposition of the mountable secrets policy imposed by the ServiceAccount admission plugin in Kubernetes, with different types of containers and strategies. The main objective is to obtain the desired secrets and present them in the environment variables in an attractive way for the user. Verification Steps Create or acquire the credentials Start msfconsole Do: use auxiliary/cloud/kubernetes/double_secrets_cve Set the required options Do: run. You should see the secrets highlighted in red specified in the SECRET_NAME option. Options CONTAINER_TYPE Defines the type of container to use in the Pod that is created in the target cluster to exploit the vulnerability. It can be normal (equivalent to regular containers), init, or ephemeral. CVE Allows you to select the vulnerability you want to exploit. The available options are 2024-3177 and 2023-2728. If any other vulnerability is specified, the module will not recognize it and will give an error, which is a normal result. IMAGE Specifies the container image to use to create the Pod, such as busybox, the default option, since it is a very useful image due to its lightness and versatility, grouping multiple Linux utilities in a single and small executable and combining theā¦Read More