利用 gateway-api 攻击 kubernetes
Tags
| attack-pattern: | Data Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | d69bce94-ab8f-4b0d-b9f6-48d5cf2c4f89 |
| Fingerprint | 25105f4b3eb5d1c5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | March 17, 2022, midnight |
| Added to db | Jan. 18, 2023, 7:58 p.m. |
| Last updated | Nov. 17, 2024, 5:55 p.m. |
| Headline | root@cyberworld:~# Noah Lab |
| Title | 利用 gateway-api 攻击 kubernetes |
| Detected Hints/Tags/Attributes | 15/1/19 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://noahblog.360.cn/abuse-gateway-api-attack-kubernetes/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 1 | cve-2022-21701 |
|
| Details | Domain | 1 | sidecar.istio.io |
|
| Details | Domain | 5 | admissionregistration.k8s.io |
|
| Details | Domain | 1 | inject.istio.io |
|
| Details | Domain | 1 | annotation.injecttemplates.name |
|
| Details | Domain | 1 | template.new |
|
| Details | Domain | 1 | gateways.gateway.networking.k8s.io |
|
| Details | Domain | 1 | gateway.istio.io |
|
| Details | Domain | 5 | istio.io |
|
| Details | Domain | 1 | gateway.networking.k8s.io |
|
| Details | Domain | 19 | rbac.authorization.k8s.io |
|
| Details | Domain | 41 | docker.io |
|
| Details | Domain | 831 | example.com |
|
| Details | Domain | 1 | deployment.kubernetes.io |
|
| Details | File | 1 | sprig.txt |
|
| Details | File | 25 | log.inf |
|
| Details | File | 17 | t.exe |
|
| Details | Mandiant Temporary Group Assumption | 1 | TEMP.FUNCS |
|
| Details | Url | 1 | https://istio.io/downloadistio |