The configuration contained transport layer security (TLS) bootstrap tokens that the attacker could extract and use to perform a TLS bootstrap attack. This would grant the attacker the ability to read all secrets within the cluster.
Notably, the attack did not require the compromised Pod to be running with hostNetwork enabled or as the root user. This significantly expanded the attack surface.
The attack involved accessing the undocumented Azure WireServer component at http://168.63.129.16/machine/?comp=goalstate and the HostGAPlugin endpoint at http://168.63.129.16:32526/vmSettings.
The attacker could retrieve a key from the WireServer to decrypt protected settings values. They could then request the JSON document from HostGAPlugin, parse it, and Base64 decode it to obtain the encrypted provisioning script (protected_settings.bin).
Using the WireServer key, the attacker could decrypt protected_settings.bin to access the cluster’s provisioning script (cse_cmd.sh). This script contained several secrets as environment variables, including:
- KUBELET_CLIENT_CONTENT – Generic Node TLS Key
- KUBELET_CLIENT_CERT_CONTENT – Generic Node TLS Certificate
- KUBELET_CA_CRT – Kubernetes CA Certificate
- TLS_BOOTSTRAP_TOKEN – TLS Bootstrap Authentication Token
Exploiting the Vulnerability
InfoSec services | InfoSec books | Follow our blog | DISC llc is listed on The vCISO Directory | ISO 27k Chat bot