Kubernetes: Kubernetes Dashboard

Tesla was famously hacked for leaving this open and it’s pretty rare to find it exposed externally now but useful to know what it is and what you can do with it.

Usually found on port 30000

kube-hunter finding for it:

Vulnerabilities
+———————–+—————+———————-+———————-+——————+
| LOCATION              | CATEGORY      | VULNERABILITY        | DESCRIPTION          | EVIDENCE         |
+———————–+—————+———————-+———————-+——————+
| 1.2.3.4:30000         | Remote Code   | Dashboard Exposed    | All oprations on the | nodes: pach-okta |
|                       | Execution     |                      | cluster are exposed  |                  |
+———————–+—————+———————-+———————-+——————+

Why do you care?  It has access to all pods and secrets within the cluster. So rather than using command line tools to get secrets or run code you can just do it in a web browser.

Screenshots of what it looks like:

Print Share Comment Cite Upload Translate

APA

() » Kubernetes: Kubernetes Dashboard. Retrieved from https://www.truth.cx/2019/01/11/kubernetes-kubernetes-dashboard/.

MLA

" » Kubernetes: Kubernetes Dashboard." - , https://www.truth.cx/2019/01/11/kubernetes-kubernetes-dashboard/

HARVARD

» Kubernetes: Kubernetes Dashboard., viewed ,

VANCOUVER

- » Kubernetes: Kubernetes Dashboard. [Internet]. [Accessed ]. Available from: https://www.truth.cx/2019/01/11/kubernetes-kubernetes-dashboard/

CHICAGO

" » Kubernetes: Kubernetes Dashboard." - Accessed . https://www.truth.cx/2019/01/11/kubernetes-kubernetes-dashboard/

IEEE

" » Kubernetes: Kubernetes Dashboard." [Online]. Available: https://www.truth.cx/2019/01/11/kubernetes-kubernetes-dashboard/. [Accessed: ]

Select a language: Afrikaans Albanian Arabic Armenian Basque Bengali Bulgarian Catalan Cambodian Chinese (Mandarin) Croatian Czech Danish Dutch English Estonian Fiji Finnish French Georgian German Greek Gujarati Hebrew Hindi Hungarian Icelandic Indonesian Irish Italian Japanese Javanese Korean Latin Latvian Lithuanian Macedonian Malay Malayalam Maltese Maori Marathi Mongolian Nepali Norwegian Persian Polish Portuguese Punjabi Quechua Romanian Russian Samoan Serbian Slovak Slovenian Spanish Swahili Swedish Tamil Tatar Telugu Thai Tibetan Tonga Turkish Ukrainian Urdu Uzbek Vietnamese Welsh Xhosa <br />Tesla was <a href="https://arstechnica.com/information-technology/2018/02/tesla-cloud-resources-are-hacked-to-run-cryptocurrency-mining-malware/" >famously hacked</a> for leaving this open and it's pretty rare to find it exposed externally now but useful to know what it is and what you can do with it.<br /><br />Usually found on port 30000<br /><br />kube-hunter finding for it:<br /><br /><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">Vulnerabilities</span><br /><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">+-----------------------+---------------+----------------------+----------------------+------------------+</span><br /><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">| LOCATION              | CATEGORY      | VULNERABILITY        | DESCRIPTION          | EVIDENCE         |</span><br /><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">+-----------------------+---------------+----------------------+----------------------+------------------+</span><br /><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">| 1.2.3.4:30000         | Remote Code   | Dashboard Exposed    | All oprations on the | nodes: pach-okta |</span><br /><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">|                       | Execution     |                      | cluster are exposed  |                  |</span><br /><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;">+-----------------------+---------------+----------------------+----------------------+------------------+</span><br /><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;"><br /></span><span style="font-family: inherit; font-size: xx-small;">Why do you care?  It has access to all pods and secrets within the cluster. So rather than using command line tools to get secrets or run code you can just do it in a web browser.</span><br /><span style="font-family: inherit; font-size: xx-small;"><br /></span><span style="font-family: inherit; font-size: xx-small;">Screenshots of what it looks like:</span><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-51OAca_ARCE/XC-bhR7yF7I/AAAAAAAACYo/y1IUfXAJt1wT0joA6UlILL4AdAFfGp6NQCLcBGAs/s1600/dashboard1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1008" data-original-width="1600" height="201" src="https://1.bp.blogspot.com/-51OAca_ARCE/XC-bhR7yF7I/AAAAAAAACYo/y1IUfXAJt1wT0joA6UlILL4AdAFfGp6NQCLcBGAs/s320/dashboard1.png" width="320" /></a></div><div class="separator" style="clear: both; text-align: center;">viewing secrets</div><span style="font-family: inherit; font-size: xx-small;"><br /></span><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;"><br /></span><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://d33wubrfki0l68.cloudfront.net/349824f68836152722dab89465835e604719caea/6e0b7/images/docs/ui-dashboard.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="478" data-original-width="800" height="238" src="https://d33wubrfki0l68.cloudfront.net/349824f68836152722dab89465835e604719caea/6e0b7/images/docs/ui-dashboard.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;">utilization</div><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;"><br /></span><span style="font-family: "courier new" , "courier" , monospace; font-size: xx-small;"><br /></span><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://d33wubrfki0l68.cloudfront.net/767cfea1ac5847b732e40ddd1ea13e638b679f8f/7be79/images/docs/ui-dashboard-logs-view.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="478" data-original-width="800" height="238" src="https://d33wubrfki0l68.cloudfront.net/767cfea1ac5847b732e40ddd1ea13e638b679f8f/7be79/images/docs/ui-dashboard-logs-view.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;">logs</div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://user-images.githubusercontent.com/608862/29508542-d7e67470-864c-11e7-838c-90bbb9c09daa.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="315" data-original-width="800" height="156" src="https://user-images.githubusercontent.com/608862/29508542-d7e67470-864c-11e7-838c-90bbb9c09daa.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;">shells</div><br /> First name:

Last name: