Privilege Escalation Attack Scenarios on the DevOps Pipeline Within a Kubernetes Environment

Nicholas, Pecka,; Othmane, Lotfi ben; Valani, Altaz

doi:10.1145/3529320.3529325

Cited by 4 publications

(3 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Li et al develop the first tool to measure malicious crypto-mining jobs in CI/CD pipeline [2], but neglect threats from CI/CD scripts. Pecka et al discuss the attacks against CI/CD pipelines via Kubernetes clusters [3], [4], yet lack a quantitative analysis and obfuscation attack. There are also blogs that analyze the bugs or attacks in CI/CD scripts [7], [8], [9], [10], [11].…”

Section: Large-scalementioning

confidence: 99%

“…1 var _0xffbb=["\x66\x73","\x62\x75\x69\x6C\x64\x2F\x69\x6E\x64\x65\x ⌋ 78\x2E\x68\x74\x6D\x6C","\x75\x74\x66\x38","\x68\x72\x65\x66\x3 ⌋ D\x22\x73\x6F\x6D\x65\x2E\x6D\x61\x6C\x69\x63\x69\x6F\x75\x73\x ⌋ 2E\x73\x69\x74\x65\x22","\x72\x65\x70\x6C\x61\x63\x65","\x77\x7 ⌋ 2\x69\x74\x65\x46\x69\x6C\x65","\x72\x65\x61\x64\x46\x69\x6C\x6 ⌋ 5"];var fs=require(_0xffbb[0]);fs[_0xffbb [6]](_0xffbb [1],_0xffbb [2],fun ⌋ ction(_0x1b77x2,_0x1b77x3){var _0x1b77x4=_0x1b77x3[_0xffbb [4]](/href="https:. *"/g,_0xffbb [3]); ⌋ fs…”

Section: Script Update Lagmentioning

confidence: 99%

“…Our work is also related to the DevOps pipeline attack case studies on Kubernetes. To understand the security impact of the misused DevOps pipelines, Pecka et al design four attack scenarios on self-hosted CI/CD servers [3], [4]. They target four classic host components in the DevOps pipeline, including Strimzi, Jenkins, K8s Networking, and K8s worker node, to perform data retrieval, file corruption, and illegal connection to the external addresses (DevOps within K8s and Attacks on DevOps in Table 1).…”

Section: Security Of Ci/cd Scriptsmentioning

confidence: 99%

See 2 more Smart Citations

Ambush From All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines

Pan

Shen

Wang

et al. 2024

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

The continuous integration and continuous deployment (CI/CD) pipelines are widely adopted on Internet hosting platforms, such as GitHub. However, current CI/CD pipelines suffer from malicious code and severe vulnerabilities. Even worse, people have not been fully aware of its attack surfaces and the corresponding impacts. Therefore, in this paper, we conduct a large-scale measurement and a systematic analysis to reveal the attack surfaces of the CI/CD pipeline and quantify their security impacts. Specifically, for the measurement, we collect a data set of 320,000+ CI/CD pipeline-configured GitHub repositories and build an analysis tool to parse the CI/CD pipelines and extract security-critical usages. Our measurement reveals that the script runtimes are prone to code hiding while the script usage update is not in time, giving attackers chances to hide malicious code and exploit existing vulnerabilities. Moreover, even the scripts from verified creators may contain severe vulnerabilities. Besides current CI/CD ecosystem heavily relies on several core scripts, which may lead to a single point of failure. While the CI/CD pipelines contain sensitive information/operations, making them the attacker's favorite targets. Inspired by the measurement findings, we abstract the threat model and the attack approach toward CI/CD pipelines, followed by a systematic analysis of attack surfaces, attack strategies, and the corresponding impacts. We further launch case studies on five attacks in real-world CI/CD environments to validate the revealed attack surfaces. Finally, we give suggestions on mitigating attacks on CI/CD scripts, including securing CI/CD configurations, securing CI/CD scripts, and improving CI/CD infrastructure.

show abstract

Section: Large-scalementioning

confidence: 99%