关联漏洞
标题:
Kubernetes ingress-nginx 安全漏洞
(CVE-2025-1974)
描述:Kubernetes ingress-nginx是云原生计算基金会(Cloud Native Computing Foundation)开源的Kubernetes 的入口控制器,使用NGINX作为反向代理和负载均衡器。 Kubernetes ingress-nginx存在安全漏洞,该漏洞源于在某些条件下,未认证的攻击者可通过访问pod网络在ingress-nginx控制器环境中执行任意代码,可能导致Secrets泄露。
介绍
# CVE-2025-1974_IngressNightmare
# poc IngressNightmare Script
A Python script to automate sending JSON payloads to a list of IPs via `curl`, capturing responses and splitting them into success and failure XML reports.
## Features
* Sends HTTPS `POST` requests with a JSON payload to multiple IP addresses.
* Configurable JSON payload file, port, timeout, delay between requests.
* Cleans and captures `curl` stderr (removes progress meter noise).
* Classifies requests as **success**, **failed**, **timeout**, or **error** based on return code and HTTP status.
* Generates two XML reports:
* **Success** report containing all successful requests.
* **Failure** report containing all failed, timed out, or errored requests.
* Detailed per-request logging to the console.
## Prerequisites
* Python 3.6+
* `curl` installed on your system and available in `PATH`.
* (Optional) Access to modify firewall or network settings to allow outbound HTTPS.
## Installation
1. Clone the repository or download the script:
```bash
git clone https://github.com/abrewer251/CVE-2025-1974_IngressNightmare_PoC.git
cd autorun
```
2. Ensure the script is executable (optional):
```bash
chmod +x poc.py
```
## Usage
```bash
python3 poc.py [OPTIONS] <ip_list_file>
```
### Positional Argument
* `<ip_list_file>`: Path to a text file containing one IP address per line.
### Options
| Option | Description | Default |
| -------------------------- | ------------------------------------------------------- | ----------------- |
| `-h, --help` | Show this help message and exit | — |
| `-j, --json <file>` | JSON payload filename to send (with `@` syntax) | `poc.json` |
| `-p, --port <port>` | Target port on each IP | `8443` |
| `-t, --timeout <seconds>` | Timeout in seconds for each `curl` call | `15` |
| `-d, --delay <seconds>` | Delay in seconds between successive requests | `1.0` |
| `-s, --success <filename>` | Output XML filename for successful requests | `4-3_Success.xml` |
| `-f, --failure <filename>` | Output XML filename for failed/timeouted/error requests | `4-3_Failure.xml` |
## Examples
1. **Basic run** with defaults:
```bash
python3 poc.py ips.txt
```
Sends `poc.json` to each IP on port `8443`, waits up to 15s, delays 1s between calls, writes `4-3_Success.xml` and `4-3_Failure.xml`.
2. **Custom payload and port**:
```bash
python3 poc.py -j payload.json -p 9443 ips.txt
```
3. **Shorter timeout and faster requests**:
```bash
python3 poc.py -t 5 -d 0.5 ips.txt
```
4. **Custom report filenames**:
```bash
python3 poc.py -s success_report.xml -f error_report.xml ips.txt
```
## Output
* **Console**: Live logs for each request with IP, status, and error message if any.
* **XML files**: Structured reports with details of every request, suitable for parsing or integration.
## License
This project is licensed under the MIT License. See [LICENSE](LICENSE) for details.
---
*Generated by Autorun script template.*
文件快照
[4.0K] /data/pocs/8665b3c0541b8e57f250fb4aad20c9668e57b2c7
├── [1.0K] LICENSE
├── [1.2K] poc.json
├── [5.1K] poc.py
└── [3.2K] README.md
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。