cdk-team · neargle · Mar 8, 2025 · Mar 8, 2025
diff --git a/cmd/cdk/cdk.go b/cmd/cdk/cdk.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/conf/build_conf.go b/conf/build_conf.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/conf/evaluate_conf.go b/conf/evaluate_conf.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/conf/exploit_conf.go b/conf/exploit_conf.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 
@@ -55,4 +54,3 @@ var K8sSATokenDefaultPath = "/var/run/secrets/kubernetes.io/serviceaccount/token
 var WebShellCodeJSP = "<%Runtime.getRuntime().exec(request.getParameter(\"$SECRET_PARAM\"));%>"
 
 var WebShellCodePHP = "<?php @eval($_POST['$SECRET_PARAM']);?>"
-
diff --git a/conf/message.go b/conf/message.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/conf/scanner_conf.go b/conf/scanner_conf.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/cli/parse_test.go b/pkg/cli/parse_test.go
@@ -29,16 +29,16 @@ import (
 )
 
 type testArgsCase struct {
-	name string
-	args []string
+	name       string
+	args       []string
 	successStr string
 }
 
 func doParseCDKMainWithTimeout() {
 
 	result := make(chan bool, 1)
 
-	go func ()  {
+	go func() {
 		result <- cli.ParseCDKMain()
 	}()
 
@@ -47,32 +47,31 @@ func doParseCDKMainWithTimeout() {
 		log.Println("check run ok, timeout in 2s, and return.")
 		return
 	case <-result:
-		return 
+		return
 	}
 
 }
 
 func TestParseCDKMain(t *testing.T) {
 
-
 	// ./cdk eva 2>&1 | head
 	// ./cdk run test-poc | head
 	// ./cdk ifconfig | head
 
 	tests := []testArgsCase{
 		{
-			name: "./cdk eva",
-			args: []string{"./cdk_cli_path", "eva"},
+			name:       "./cdk eva",
+			args:       []string{"./cdk_cli_path", "eva"},
 			successStr: "current user",
 		},
 		{
-			name: "./cdk run test-poc",
-			args: []string{"./cdk_cli_path", "run", "test-poc"},
+			name:       "./cdk run test-poc",
+			args:       []string{"./cdk_cli_path", "run", "test-poc"},
 			successStr: "run success",
 		},
 		{
-			name: "./cdk ifconfig",
-			args: []string{"./cdk_cli_path", "ifconfig"},
+			name:       "./cdk ifconfig",
+			args:       []string{"./cdk_cli_path", "ifconfig"},
 			successStr: "GetLocalAddresses",
 		},
 	}
@@ -112,7 +111,6 @@ func TestParseCDKMain(t *testing.T) {
 				t.Errorf(("parse cdk main failed, name: %s, args: %v, buf: %s"), tt.name, tt.args, str)
 			}
 
-
 		})
 
 		// return to os.Stdout default

diff --git a/pkg/errors/errors.go b/pkg/errors/errors.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/available_linux_capabilities.go b/pkg/evaluate/available_linux_capabilities.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/available_linux_commands.go b/pkg/evaluate/available_linux_commands.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/cgroups.go b/pkg/evaluate/cgroups.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/check_mount_escape.go b/pkg/evaluate/check_mount_escape.go
@@ -34,7 +34,6 @@ func checkClose(c io.Closer) {
 	}
 }
 
-
 func MountEscape() {
 
 	mounts, _ := util.GetMountInfo()
@@ -48,7 +47,6 @@ func MountEscape() {
 			continue
 		}
 
-
 		// ? why match those mount points?
 		if strings.Contains(m.Device, "/") || strings.Contains(m.Fstype, "ext") {
 			matched, _ := regexp.MatchString("/kubelet/|/dev/[\\w-]*?\\blog$|/etc/host[\\w]*?$|/etc/[\\w]*?\\.conf$", m.Root)
@@ -59,7 +57,7 @@ func MountEscape() {
 		}
 
 		// find lxcfs mount point for escape exploit
-		if m.Device == "lxcfs" && util.StringContains(m.Opts, "rw"){
+		if m.Device == "lxcfs" && util.StringContains(m.Opts, "rw") {
 			fmt.Printf("Find mounted lxcfs with rw flags, run `%s` or `%s` to escape container!\n", util.RedBold.Sprint("cdk run lxcfs-rw"), util.RedBold.Sprint("cdk run lxcfs-rw-cgroup"))
 			m.Device = util.RedBold.Sprint(m.Device)
 			m.MountPoint = util.RedBold.Sprint(m.Device)

diff --git a/pkg/evaluate/cloud_metadata_api.go b/pkg/evaluate/cloud_metadata_api.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/evaluate.go b/pkg/evaluate/evaluate.go
@@ -17,8 +17,8 @@ limitations under the License.
 package evaluate
 
 import (
-	"github.com/cdk-team/CDK/pkg/util"
 	"github.com/cdk-team/CDK/conf"
+	"github.com/cdk-team/CDK/pkg/util"
 )
 
 // CallBasics is a function to call basic functions

diff --git a/pkg/evaluate/k8s_anonymous_login.go b/pkg/evaluate/k8s_anonymous_login.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/k8s_service_account.go b/pkg/evaluate/k8s_service_account.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/kernel.go b/pkg/evaluate/kernel.go
@@ -18,7 +18,7 @@ func kernelExploitSuggester() {
 	if err != nil {
 		return
 	}
-	
+
 	// run command get output
 	util.PrintItemValueWithKeyOneLine("refer", "https://github.com/mzet-/linux-exploit-suggester", false)
 	output, err := exec.Command("bash", "-c", script).Output()
@@ -52,5 +52,5 @@ func kernelExploitSuggester() {
 			util.PrintOrignal(lines[i])
 		}
 	}
-	
+
 }
diff --git a/pkg/evaluate/security_info.go b/pkg/evaluate/security_info.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/sensitive_env.go b/pkg/evaluate/sensitive_env.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/sensitive_local_file_path.go b/pkg/evaluate/sensitive_local_file_path.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/sensitive_service.go b/pkg/evaluate/sensitive_service.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/sysctl_vars.go b/pkg/evaluate/sysctl_vars.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/evaluate/system_info.go b/pkg/evaluate/system_info.go
@@ -69,11 +69,11 @@ func FindSidFiles() {
 		if err != nil {
 			continue
 		}
-	
+
 		for _, file := range files {
 			// check setuid bit
-			if file.Mode() & os.ModeSetuid != 0 {
-				setuidfiles = append(setuidfiles, dir + "/" + file.Name())
+			if file.Mode()&os.ModeSetuid != 0 {
+				setuidfiles = append(setuidfiles, dir+"/"+file.Name())
 			}
 
 			// check capabilites, like getcap -r /bin
@@ -94,7 +94,7 @@ func CommandAllow() {
 }
 
 func ASLR() {
-	// ASLR off: /proc/sys/kernel/randomize_va_space = 0 
+	// ASLR off: /proc/sys/kernel/randomize_va_space = 0
 	var ASLRSetting = "/proc/sys/kernel/randomize_va_space"
 
 	data, err := ioutil.ReadFile(ASLRSetting)
@@ -111,4 +111,3 @@ func ASLR() {
 	}
 
 }
-
diff --git a/pkg/exploit/exploit_test.go b/pkg/exploit/exploit_test.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/task/fix_build_null.go b/pkg/task/fix_build_null.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 
@@ -20,4 +19,3 @@ package task
 // init: fix "build constraints exclude all Go files in /pkg/task"
 func init() {
 }
-
diff --git a/pkg/tool/dockerd_api/dockerd_api.go b/pkg/tool/dockerd_api/dockerd_api.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/tool/kubectl/kcurl.go b/pkg/tool/kubectl/kcurl.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 
@@ -40,7 +39,6 @@ Example:
   ./cdk kcurl anonymous post 'https://192.168.0.234:6443/api/v1/nodes' '{"apiVersion":"v1",...}'
 `
 
-
 func KubectlToolApi(args []string) {
 
 	var opts = K8sRequestOption{}

diff --git a/pkg/tool/netcat/netcat.go b/pkg/tool/netcat/netcat.go
@@ -1,6 +1,6 @@
+//go:build !thin && !no_netcat_tool
 // +build !thin,!no_netcat_tool
 
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/tool/netcat/thin_code.go b/pkg/tool/netcat/thin_code.go
@@ -1,6 +1,6 @@
+//go:build thin || no_netcat_tool
 // +build thin no_netcat_tool
 
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 
@@ -24,4 +24,4 @@ import "github.com/cdk-team/CDK/conf"
 func RunVendorNetcat() {
 	print(conf.ThinIgnoreTool)
 	return
-}
+}
diff --git a/pkg/tool/network/network.go b/pkg/tool/network/network.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/tool/probe/common.go b/pkg/tool/probe/common.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/tool/probe/common_test.go b/pkg/tool/probe/common_test.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/tool/probe/thin_code.go b/pkg/tool/probe/thin_code.go
@@ -1,6 +1,6 @@
+//go:build no_probe_tool
 // +build no_probe_tool
 
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/tool/ps/ps.go b/pkg/tool/ps/ps.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/tool/vi/thin_code.go b/pkg/tool/vi/thin_code.go
@@ -1,6 +1,6 @@
+//go:build thin || no_vi_tool
 // +build thin no_vi_tool
 
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 
@@ -24,4 +24,4 @@ import "github.com/cdk-team/CDK/conf"
 func RunVendorVi() {
 	print(conf.ThinIgnoreTool)
 	return
-}
+}
diff --git a/pkg/tool/vi/ven.go b/pkg/tool/vi/ven.go
@@ -1,6 +1,6 @@
+//go:build !thin && !no_vi_tool
 // +build !thin,!no_vi_tool
 
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/util/capability/capability_define.go b/pkg/util/capability/capability_define.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/util/capability/capability_test.go b/pkg/util/capability/capability_test.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 
@@ -24,7 +23,7 @@ import (
 func TestCapHexParser(t *testing.T) {
 	var testcase = map[string]string{
 		"00000000a80425fb": "CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_SETGID,CAP_SETUID,CAP_SETPCAP,CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_SYS_CHROOT,CAP_MKNOD,CAP_AUDIT_WRITE,CAP_SETFCAP",
-		"00000000a80c25fb" : "CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_SETGID,CAP_SETUID,CAP_SETPCAP,CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_SYS_CHROOT,CAP_SYS_PTRACE,CAP_MKNOD,CAP_AUDIT_WRITE,CAP_SETFCAP",
+		"00000000a80c25fb": "CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_SETGID,CAP_SETUID,CAP_SETPCAP,CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_SYS_CHROOT,CAP_SYS_PTRACE,CAP_MKNOD,CAP_AUDIT_WRITE,CAP_SETFCAP",
 		"00000000a82425fb": "CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_SETGID,CAP_SETUID,CAP_SETPCAP,CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_SYS_CHROOT,CAP_SYS_ADMIN,CAP_MKNOD,CAP_AUDIT_WRITE,CAP_SETFCAP",
 	}
 	for k, v := range testcase {

diff --git a/pkg/util/common.go b/pkg/util/common.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 
@@ -149,13 +148,13 @@ func IntContains(s []int, e int) bool {
 func DistinctStrArr(s []string) []string {
 	distinctMap := make(map[string]bool)
 	var result []string
-	
+
 	for _, item := range s {
 		if _, exists := distinctMap[item]; !exists {
 			distinctMap[item] = true
 			result = append(result, item)
 		}
 	}
-	
+
 	return result
 }
diff --git a/pkg/util/file_io.go b/pkg/util/file_io.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
 

diff --git a/pkg/util/file_io_test.go b/pkg/util/file_io_test.go
@@ -1,4 +1,3 @@
-
 /*
 Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .
Original file line number	Diff line number	Diff line change
		@@ -1,4 +1,3 @@

		/*
		Copyright 2022 The Authors of https://github.com/CDK-TEAM/CDK .

Expand Down