CVE-2024-31989

CVE-Exploit for Argo CD

This repository contains an exploit for CVE-2024-31989 that targets a Redis instance without a password in Argo CD.

Description

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. This exploit leverages a vulnerability in Argo CD where a Redis instance is deployed without a password.

Installation

Clone the repository:

git clone https://github.com/vt0x78/CVE-2024-31989.git
cd CVE-2024-31989
go build -o <name>

or just download the binary in releases.

Usage

./K8sHijack -key <path to key name> -pod <path to pod manifest to deploy>

Reference Article

For a detailed explanation of this exploit and its implications, please refer to my article CVE-2024-31989.

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go
pod-example.txt		pod-example.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

CVE-2024-31989

CVE-Exploit for Argo CD

Description

Installation

Usage

Reference Article

About

Uh oh!

Releases 1

Packages

Uh oh!

Languages

vt0x78/CVE-2024-31989

Folders and files

Latest commit

History

Repository files navigation

CVE-2024-31989

CVE-Exploit for Argo CD

Description

Installation

Usage

Reference Article

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases 1

Packages 0

Uh oh!

Languages

Packages