diff --git a/cicd/03-rolebindings.yaml b/cicd/03-rolebindings.yaml index fedde33..fcf908d 100644 --- a/cicd/03-rolebindings.yaml +++ b/cicd/03-rolebindings.yaml @@ -14,3 +14,6 @@ subjects: - kind: ServiceAccount name: pipeline namespace: vulnerable-cicd +- kind: ServiceAccount + name: default + namespace: exploitkit-log4j diff --git a/exploit/deployment/10-deploy.yaml b/exploit/deployment/10-deploy.yaml new file mode 100644 index 0000000..ea98bcf --- /dev/null +++ b/exploit/deployment/10-deploy.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: jndi-exploit-kit + app.kubernetes.io/component: jndi-exploit-kit + app.kubernetes.io/instance: jndi-exploit-kit + name: jndi-exploit-kit + namespace: exploitkit-log4j +spec: + replicas: 1 + selector: + matchLabels: + deployment: jndi-exploit-kit + template: + metadata: + creationTimestamp: null + labels: + deployment: jndi-exploit-kit + spec: + containers: + - image: image-registry.openshift-image-registry.svc.cluster.local:5000/vulnerable-cicd/exploitkit-log4j:latest + imagePullPolicy: Always + name: jndi-exploit-kit + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 diff --git a/exploit/deployment/20-svc.yaml b/exploit/deployment/20-svc.yaml new file mode 100644 index 0000000..4c2d103 --- /dev/null +++ b/exploit/deployment/20-svc.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + app: jndi-exploit-kit + name: jndi-exploit-kit + namespace: exploitkit-log4j +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 8080 + - name: ldap + port: 1389 + protocol: TCP + targetPort: 1389 + - name: rmi + port: 1099 + protocol: TCP + targetPort: 1099 + selector: + deployment: jndi-exploit-kit + sessionAffinity: None + type: ClusterIP