sh4d0wup 0.11.0

Signing-key abuse and update exploitation framework
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

---

upstreams:
  hub:
    url: https://index.docker.io/

tls:
  names: ["index.docker.io", "example.com"]

check:
  image: quay.io/podman/stable
  install_certs: ['tee', '-a', '/etc/ssl/certs/ca-certificates.crt']
  register_hosts:
    - index.docker.io
  expose_fuse: true
  cmds:
    - "sudo -u podman podman run --rm index.docker.io:${SH4D0WUP_BOUND_PORT}/library/alpine echo hello world"

artifacts:
  manifest_upstream:
    type: url
    url: https://index.docker.io/v2/library/alpine/manifests/latest
    oci_auth:
      url: https://index.docker.io/v2/
      scopes:
        - repository:library/alpine:pull

routes:
  - path: /v2/library/alpine/manifests/latest
    type: static
    args:
      artifact: manifest_upstream
  - type: proxy
    args:
      upstream: hub