Kubeflow
Enumerate and exploit Kubeflow Pipelines API instances.
Overview
The kubeflow module targets the Kubeflow Pipelines REST API (/pipeline/api/v1beta1/). It enumerates pipelines, runs, and experiments, lists Kubeflow Notebooks, and tests unauthenticated pipeline run creation. Kubeflow Pipelines is commonly deployed on shared ML platforms with misconfigured authentication, enabling direct API access to production ML workflows.
Subcommands
Read-Only (no --force-exploit required)
| Subcommand |
Description |
enum |
Probe API reachability and detect API version |
pipelines |
List accessible ML pipelines and their parameters |
runs |
List pipeline runs with status and pipeline correlation |
experiments |
List experiments |
notebooks |
List Kubeflow Notebooks in a namespace |
Gated (requires --force-exploit)
| Subcommand |
Description |
run-pipeline |
Inject a new pipeline run via the Pipelines API |
Flags
| Flag |
Required |
Description |
--target |
Yes |
Kubeflow URL (default port 8080) |
--header |
No |
Custom HTTP headers. Repeatable. |
--namespace |
No |
Kubernetes namespace for notebook listing (default: kubeflow) |
--pipeline-id |
For run-pipeline |
Pipeline ID to execute |
--experiment-id |
No |
Experiment ID for the new run |
--run-name |
For run-pipeline |
Name for the new run |
--param |
No |
Pipeline parameters as key=value pairs. Repeatable. |
Key Endpoints
| Endpoint |
Method |
Purpose |
/pipeline/api/v1beta1/pipelines |
GET |
List pipelines (page_size=50, sort by created_at) |
/pipeline/api/v1beta1/runs |
GET |
List runs |
/pipeline/api/v1beta1/runs |
POST |
Create a new run (gated) |
/pipeline/api/v1beta1/experiments |
GET |
List experiments |
/notebook/api/namespaces/{ns}/notebooks |
GET |
List Kubeflow Notebooks |
/pipeline/ |
GET |
Dashboard fallback — used as reachability probe when v1beta1 is unavailable |
Reachability Detection
The enum subcommand first probes GET /pipeline/api/v1beta1/pipelines?page_size=1. If that returns an error, it falls back to GET /pipeline/ to confirm dashboard reachability. A successful API probe sets APIVersion=v1beta1.
Examples
# Enumerate API reachability
aipostex kubeflow --target http://10.0.0.30:8080 enum
# List ML pipelines and parameters
aipostex kubeflow --target http://10.0.0.30:8080 pipelines
# List pipeline run history
aipostex kubeflow --target http://10.0.0.30:8080 runs
# List experiments
aipostex kubeflow --target http://10.0.0.30:8080 experiments
# List Kubeflow Notebooks in a namespace
aipostex kubeflow --target http://10.0.0.30:8080 notebooks --namespace kubeflow
# Inject a pipeline run (gated)
aipostex kubeflow --target http://10.0.0.30:8080 \
run-pipeline --pipeline-id <pipeline-id> --run-name injected \
--param learning_rate=0.1 --force-exploit
Workflow Progression
discover network (discovers Kubeflow on :8080)
-> kubeflow enum (API version, reachability)
-> kubeflow pipelines (pipeline inventory and parameters)
-> kubeflow runs (run history and status)
-> kubeflow experiments (experiment listing)
-> kubeflow notebooks (notebook inventory)
-> kubeflow run-pipeline (pipeline run injection, gated)
Vulnerability Templates
| Template |
Tags |
Description |
kubeflow-dashboard-unauth |
kubeflow |
Unauthenticated Kubeflow dashboard access |
kubeflow-enum-001-pipeline-access |
kubeflow, mlops, pipeline |
Unauthenticated pipeline/experiment enumeration (read) |