From 93fa6157bcd80d1b19042dfa10debefaf4fed55f Mon Sep 17 00:00:00 2001
From: neargle <nearg1e.com+prosandbox@gmail.com>
Date: Sun, 1 Jan 2023 22:56:02 +0800
Subject: [PATCH] fix #71 (exp): k8s-shadow-apiserver check apiserver error in
 invalid to list pods

---
 pkg/exploit/k8s_shadow_apiserver.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/exploit/k8s_shadow_apiserver.go b/pkg/exploit/k8s_shadow_apiserver.go
index 4c8ba27..aa641c5 100644
--- a/pkg/exploit/k8s_shadow_apiserver.go
+++ b/pkg/exploit/k8s_shadow_apiserver.go
@@ -61,7 +61,7 @@ func findApiServerPodInMasterNode(token string, serverAddr string) (string, erro
 		log.Printf("request apiserver uri `%s` error: %v, response: %s", opts.Api, err, resp)
 		return "", errors.New("faild to request api-server.")
 	}
-	if !strings.Contains(resp, "selfLink") {
+	if !strings.Contains(resp, "selfLink") && !strings.Contains(resp, "kube-apiserver") {
 		log.Println("api-server response:")
 		fmt.Println(resp)
 		return "", errors.New("invalid to list pods, possible caused by api-server forbidden this request.")