Deploy a shadow apiserver with the same configurations with a current kube-apiserver pod in namespace kube-system. The shadow apiserver receive anonymous request and execute all k8s actions with none audit log, use it to control K8s cluster and perform further attacks.

部署一个shadow apiserver，该apiserver具有和集群中现存的apiserver一致的功能，同时开启了全部K8s管理权限，接受匿名请求且不保存审计日志。便于攻击者无痕迹的管理整个集群以及下发后续渗透行动。

• See more about shadow-apiserver attack in https://www.youtube.com/watch?v=CH7S5rE3j8w
• See more about how to use shadow-apiserver in https://www.cdxy.me/?p=839

./cdk run k8s-shadow-apiserver (default|anonymous|<service-account-token-path>)

Request Options:
default: connect API server with pod's default service account token
anonymous: connect API server with user system:anonymous
<service-account-token-path>: connect API server with user-specified service account token.

Deploy a shadow apiserver in cluster.

./cdk run k8s-shadow-apiserver default