This Metasploit module uses the Kong admin API to create a route and a serverless function plugin that is associated with the route. The plugin runs Lua code and is used to run a system command using os.execute(). After execution the route is deleted, which also deletes the plugin.
4bafd791ffc69e6f0e7e5e659d5843334eaeb9b206ab4512782cccf29ffe011a