Made some Distinctions between passive hunter and discovery (some discoveries were logged as passive hunters )

2026-05-10 11:17:05 +00:00 · 2018-10-07 10:43:24 +03:00
parent e1712a7a74
commit 042e57e39f
5 changed files with 5 additions and 5 deletions
--- a/src/modules/discovery/apiserver.py
+++ b/src/modules/discovery/apiserver.py
@@ -25,7 +25,7 @@ class ApiServerDiscovery(Hunter):
        self.event = event

    def execute(self):
-        logging.debug("Passive hunter is attempting to find an Api server")
+        logging.debug("Attempting to discover an Api server")
        main_request = requests.get("https://{}:{}".format(self.event.host, self.event.port), verify=False).text
        if "code" in main_request:
            self.event.role = "Master"
--- a/src/modules/discovery/dashboard.py
+++ b/src/modules/discovery/dashboard.py
@@ -23,7 +23,7 @@ class KubeDashboard(Hunter):

    @property
    def secure(self):
-        logging.debug("Passive hunter is attempting to find an Api server to access dashboard")
+        logging.debug("Attempting to discover an Api server to access dashboard")
        r = requests.get("http://{}:{}/api/v1/service/default".format(self.event.host, self.event.port))
        if "listMeta" in r.text and len(json.loads(r.text)["errors"]) == 0:
            return False
--- a/src/modules/discovery/proxy.py
+++ b/src/modules/discovery/proxy.py
@@ -25,7 +25,7 @@ class KubeProxy(Hunter):

    @property
    def accesible(self):
-        logging.debug("Passive hunter is attempting to access a proxy service")
+        logging.debug("Attempting to discover a proxy service")
        r = requests.get("http://{host}:{port}/api/v1".format(host=self.host, port=self.port))
        if r.status_code == 200 and "APIResourceList" in r.text:
            return True
--- a/src/modules/hunting/certificates.py
+++ b/src/modules/hunting/certificates.py
@@ -28,7 +28,7 @@ class CertificateDiscovery(Hunter):

    def execute(self):
        try:
-            logging.debug("Active hunter is attempting to get server certificate")
+            logging.debug("Passive hunter is attempting to get server certificate")
            addr = (str(self.event.host), self.event.port)
            cert = ssl.get_server_certificate(addr)
        except ssl.SSLError as e:
--- a/src/modules/hunting/kubelet.py
+++ b/src/modules/hunting/kubelet.py
@@ -112,7 +112,7 @@ class ReadOnlyKubeletPortHunter(Hunter):
        return privileged_containers if len(privileged_containers) > 0 else None
    
    def get_pods_endpoint(self):
-        logging.debug("Passive hunter is attempting to find pods endpoints")
+        logging.debug("Attempting to find pods endpoints")
        response = requests.get(self.path + "pods")
        if "items" in response.text:
            return json.loads(response.text)