From 042e57e39f1622e4fa56acc4684c46ecaf368f6e Mon Sep 17 00:00:00 2001 From: "ori.agmon" Date: Sun, 7 Oct 2018 10:43:24 +0300 Subject: [PATCH] Made some Distinctions between passive hunter and discovery (some discoveries were logged as passive hunters ) --- src/modules/discovery/apiserver.py | 2 +- src/modules/discovery/dashboard.py | 2 +- src/modules/discovery/proxy.py | 2 +- src/modules/hunting/certificates.py | 2 +- src/modules/hunting/kubelet.py | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/modules/discovery/apiserver.py b/src/modules/discovery/apiserver.py index 2b6e8d0..ef7c495 100644 --- a/src/modules/discovery/apiserver.py +++ b/src/modules/discovery/apiserver.py @@ -25,7 +25,7 @@ class ApiServerDiscovery(Hunter): self.event = event def execute(self): - logging.debug("Passive hunter is attempting to find an Api server") + logging.debug("Attempting to discover an Api server") main_request = requests.get("https://{}:{}".format(self.event.host, self.event.port), verify=False).text if "code" in main_request: self.event.role = "Master" diff --git a/src/modules/discovery/dashboard.py b/src/modules/discovery/dashboard.py index 947d81d..f8b7aa4 100644 --- a/src/modules/discovery/dashboard.py +++ b/src/modules/discovery/dashboard.py @@ -23,7 +23,7 @@ class KubeDashboard(Hunter): @property def secure(self): - logging.debug("Passive hunter is attempting to find an Api server to access dashboard") + logging.debug("Attempting to discover an Api server to access dashboard") r = requests.get("http://{}:{}/api/v1/service/default".format(self.event.host, self.event.port)) if "listMeta" in r.text and len(json.loads(r.text)["errors"]) == 0: return False diff --git a/src/modules/discovery/proxy.py b/src/modules/discovery/proxy.py index 5b57ec8..d1dca02 100644 --- a/src/modules/discovery/proxy.py +++ b/src/modules/discovery/proxy.py @@ -25,7 +25,7 @@ class KubeProxy(Hunter): @property def accesible(self): - logging.debug("Passive hunter is attempting to access a proxy service") + logging.debug("Attempting to discover a proxy service") r = requests.get("http://{host}:{port}/api/v1".format(host=self.host, port=self.port)) if r.status_code == 200 and "APIResourceList" in r.text: return True diff --git a/src/modules/hunting/certificates.py b/src/modules/hunting/certificates.py index caf2ef4..7c4cf16 100644 --- a/src/modules/hunting/certificates.py +++ b/src/modules/hunting/certificates.py @@ -28,7 +28,7 @@ class CertificateDiscovery(Hunter): def execute(self): try: - logging.debug("Active hunter is attempting to get server certificate") + logging.debug("Passive hunter is attempting to get server certificate") addr = (str(self.event.host), self.event.port) cert = ssl.get_server_certificate(addr) except ssl.SSLError as e: diff --git a/src/modules/hunting/kubelet.py b/src/modules/hunting/kubelet.py index cf212a0..cfff332 100644 --- a/src/modules/hunting/kubelet.py +++ b/src/modules/hunting/kubelet.py @@ -112,7 +112,7 @@ class ReadOnlyKubeletPortHunter(Hunter): return privileged_containers if len(privileged_containers) > 0 else None def get_pods_endpoint(self): - logging.debug("Passive hunter is attempting to find pods endpoints") + logging.debug("Attempting to find pods endpoints") response = requests.get(self.path + "pods") if "items" in response.text: return json.loads(response.text)