Added more logging to most of the hunters.

2026-05-14 05:07:02 +00:00 · 2018-09-30 14:39:37 +03:00
parent 79a5ca8bde
commit 12c416e643
8 changed files with 14 additions and 2 deletions
--- a/src/modules/discovery/apiserver.py
+++ b/src/modules/discovery/apiserver.py
@@ -1,4 +1,5 @@
 import requests
+import logging

 from ...core.types import Hunter
 from ...core.events import handler
@@ -24,6 +25,7 @@ class ApiServerDiscovery(Hunter):
        self.event = event

    def execute(self):
+        logging.debug("Passive hunter is attempting to find an Api server")
        main_request = requests.get("https://{}:{}".format(self.event.host, self.event.port), verify=False).text
        if "code" in main_request:
            self.event.role = "Master"
--- a/src/modules/discovery/dashboard.py
+++ b/src/modules/discovery/dashboard.py
@@ -23,6 +23,7 @@ class KubeDashboard(Hunter):

    @property
    def secure(self):
+        logging.debug("Passive hunter is attempting to find an Api server to access dashboard")
        r = requests.get("http://{}:{}/api/v1/service/default".format(self.event.host, self.event.port))
        if "listMeta" in r.text and len(json.loads(r.text)["errors"]) == 0:
            return False
--- a/src/modules/discovery/kubelet.py
+++ b/src/modules/discovery/kubelet.py
@@ -39,11 +39,13 @@ class KubeletDiscovery(Hunter):

    def get_read_only_access(self):
        logging.debug(self.event.host)
+        logging.debug("Passive hunter is attempting to get kubelet read access")
        r = requests.get("http://{host}:{port}/pods".format(host=self.event.host, port=self.event.port))
        if r.status_code == 200:
            self.publish_event(ReadOnlyKubeletEvent())

    def get_secure_access(self):
+        logging.debug("Attempting to get kubelet secure access")
        ping_status = self.ping_kubelet()
        if ping_status == 200:
            self.publish_event(SecureKubeletEvent(secure=False))
@@ -53,6 +55,7 @@ class KubeletDiscovery(Hunter):
            self.publish_event(SecureKubeletEvent(secure=True, anonymous_auth=False))

    def ping_kubelet(self):
+        logging.debug("Attempting to ping kubelet")
        try:
            return requests.get("https://{host}:{port}/pods".format(host=self.event.host, port=self.event.port), verify=False).status_code
        except Exception as ex:
--- a/src/modules/discovery/ports.py
+++ b/src/modules/discovery/ports.py
@@ -20,9 +20,10 @@ class PortDiscovery(Hunter):
        self.port = event.port

    def execute(self):
-        logging.debug("host {0} try ports {1}".format(self.host, default_ports))
+        logging.debug("host {0} try reach ports: {1}".format(self.host, default_ports))
        for single_port in default_ports:
            if self.test_connection(self.host, single_port):
+                logging.debug("Reachable port found: {0}".format(single_port))
                self.publish_event(OpenPortEvent(port=single_port))

    @staticmethod
--- a/src/modules/discovery/proxy.py
+++ b/src/modules/discovery/proxy.py
@@ -25,6 +25,7 @@ class KubeProxy(Hunter):

    @property
    def accesible(self):
+        logging.debug("Passive hunter is attempting to access a proxy service")
        r = requests.get("http://{host}:{port}/api/v1".format(host=self.host, port=self.port))
        if r.status_code == 200 and "APIResourceList" in r.text:
            return True
--- a/src/modules/hunting/certificates.py
+++ b/src/modules/hunting/certificates.py
@@ -21,13 +21,14 @@ class CertificateEmail(Vulnerability, Event):
@handler.subscribe(Service)
 class CertificateDiscovery(Hunter):
    """Certificate Email Hunting
-    Checks for email addresses in kuberntes ssl certificates
+    Checks for email addresses in kubernetes ssl certificates
    """
    def __init__(self, event):
        self.event = event

    def execute(self):
        try:
+            logging.debug("Active hunter is attempting to get server certificate")
            addr = (str(self.event.host), self.event.port)
            cert = ssl.get_server_certificate(addr)
        except ssl.SSLError as e:
--- a/src/modules/hunting/dashboard.py
+++ b/src/modules/hunting/dashboard.py
@@ -23,6 +23,7 @@ class KubeDashboard(Hunter):
        self.event = event

    def get_nodes(self):
+        logging.debug("Active hunter is attempting to get nodes types of the cluster")
        r = requests.get("http://{}:{}/api/v1/node".format(self.event.host, self.event.port))
        if r.status_code == 200 and "nodes" in r.text:
            return list(map(lambda node: node["objectMeta"]["name"], json.loads(r.text)["nodes"]))
--- a/src/modules/hunting/kubelet.py
+++ b/src/modules/hunting/kubelet.py
@@ -91,6 +91,7 @@ class ReadOnlyKubeletPortHunter(Hunter):
        self.pods_endpoint_data = ""

    def get_k8s_version(self):
+        logging.debug("Active hunter is attempting to find kubernetes version")
        metrics = requests.get(self.path + "metrics").text
        for line in metrics.split("\n"):
            if line.startswith("kubernetes_build_info"):
@@ -101,6 +102,7 @@ class ReadOnlyKubeletPortHunter(Hunter):
    
    # returns list of tuples of Privileged container and their pod. 
    def find_privileged_containers(self):
+        logging.debug("Active hunter is attempting to find privileged containers and their pods")
        privileged_containers = list()
        if self.pods_endpoint_data:
            for pod in self.pods_endpoint_data["items"]: