From 48f0b8d829bc0b3b8affbc571cee654eb5c84dd2 Mon Sep 17 00:00:00 2001
From: "ori.agmon" <ori.agmon@aquasec.com>
Date: Tue, 2 Oct 2018 11:49:16 +0300
Subject: [PATCH] Added more logging to most of the hunters. Hosts.py,
 hunting/proxy.py, hunting/kubelet.py logging isn't finished yet.

---
 src/modules/discovery/hosts.py | 6 +++++-
 src/modules/hunting/aks.py     | 1 +
 src/modules/hunting/kubelet.py | 1 +
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/modules/discovery/hosts.py b/src/modules/discovery/hosts.py
index e255407..352f433 100644
--- a/src/modules/discovery/hosts.py
+++ b/src/modules/discovery/hosts.py
@@ -73,6 +73,7 @@ class HostDiscovery(Hunter):
 
     def get_cloud(self, host):
         try:
+            logging.debug("Passive hunter is attempting to access azure's cloud")
             metadata = requests.get("http://www.azurespeed.com/api/region?ipOrUrl={ip}".format(ip=host)).text
         except requests.ConnectionError as e:
             logging.info("- unable to check cloud: {0}".format(e))
@@ -82,6 +83,7 @@ class HostDiscovery(Hunter):
 
     def is_azure_pod(self):
         try:
+            logging.debug("Passive hunter is attempting to access azure's pod")
             if requests.get("http://169.254.169.254/metadata/instance?api-version=2017-08-01", headers={"Metadata":"true"}, timeout=5).status_code == 200:
                 return True
         except requests.exceptions.ConnectionError:
@@ -100,6 +102,7 @@ class HostDiscovery(Hunter):
 
     # quering azure's interface metadata api | works only from a pod
     def azure_metadata_discovery(self):
+        logging.debug("Passive hunter is attempting to pull azure's metadata")
         machine_metadata = json.loads(requests.get("http://169.254.169.254/metadata/instance?api-version=2017-08-01", headers={"Metadata":"true"}).text)
         address, subnet= "", ""
         for interface in machine_metadata["network"]["interface"]:
@@ -110,7 +113,8 @@ class HostDiscovery(Hunter):
 
     # for normal scanning
     def scan_interfaces(self):
-        try: 
+        try:
+            logging.debug("Passive hunter is attempting to scan interfaces")
             external_ip = requests.get("http://canhazip.com").text # getting external ip, to determine if cloud cluster
         except requests.ConnectionError as e:
             logging.debug("unable to determine local IP address: {0}".format(e))
diff --git a/src/modules/hunting/aks.py b/src/modules/hunting/aks.py
index 3275fb6..bfc8f5e 100644
--- a/src/modules/hunting/aks.py
+++ b/src/modules/hunting/aks.py
@@ -30,6 +30,7 @@ class AzureSpnHunter(Hunter):
         
     # getting a container that has access to the azure.json file
     def get_key_container(self):
+        logging.debug("Attempting to find container with access to azure.json file")
         raw_pods = requests.get(self.base_url + "/pods", verify=False).text
         if "items" in raw_pods:
             pods_data = json.loads(raw_pods)["items"]
diff --git a/src/modules/hunting/kubelet.py b/src/modules/hunting/kubelet.py
index 330448b..1b01365 100644
--- a/src/modules/hunting/kubelet.py
+++ b/src/modules/hunting/kubelet.py
@@ -112,6 +112,7 @@ class ReadOnlyKubeletPortHunter(Hunter):
         return privileged_containers if len(privileged_containers) > 0 else None
     
     def get_pods_endpoint(self):
+        logging.debug("Active hunter is attempting to find pods endpoints")
         response = requests.get(self.path + "pods")
         if "items" in response.text:
             return json.loads(response.text)