From 548ae7e486c265ead9739eef121ec4a18c5ccf69 Mon Sep 17 00:00:00 2001 From: daniel_sagi Date: Mon, 11 Jun 2018 18:28:01 +0300 Subject: [PATCH] changed evidence of priviledged containers, also added casting to str in reporter --- log/reporter.py | 2 +- src/modules/hunting/kubelet.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/log/reporter.py b/log/reporter.py index 895d7c2..2a91168 100644 --- a/log/reporter.py +++ b/log/reporter.py @@ -47,7 +47,7 @@ def print_results(active): for vuln in vulnerabilities: row = ["{}:{}".format(vuln.host, vuln.port), vuln.component.name, vuln.get_name(), vuln.explain()] if active: - evidence = vuln.evidence[:EVIDENCE_PREVIEW] + "..." if len(vuln.evidence) > EVIDENCE_PREVIEW else vuln.evidence + evidence = str(vuln.evidence)[:EVIDENCE_PREVIEW] + "..." if len(str(vuln.evidence)) > EVIDENCE_PREVIEW else str(vuln.evidence) row.append(evidence) vuln_table.add_row(row) diff --git a/src/modules/hunting/kubelet.py b/src/modules/hunting/kubelet.py index fc5614a..0990732 100644 --- a/src/modules/hunting/kubelet.py +++ b/src/modules/hunting/kubelet.py @@ -60,7 +60,8 @@ class PrivilegedContainers(Vulnerability, Event): """A priviledged container on a node, can expose the node/cluster to unwanted root operations""" def __init__(self, containers): Vulnerability.__init__(self, KubernetesCluster, "Priviledged Container") - self.evidence = containers + self.containers = containers + self.evidence = "pod: {}, container: {}".format(containers[0][0], containers[0][1]) """ dividing ports for seperate hunters """