Merge branch 'master' into more-service-account-token-hunters

src/modules/discovery/etcd.py

@@ -18,8 +18,8 @@ class EtcdAccessEvent(Service, Event):
 
 @handler.subscribe(OpenPortEvent, predicate= lambda p: p.port == 2379)
 class EtcdRemoteAccess(Hunter):
-    """Etcd Remote Access
-    Checks for remote availability of etcd, version, read access, write access
+    """Etcd service
+    check for the existence of etcd service
     """
     def __init__(self, event):
         self.event = event

src/modules/hunting/etcd.py

@@ -6,6 +6,8 @@ from ...core.events import handler
 from ...core.events.types import Vulnerability, Event, OpenPortEvent
 from ...core.types import ActiveHunter, Hunter, KubernetesCluster, InformationDisclosure, RemoteCodeExec, \
     UnauthenticatedAccess, AccessRisk
+
+
 """ Vulnerabilities """
 class EtcdRemoteWriteAccessEvent(Vulnerability, Event):
     """Remote write access might grant an attacker full control over the kubernetes cluster"""
@@ -14,6 +16,7 @@ class EtcdRemoteWriteAccessEvent(Vulnerability, Event):
         Vulnerability.__init__(self, KubernetesCluster, name="Etcd Remote Write Access Event", category=RemoteCodeExec)
         self.evidence = write_res
 
+
 class EtcdRemoteReadAccessEvent(Vulnerability, Event):
     """Remote read access might expose to an attacker cluster's possible exploits, secrets and more."""
 
@@ -21,6 +24,7 @@ class EtcdRemoteReadAccessEvent(Vulnerability, Event):
         Vulnerability.__init__(self, KubernetesCluster,  name="Etcd Remote Read Access Event", category=AccessRisk)
         self.evidence = keys
 
+
 class EtcdRemoteVersionDisclosureEvent(Vulnerability, Event):
     """Remote version disclosure might give an attacker a valuable data to attack a cluster"""
 
@@ -30,6 +34,7 @@ class EtcdRemoteVersionDisclosureEvent(Vulnerability, Event):
                                category=InformationDisclosure)
         self.evidence = version
 
+
 class EtcdAccessEnabledWithoutAuthEvent(Vulnerability, Event):
     """Etcd is accessible using HTTP (without authorization and authentication), it would allow a potential attacker to
      gain access to the etcd"""
@@ -39,12 +44,13 @@ class EtcdAccessEnabledWithoutAuthEvent(Vulnerability, Event):
                                category=UnauthenticatedAccess)
         self.evidence = version
 
+
 # Active Hunter
 @handler.subscribe(OpenPortEvent, predicate=lambda p: p.port == 2379)
 class EtcdRemoteAccessActive(ActiveHunter):
     """Etcd Remote Access
-    Checks for remote write access to etcd"""
-    
+    Checks for remote write access to etcd- will attempt to add a new key to the etcd DB"""
+
     def __init__(self, event):
         self.event = event
         self.write_evidence = ''
@@ -71,7 +77,7 @@ class EtcdRemoteAccessActive(ActiveHunter):
 @handler.subscribe(OpenPortEvent, predicate=lambda p: p.port == 2379)
 class EtcdRemoteAccess(Hunter):
     """Etcd Remote Access
-    Checks for remote availability of etcd, version, read access, write access
+    Checks for remote availability of etcd, its version, and read access to the DB
     """
 
     def __init__(self, event):

src/modules/hunting/secrets.py

@@ -22,7 +22,8 @@ class SecretsAccess(Vulnerability, Event):
 # Passive Hunter
 @handler.subscribe(RunningAsPodEvent)
 class AccessSecrets(Hunter):
-    """Accessing the secrets accessible to the pod"""
+    """Access Secrets
+    Accessing the secrets accessible to the pod"""
 
     def __init__(self, event):
         self.event = event

src/modules/report/plain.py

@@ -16,11 +16,11 @@ class PlainReporter(object):
         output = ""
 
         vulnerabilities_lock.acquire()
-        vulnerabilities_len = len(services)
+        vulnerabilities_len = len(vulnerabilities)
         vulnerabilities_lock.release()
 
         services_lock.acquire()
-        services_len = len(vulnerabilities)
+        services_len = len(services)
         services_lock.release()
 
         if services_len: