diff --git a/src/modules/discovery/etcd.py b/src/modules/discovery/etcd.py index 3e92540..d3e391e 100644 --- a/src/modules/discovery/etcd.py +++ b/src/modules/discovery/etcd.py @@ -18,8 +18,8 @@ class EtcdAccessEvent(Service, Event): @handler.subscribe(OpenPortEvent, predicate= lambda p: p.port == 2379) class EtcdRemoteAccess(Hunter): - """Etcd Remote Access - Checks for remote availability of etcd, version, read access, write access + """Etcd service + check for the existence of etcd service """ def __init__(self, event): self.event = event diff --git a/src/modules/hunting/etcd.py b/src/modules/hunting/etcd.py index 73f32c3..b0cd2f6 100644 --- a/src/modules/hunting/etcd.py +++ b/src/modules/hunting/etcd.py @@ -6,6 +6,8 @@ from ...core.events import handler from ...core.events.types import Vulnerability, Event, OpenPortEvent from ...core.types import ActiveHunter, Hunter, KubernetesCluster, InformationDisclosure, RemoteCodeExec, \ UnauthenticatedAccess, AccessRisk + + """ Vulnerabilities """ class EtcdRemoteWriteAccessEvent(Vulnerability, Event): """Remote write access might grant an attacker full control over the kubernetes cluster""" @@ -14,6 +16,7 @@ class EtcdRemoteWriteAccessEvent(Vulnerability, Event): Vulnerability.__init__(self, KubernetesCluster, name="Etcd Remote Write Access Event", category=RemoteCodeExec) self.evidence = write_res + class EtcdRemoteReadAccessEvent(Vulnerability, Event): """Remote read access might expose to an attacker cluster's possible exploits, secrets and more.""" @@ -21,6 +24,7 @@ class EtcdRemoteReadAccessEvent(Vulnerability, Event): Vulnerability.__init__(self, KubernetesCluster, name="Etcd Remote Read Access Event", category=AccessRisk) self.evidence = keys + class EtcdRemoteVersionDisclosureEvent(Vulnerability, Event): """Remote version disclosure might give an attacker a valuable data to attack a cluster""" @@ -30,6 +34,7 @@ class EtcdRemoteVersionDisclosureEvent(Vulnerability, Event): category=InformationDisclosure) self.evidence = version + class EtcdAccessEnabledWithoutAuthEvent(Vulnerability, Event): """Etcd is accessible using HTTP (without authorization and authentication), it would allow a potential attacker to gain access to the etcd""" @@ -39,12 +44,13 @@ class EtcdAccessEnabledWithoutAuthEvent(Vulnerability, Event): category=UnauthenticatedAccess) self.evidence = version + # Active Hunter @handler.subscribe(OpenPortEvent, predicate=lambda p: p.port == 2379) class EtcdRemoteAccessActive(ActiveHunter): """Etcd Remote Access - Checks for remote write access to etcd""" - + Checks for remote write access to etcd- will attempt to add a new key to the etcd DB""" + def __init__(self, event): self.event = event self.write_evidence = '' @@ -71,7 +77,7 @@ class EtcdRemoteAccessActive(ActiveHunter): @handler.subscribe(OpenPortEvent, predicate=lambda p: p.port == 2379) class EtcdRemoteAccess(Hunter): """Etcd Remote Access - Checks for remote availability of etcd, version, read access, write access + Checks for remote availability of etcd, its version, and read access to the DB """ def __init__(self, event): diff --git a/src/modules/hunting/secrets.py b/src/modules/hunting/secrets.py index 18f0587..db75f82 100644 --- a/src/modules/hunting/secrets.py +++ b/src/modules/hunting/secrets.py @@ -22,7 +22,8 @@ class SecretsAccess(Vulnerability, Event): # Passive Hunter @handler.subscribe(RunningAsPodEvent) class AccessSecrets(Hunter): - """Accessing the secrets accessible to the pod""" + """Access Secrets + Accessing the secrets accessible to the pod""" def __init__(self, event): self.event = event diff --git a/src/modules/report/plain.py b/src/modules/report/plain.py index 029213d..4171f33 100644 --- a/src/modules/report/plain.py +++ b/src/modules/report/plain.py @@ -16,11 +16,11 @@ class PlainReporter(object): output = "" vulnerabilities_lock.acquire() - vulnerabilities_len = len(services) + vulnerabilities_len = len(vulnerabilities) vulnerabilities_lock.release() services_lock.acquire() - services_len = len(vulnerabilities) + services_len = len(services) services_lock.release() if services_len: