github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-12 04:07:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

minor changes in certificate hunting to match design pattern

Browse Source
This commit is contained in:
daniel_sagi
2018-07-18 11:39:24 +03:00
parent 0668079b30
commit be8895423e
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/modules/hunting/certificates.py
View File

@@ -1,6 +1,6 @@
from ...core.types import Hunter, KubernetesCluster, InformationDisclosure
from ...core.events import handler
from ...core.events.types import Vulnerability, Event, OpenPortEvent
from ...core.events.types import Vulnerability, Event, Service
import ssl
import logging
@@ -14,10 +14,11 @@ email_pattern = re.compile(r"([a-z0-9]+@[a-z0-9]+\.[a-z0-9]+)")
class CertificateEmail(Vulnerability, Event):
"""Certificate includes an email address"""
def __init__(self, email):
Vulnerability.__init__(self, KubernetesCluster, "Certificate includes email address: {0}".format(email), category=InformationDisclosure)
Vulnerability.__init__(self, KubernetesCluster, "Certificate Includes Email Address", category=InformationDisclosure)
self.email = email
self.evidence = "email: {}".format(self.email)
@handler.subscribe(OpenPortEvent)
@handler.subscribe(Service)
class CertificateDiscovery(Hunter):
def __init__(self, event):
self.event = event
@@ -33,4 +34,4 @@ class CertificateDiscovery(Hunter):
certdata = base64.decodestring(c)
emails = re.findall(email_pattern, certdata)
for email in emails:
self.publish_event( CertificateEmail(email) )
self.publish_event( CertificateEmail(email=email) )