From beb50d40bce41bec52ac7db27065111868f32e36 Mon Sep 17 00:00:00 2001 From: daniel_sagi Date: Thu, 10 May 2018 19:02:07 +0300 Subject: [PATCH] Added .gitignore file, ignoring .pyc files, Also changed modules structure --- .gitignore | 1 + discovery/__init__.py | 6 ++++ discovery/dashboard.py | 16 ++++++++++ .../host_discovery.py => discovery/hosts.py | 0 .../port_discovery.py => discovery/ports.py | 6 ++-- events.py | 2 +- events.pyc | Bin 2175 -> 0 bytes hunting/__init__.py | 4 +++ hunting/dashboard.py | 29 ++++++++++++++++++ kube-hunter.py | 5 +-- modules/__init__.py | 6 ---- modules/__init__.pyc | Bin 396 -> 0 bytes modules/__pycache__/__init__.cpython-36.pyc | Bin 315 -> 0 bytes .../__pycache__/host_discovery.cpython-36.pyc | Bin 1071 -> 0 bytes .../kube_open_dashboard.cpython-36.pyc | Bin 1155 -> 0 bytes .../__pycache__/port_discovery.cpython-36.pyc | Bin 1332 -> 0 bytes modules/host_discovery.pyc | Bin 1315 -> 0 bytes modules/kube_open_dashboard.py | 29 ------------------ modules/kube_open_dashboard.pyc | Bin 1609 -> 0 bytes modules/port_discovery.pyc | Bin 1867 -> 0 bytes 20 files changed, 62 insertions(+), 42 deletions(-) create mode 100644 .gitignore create mode 100644 discovery/__init__.py create mode 100644 discovery/dashboard.py rename modules/host_discovery.py => discovery/hosts.py (100%) rename modules/port_discovery.py => discovery/ports.py (81%) delete mode 100644 events.pyc create mode 100644 hunting/__init__.py create mode 100644 hunting/dashboard.py delete mode 100644 modules/__init__.py delete mode 100644 modules/__init__.pyc delete mode 100644 modules/__pycache__/__init__.cpython-36.pyc delete mode 100644 modules/__pycache__/host_discovery.cpython-36.pyc delete mode 100644 modules/__pycache__/kube_open_dashboard.cpython-36.pyc delete mode 100644 modules/__pycache__/port_discovery.cpython-36.pyc delete mode 100644 modules/host_discovery.pyc delete mode 100644 modules/kube_open_dashboard.py delete mode 100644 modules/kube_open_dashboard.pyc delete mode 100644 modules/port_discovery.pyc diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7e99e36 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*.pyc \ No newline at end of file diff --git a/discovery/__init__.py b/discovery/__init__.py new file mode 100644 index 0000000..7d881ec --- /dev/null +++ b/discovery/__init__.py @@ -0,0 +1,6 @@ +from .dashboard import KubeDashboard +from .ports import PortDiscovery +from .hosts import HostDiscovery + +__all__ = [HostDiscovery, KubeDashboard, PortDiscovery] + diff --git a/discovery/dashboard.py b/discovery/dashboard.py new file mode 100644 index 0000000..6dcd8ec --- /dev/null +++ b/discovery/dashboard.py @@ -0,0 +1,16 @@ +import events +import requests + +class KubeDashboard(object): + def __init__(self, task): + self.task = task + self.host = task['host'] + self.port = task['port'] or 80 + pass + + def execute(self): + # TODO: insert logic for detremining dashboard/insecure dashboard is there + events.handler.publish_event('KUBE_DASHBOARD', {'host': self.host, 'port': self.port}) + + +events.handler.subscribe_event('OPEN_PORT_30000', KubeDashboard) diff --git a/modules/host_discovery.py b/discovery/hosts.py similarity index 100% rename from modules/host_discovery.py rename to discovery/hosts.py diff --git a/modules/port_discovery.py b/discovery/ports.py similarity index 81% rename from modules/port_discovery.py rename to discovery/ports.py index 714e0ee..7f66eab 100644 --- a/modules/port_discovery.py +++ b/discovery/ports.py @@ -1,8 +1,8 @@ from socket import socket import events -default_ports = [8001, 10250, 10255, 30000] +default_ports = [8001, 10250, 10255, 30000] class PortDiscovery(object): def __init__(self, task): @@ -11,9 +11,7 @@ class PortDiscovery(object): def execute(self): for single_port in default_ports: if self.test_connection(self.host, single_port): - events.handler.publish_event('OPEN_PORT', {'host': self.host, 'port': single_port}) - events.handler.publish_event('OPEN_PORT_{port}'.format(port=single_port), - {'host': self.host, 'port': single_port}) + events.handler.publish_event('OPEN_PORT_{port}'.format(port=single_port), {'host': self.host, 'port': single_port}) @staticmethod def test_connection(host, port): diff --git a/events.py b/events.py index 938dc09..79c9f8a 100644 --- a/events.py +++ b/events.py @@ -16,8 +16,8 @@ class EventQueue(Queue, object): t.start() def publish_event(self, name, item): + safe_print('Event {} got published with {}'.format(name, item)) if name in self.hooks: - safe_print('Event {} got published with {}'.format(name, item)) for single_hook in self.hooks[name]: self.put(single_hook(item)) diff --git a/events.pyc b/events.pyc deleted file mode 100644 index 6e98d5aa1a0a6eb5c5d79b0fd9d5fddd0b15dded..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2175 zcmb_d-;dKq5T3R3;~b72;wU0gg-+^2BWOX0ClG2;xvG7ruBwA{trfI#yqm;{W9Pi< zaus(^@XnvoKd!vD-;6_#z9;9Mo1I67iUmh6$~ zvo(px_Q~wgTSdu$Ohn_+0RHoT@Ea*;z6w^m4*~xdt$QkKrCdAkai@Gk%9K5OE-}g=9ieI%GPcbSWN>IG~&l z&iEL1#p4Brn?iUziY}0GK+Ax$RX!x&;S^!jT{?e4zDE~|Eyu6!(`7&&Ajt9(P>{OB z3lUv}qz5dQ*W{S9hjeNP2(jN2905;hJ-2?e&nm~|nvJbvj>qpoXq}h2*E;4m5CTz= zJ1;vIRkd=W)oD4mv0%+dzOL$(t!4Aey0PNMq;_4Etp~XDBk{n(*A`Hg~lR8uf!J)dTB9(=hb38nx6sJ%CF%Vx8t$I|Cxhwz~HDNm{gGZ4% zzrWoC>+ty1kN`fv1&K%Y@V2wZbXv;A*y8W*!h>+@=*{KPyz)nzW(s&0)*QXg{Q_2j zDdvC$BA3pr-qd;N1=LwpuTu|h5N(v>wxZkDvn(MY(RQ+{{ zKw{T|^-Xri{2_IqZmU}@ydNPJc#p9NrZb)Z^HV$l8N(+i4_AGvpMNrER9o2pkLBk$ zZrn^=R_9Y|o-(4oV%b7?h~@Ye3jvd9nr=3>G$Rg5P>XLv6Vii0#Wc-!jS`o}eGIY1 z=?N9(jzG6_ZX=9Ye4~bp6F5#+xCW*YOt!aaC^P^^^-Pnx!9Z| zZaI1cn$@|@8gJ1ZkZtN#+Ek^LhH%B5-BToH0y5vXtccXU8mN(UAm)kI%vY_2=31{S z(}1d4?rS{6hWHB>e99GfMcYYR;0wcHNOV25A4R>Wm%$*_;3$9LRgM9rcz=TwPzP!8 zar*J6Q-klzZxCbocAT_d5bp1CRW-LG0a&gh`fb}aSFBwnvy(iS=3jB7oDiwL%0GY$ zCnLr!W>Z^s`TC(7v^|>_v#Ka;=JTp_(&}TTj5L{Qy2OHf5#ldljM;}UX_1zuu=Q06 cJFAD>!e=cBzGX7I&me9n`RfetMk?z53!`+*r2qf` diff --git a/hunting/__init__.py b/hunting/__init__.py new file mode 100644 index 0000000..d73b2a6 --- /dev/null +++ b/hunting/__init__.py @@ -0,0 +1,4 @@ +from .dashboard import KubeDashboard + +__all__ = [KubeDashboard] + diff --git a/hunting/dashboard.py b/hunting/dashboard.py new file mode 100644 index 0000000..3cff369 --- /dev/null +++ b/hunting/dashboard.py @@ -0,0 +1,29 @@ +import events +import requests +from events import safe_print + +class KubeDashboard(object): + def __init__(self, task): + self.host = task['host'] + self.port = task['port'] or 30000 + + def execute(self): + print("KUBEDASHBOARD At: {} {}".format(self.host, self.port)) + if self.secured: + safe_print("SECURED DASHBOARD") + else: + safe_print("INSECURE DASHBOARD") + + @property + def secured(self): + try: + r = requests.get("http://{host}:{port}/api/v1/node?itemsPerPage=100".format(host=self.host, port=self.port)) + except requests.exceptions.ConnectionError: + return True + + ret = r.json() + if 'listMeta' in ret: + return False + return True + +events.handler.subscribe_event('KUBE_DASHBOARD', KubeDashboard) \ No newline at end of file diff --git a/kube-hunter.py b/kube-hunter.py index eae7ca4..4fbcd42 100644 --- a/kube-hunter.py +++ b/kube-hunter.py @@ -1,11 +1,12 @@ -import modules +import discovery +import hunting import threading import time import sys def main(): try: - modules.HostDiscovery({}).execute() + discovery.HostDiscovery({}).execute() # Blocking to see discovery output while(True): time.sleep(1) diff --git a/modules/__init__.py b/modules/__init__.py deleted file mode 100644 index 440ff65..0000000 --- a/modules/__init__.py +++ /dev/null @@ -1,6 +0,0 @@ -from .kube_open_dashboard import KubeOpenDashboard -from .port_discovery import PortDiscovery -from .host_discovery import HostDiscovery - -__all__ = [HostDiscovery, KubeOpenDashboard, PortDiscovery] - diff --git a/modules/__init__.pyc b/modules/__init__.pyc deleted file mode 100644 index 928d88dd4f1c9f215d72a59474aee97ebc9b737a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 396 zcmYk0-%7(U6vj`Qb&4=ie2Lz;2M`fqyHJEF^R5IAZ4%njv?)od>}`BS@dZ4w8#RBv zNlg|ACnI5kBpir%aX+r~@#q1|D&pRAwlU3L~p zHzX~Q&=LyOiM1yi!X?Q-EL11h{_p$f*980LC-HqGA{NFVW^{#F{4xV*W zQCZ=g6lD|2QMNj)t*eBWg|V^~v7_61?1OfqvuZTj3&f^x0^)i&gma?ZPr*a%$S+B* H7|rAtDnDJN diff --git a/modules/__pycache__/__init__.cpython-36.pyc b/modules/__pycache__/__init__.cpython-36.pyc deleted file mode 100644 index 94eb4c7a13ca9a418c50602c278949c53f982d23..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 315 zcmXr!<>jhZejjz3fq~&M5W@j8kmUfx#YR9Pg&~D8has0Sijfh-X3Am8WsYJ7vzc>P za#^ET85vSpQyEj4)0v~#Qdoi+G+AFV0ySzf-V*dKO-l7INX>IeEY3*EPb^9S3i1Zz z7nQhV7ANPIr506!1U&MK5dwai>`}tmKz;G~K#lP!Fr7tAKr^HG3V@p9Q((G_Ku(R~ z%K#dHB*+33yu}_LpO}*qAHR~Jhz-aG6TkGFtzyFSi?U-93riDYK(^>+l;)MB7U>$r nlIYq;;?~;+JQV&3^Ip@5eS(8Jxo@O diff --git a/modules/__pycache__/host_discovery.cpython-36.pyc b/modules/__pycache__/host_discovery.cpython-36.pyc deleted file mode 100644 index 4881d0beb08ea71fb8339629763a8acc700b6af1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1071 zcmZuvO;6iE5Z(3KjuVm|D%y&whe|#9K#G7<6`>+N3KzE$sFAE7*LXLD6=88-Ou!Bh(-PB_g- zPD7eop_Q|cQ9QFUJ9k2-^jYSH?gzqc?%WXWh{}wG9%o0ycYi?!;xkiA2U^H(oCsx> z(r(PT6iUISvb`T227AXoHPypUfzV$Ic^)Jfwip0!4(Am(f`pWl(BhO^HzZ`7aT``B zjpa<^pip`@RY`FvBPfP+&Leeiq*3bl2~2uL|iQsw_{(&mVwlE}kTa z2!{jaf|cmH;9PytWJY$$$>%AZ6V-G=XS8o=)*~}(m(1wYnpo1)HfMcjVsU!~&ft_? zz1H@G%_u}KPi^h?E8OAk#7^nVqGY(=CPS}1=U)l#ARtoI)V8+IuD+L1Ktmc}b>AhyM27$M=R+cKA6#2zg9kXF-myG>~B8V%IjI?OBvLcBy zwFS;1YV3Yno4#G&l&FvKg1vTh@bT!_*eJK}NlYji-qn=QTy*16rX`}6sHAbbh0J4Z zTyZG|TA7BHX|E?_RPKF8dhjZ&LKh|?h;w18ckLLuYIHgfI;^U6(91-WUi?STRQ@7I zt_lefTBk3mO`p;ybo}g5mVxhJXAGcN6q#BS%^L{(dK5u>W%C=k1li;ZobLK??qM;B zErM1yutz;sp7_Ry{t4^x4g^2bmZiT`Tc;B(zFO@#G_I{91v;LB8pZ;);69tyGeGpwo|of zdLdl-2mAs4lCPXNA#voyIH44&!qJS!v!3zH_f6KPr%ONQeuN(#LcWoImWTExiW;I4 zM9?k?Cp!)4Dj@U zxb)F0-{~S0UXTw{VG)W+X+$VFZtvl%yQEzFjuntb%j(O;(AY##%cy{aRFIGfD%d9y zI>Hey?ym4K+Bb8r`v$-t5?(-cQXUm!-*k!_oB*EU0KK2>uxuAO_z2y@8>Lq@sBp*_z%2r76K_3vwN2sWP)$S(-x29$reB$cAwIG?bM_7vwh3*E^VS;Cxh z-YU!RKgzx@?V#F!rLqHtFBZn0aCW=-vca3%J8${=DlYp{FN#yn2h+8UwMy;b<4Ubk zt38TW`*tv|kSX5?eK>(sD`|(r_}M{%*i6#SNH{_&K=SbwxnOU&mYvW;y!&AMC`U4c gq49rfHo=ogtIzBtD%%`8zV1>}KKY%z)A`&T*HK^rvS0OI8mAFNv+WjhUf2`Ndc=~Qw^$8JxC>03&%ut1 z?>}R#h(1SkkJQ74v7CH1%fro66oa=67}m{Fp|}#)EcK`deEZO&POe$Y(?InxPv{1R zwYDz`lh?07zsUuDO^eO*!gF*u?g3NU?QAvpgeWH&CL8S zru%68_si!`CMUI?PqK?9o6MV6@ZhYeEa(T1CW~4%C78)Mrk84ye|Y}Jg;Ew(VWkWy zcUKT!-oI7maO0A5^r1y=0ZLczA#N^zwhY02cEwk0Mj}?c6*{oq%vU#OCH@pNy3Xd! zdf21?$DO;207pU{_r~eg!QsoXJUsa2I1ydj&ZqL1yYKAsH!@ryDiPL@1a6?|3&zU4t}4iFQCI6I0lbC^ZwFQv(qTZUR}X`w+oq_dC3KNGeAkLl za(%djys@y22SceDkN6JXM_GP&8@e0Mcax^^5qUb~p5Vr^mR*UJnBl~UxVRJ6TOnyy z{8Y63%0r7!bX|E$Amtw`?}#bC!{{vyM3XxHA?axvi;E0cTP&b%tcz}XmvHGkW3}t$ zWo;nwJ0v>P95-p-G$Afnz|T1%x;tgn*`~y`;#gR1vwX9D9>EvE$UcF0DvT z<-naAKf%Yr9cCtlenGLklbxOM?#z2{Gw4a8<0upRmgx`p{J00 z=y}L}^n56edB|$W>*&>&zK^VdUIR%DW(5OeAZCGerQio{2^)u3(D-}JQjB-dnj z>P$I^Vq@Jcb_Y?Cl*U@}SIB?!P9Jpkj#`TI*T@{a?-=)~C?_4aLGFHGT|2dLac0Vk ze|>QFTN?H*83Qh#DyCwn1L}zGIu2Nq4P@dX zJ6Xm!!5)&?eGzhHc1G=l!y>e09QIS!ui}Yu+eJAHZ5(AqJP9XN-#i*s+a=DsESCutbEOO=uSvz$GzPS9?je8oaxNPsEK6)qLV z9-PlBmmbUSqd?avzI2 zTm$13jEUMBQaY*5gg>Vf)aeArr%lj%EI4wl9RZEWwd{U=yx4jAETtKw&CcGj-aqUf zNfsl~VzOC=2!wmqiZw1VgQ&_}z(@olBHnFKlzHT+AY%K>Ox;pDqiC9BrWBpbs(zN* zk(RLNFsM_uNQyKUn@*G)!iy9rYu75|O>Nbm8YcmpPKTM%>FkENXKu~8i7RKM^>y;0 zHr0-5s4aC{wOEW-3Yk*vTFZ6PdMPKZ1KuIHL*}|tncaj`1FlApl8IXLg+D=zkQ0RE tPi4ub&?onsf(*4#8SsS`5{v%W#7;K-55)_LFPFHzVhM;s?-AJR{vU;KE0O>J diff --git a/modules/kube_open_dashboard.py b/modules/kube_open_dashboard.py deleted file mode 100644 index 99f8273..0000000 --- a/modules/kube_open_dashboard.py +++ /dev/null @@ -1,29 +0,0 @@ -import events -import requests - -class KubeOpenDashboard(object): - def __init__(self, task): - self.task = task - self.host = task['host'] - self.port = task['port'] or 80 - pass - - def execute(self): - try: - r = requests.get("http://{host}:{port}/api/v1/node?itemsPerPage=100".format(host=self.host, port=self.port)) - except requests.exceptions.ConnectionError: - return None - - ret = r.json() - if 'listMeta' in ret: - events.safe_print("KubeOpenDashboard :: Open Dashboard!", self.host) - - -events.handler.subscribe_event('OPEN_PORT_30000', KubeOpenDashboard) - -if __name__ == "__main__": - queue = list() - queue.append(KubeOpenDashboard({'host': '192.168.1.117', 'port': 30000})) - queue.append(KubeOpenDashboard({'host': '192.168.1.117', 'port': None})) - for i in queue: - i.execute() diff --git a/modules/kube_open_dashboard.pyc b/modules/kube_open_dashboard.pyc deleted file mode 100644 index be5cf263a67b56cb57452654e75730f826704799..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1609 zcmcgrOK;Oa5T11&P12S}DV)B3`2H36Vx_B_Ik~Irg-%li2R=y0mI@ zD*uC@z>Ncc3+^zpeIdb>I^M~6Jv)!@`<(kRTlxCnXV-_bt3dy+XzA}{0=fl^0J;~x zfUbbR0d!!8oE&@xI05+3%>e>Ld58)SJ z?whQSn<>WYo*wiQPX!kP3wrySmcB!VM&R*)r|MF7!a6x{x2g`k_Su}TH9oXL=2*Zn zfV2*sSl|cRvM?>A_ZTGJqI3XT)jXYO8@7W)8|$QrGGT{ysyQ-t%XoU|a%(P^v&HSc z#?g+;QB_)}MsJh1*6Mvq)KI6MkGMyTzcOb8wsoa0kV4^4>@OBu$Yk&<_dQ%!+y8b9dZHk(R~cfSki+FeC$- zT|h(=J3M-nJHvqFaRLreJQ2jyZOC(M0iq%dE1)(&2*DV=C+wmUQ#zp(c{p}pSOjIj zlp(6HqE3^t!kBM{mAh!`CfR{8X{%m8Vt6O5BL;U;_tLPw->k<;fGz|oqwPl;PUt`V`AA#`VmoTs~O%LcyTa7WsB*ouYDEvQCd#jc|OGLu=or^LPE;W q=J8UJTj0)c2s0dBDOwhXXQynv;PRTeB5IvmbMr)TSuD|SR{RFR&TAh4 diff --git a/modules/port_discovery.pyc b/modules/port_discovery.pyc deleted file mode 100644 index 34704db7b7ff380dc65a612ca421ff974e3d0a96..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1867 zcmcgsO>f&q5S=9@%aWzWNt+-ahhBPM14M{&aMBtbR8X*>$dyHjB4zF} zbsGB+IR7Qb{DU0&mzsO>X5=(!fgW9%91mxPvor6_(EqE`dVl@nFs9RA9slp+wtqq- zxD;hX3!)*B;%ARCMMFi2Pf3lEIwfngU!$Q%NrQ|}6S&stEzt?lZ^IfHMYB51)+lL` zsnLl?$}}ix(cGi*1DSOW9KzS6S&Ji5B-o&&Op^fwteu0AK*0{AIo*UOsAN&YcD}Xr1;${VZ2mYO+bdOUT7cWiu z>Th5?cpmcGKSLOlj53M))GxOreyr*IJXh>rQ)FZUzPaUS9b2^3v9BGQ8N zAmEU`t3gf+>!je2ZQ>BSHQ7WI7uh+AhL45ahIn*$^m|dx?J|nZXulZQG9HanH?Fwb zZc*-!Y#e3ieKfDe=Ek(johe6)BB?TCM@uxVlP_I&m#^G9a%!FCsneQu%cYQt8Anzb zN@?Z|l*2#B5tu0HSP@#9t)$0Yg7UIK&Zk+8M*&Tzup6GP zC-qcD{8UTXT{P(faSTNiqc!#VxuErYY(uFB1Cy%FK zYjcRB;B_VPV1Kd#fn4ftSs5`sjWTNjHVG}E(8#B(Xt7ls8*9%N-;jsx0-wnr8S9Ph;)jUQ|82h63ph|H4w>R` z9YVID7|*ata%#x)C`)Fmv5m`gY*uR%US