added requirements.txt

2026-05-13 12:47:20 +00:00 · 2018-06-12 16:55:22 +03:00
parent c2e089b6a5
commit f3b9b5200f
5 changed files with 16 additions and 3 deletions
--- a/log/reporter.py
+++ b/log/reporter.py
@@ -61,7 +61,7 @@ def print_results():
    vuln_table.padding_width=1
    vuln_table.header_style="upper"    
    for vuln in vulnerabilities:
-        row = ["{}:{}".format(vuln.host, vuln.port), vuln.component.name, vuln.get_name(), vuln.explain()]
+        row = ["{}:{}".format(vuln.host, vuln.port) if vuln.host else "", vuln.component.name, vuln.get_name(), vuln.explain()]
        if config.active: 
            evidence = str(vuln.evidence)[:EVIDENCE_PREVIEW] + "..." if len(str(vuln.evidence)) > EVIDENCE_PREVIEW else str(vuln.evidence)
            row.append(evidence)
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,4 +3,5 @@ netifaces
 enum34
 scapy
 requests
-PrettyTable 
+PrettyTable 
+urllib3
--- a/src/core/events/handler.py
+++ b/src/core/events/handler.py
@@ -4,6 +4,7 @@ from collections import defaultdict
 from Queue import Queue
 from threading import Lock, Thread

+import time
 from __main__ import config
 from ..types import ActiveHunter

@@ -23,6 +24,10 @@ class EventQueue(Queue, object):
            t.daemon = True
            t.start()
            self.workers.append(t)
+        t = Thread(target=self.notifier)
+        t.daemon = True
+        t.start()
+

    # decorator wrapping for easy subscription
    def subscribe(self, event, hook=None, predicate=None):
@@ -60,6 +65,12 @@ class EventQueue(Queue, object):
            self.task_done()
        logging.debug("closing thread...")

+    def notifier(self):
+        time.sleep(2)        
+        while self.unfinished_tasks > 0:
+            logging.debug("{} tasks left".format(self.unfinished_tasks))
+            time.sleep(3)
+            
    # stops execution of all daemons
    def free(self):
        self.running = False
--- a/src/modules/discovery/hosts.py
+++ b/src/modules/discovery/hosts.py
@@ -18,6 +18,7 @@ from ..hunting.aks import Azure


 class AzureMetadataApi(Vulnerability, Event):
+    """Access to Azure Metadata API exposes sensitive information about the machines associated with the cluster"""
    def __init__(self, cidr):
        Vulnerability.__init__(self, Azure, "Azure Metadata Exposure")
        self.cidr = cidr
--- a/src/modules/hunting/aks.py
+++ b/src/modules/hunting/aks.py
@@ -70,4 +70,4 @@ class ProveAzureSpnExposure(ActiveHunter):
            self.event.aadClientId = subscription["aadClientId"]
            self.event.aadClientSecret = subscription["aadClientSecret"]
            self.event.tenantId = subscription["tenantId"]     
-            self.event.evidence = "id: {}".format(self.event.subscriptionId)
+            self.event.evidence = "subscription: {}".format(self.event.subscriptionId)