Solved some exception bugs & did some refactoring to code & Added event

2026-05-10 19:26:49 +00:00 · 2018-10-02 18:02:12 +03:00
parent 64722ea1b4
commit f4ff44012e
1 changed files with 6 additions and 0 deletions
--- a/src/modules/discovery/etcd.py
+++ b/src/modules/discovery/etcd.py
@@ -23,6 +23,11 @@ class etcdRemoteVersionDisclosureEvent(Service, Event):
    """Remote version disclosure might give an attacker a valuable data to attack a cluster"""
    def __init__(self):
        Service.__init__(self, name="Etcd Remote version disclosure")
+class etcdAccessEnabledWithoutAuthEvent(Service, Event):
+    """Remote version disclosure might give an attacker a valuable data to attack a cluster"""
+    def __init__(self):
+        Service.__init__(self, name="Etcd is accessible without authorization")
+


@handler.subscribe(OpenPortEvent, predicate= lambda p: p.port == 2379)
@@ -76,6 +81,7 @@ class etcdRemoteAccess(Hunter):

    def execute(self):
        if (self.version_disclosure()):
+           self.publish_event(etcdAccessEnabledWithoutAuthEvent())#if version is accessible we can publish "no auth event".
           self.db_keys_disclosure()
           self.db_keys_write_access()