added cidr option, also added a while true when running on a pod, to halt for seeing results before restart

.gitignore

@@ -1 +1,2 @@
-*.pyc
+*.pyc
+Dockerfile

Dockerfile

@@ -1,12 +0,0 @@
-FROM python:2.7.15-jessie
-
-WORKDIR /usr/src/kube-hunter
-
-RUN apt-get update && apt-get install -y tcpdump
-
-COPY requirements.txt ./
-RUN pip install --no-cache-dir -r requirements.txt
-
-COPY . .
-
-ENTRYPOINT ["python", "kube-hunter.py"]

kube-hunter.py

@@ -7,6 +7,7 @@ import time
 
 parser = argparse.ArgumentParser(description='Kube-Hunter, Hunter for weak Kubernetes cluster')
 parser.add_argument('--pod', action="store_true", help="set hunter as an insider pod")
+parser.add_argument('--cidr', type=str, help="set manual cidr to scan, example: 192.168.0.0/16")
 parser.add_argument('--quick', action="store_true", help="scanning only known small sections of the subnet")
 parser.add_argument('--remote', nargs='+', metavar="HOST", default=list(), help="one or more remote ip/dns to hunt")
 parser.add_argument('--active', action="store_true", help="enables active hunting")
@@ -35,6 +36,8 @@ def main():
         handler.free()
         logging.debug("Cleaned Queue")        
         log.print_results()
+    if config.pod:
+        while True: time.sleep(5)
 
 if __name__ == '__main__':
     main()

src/modules/discovery/hosts.py

@@ -50,7 +50,15 @@ class HostDiscovery(Hunter):
     def execute(self):
         logging.info("Discovering Open Kubernetes Services...")
         
-        if config.pod:
+        if config.cidr:
+            try:
+                ip, sn = config.cidr.split('/')
+                cloud = self.get_cloud(ip)
+                for ip in self.generate_subnet(ip, sn=sn):
+                    self.publish_event(NewHostEvent(host=ip, cloud=cloud))                
+            except:
+                logging.error("unable to parse cidr")
+        elif config.pod:
             if self.is_azure_pod():
                 self.azure_metadata_discovery()
             else: