changed import also on test_handler

removed automatic import of handler object in events package and renamed handler.py to event_handler.py to solve name collision
2026-02-25 23:34:18 +00:00 · 2022-05-12 12:08:56 -07:00 · 2022-05-12 11:24:37 -07:00
5 changed files with 13 additions and 47 deletions
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -39,7 +39,7 @@ jobs:
          password: ${{ secrets.ECR_SECRET_ACCESS_KEY }}
      - name: Get version
        id: get_version
-        uses: crazy-max/ghaction-docker-meta@v3
+        uses: crazy-max/ghaction-docker-meta@v1
        with:
          images: ${{ env.REP }}
          tag-semver: |
--- a/1
+++ b/1
@@ -1,6 +1,5 @@
 FROM python:3.8-alpine as builder

-RUN apk update
 RUN apk add --no-cache \
    linux-headers \
    tcpdump \
--- a/job.yaml
+++ b/job.yaml
@@ -5,13 +5,11 @@ metadata:
  name: kube-hunter
 spec:
  template:
-    metadata:
-      labels:
-        app: kube-hunter
    spec:
      containers:
        - name: kube-hunter
-          image: aquasec/kube-hunter:0.6.8
+          image: aquasec/kube-hunter
          command: ["kube-hunter"]
          args: ["--pod"]
      restartPolicy: Never
+  backoffLimit: 4
--- a/kube_hunter/modules/discovery/hosts.py
+++ b/kube_hunter/modules/discovery/hosts.py
@@ -1,14 +1,11 @@
 import os
-import struct
-import socket
 import logging
 import itertools
 import requests

-from pathlib import Path
 from enum import Enum
 from netaddr import IPNetwork, IPAddress, AddrFormatError
-from psutil import net_if_addrs
+from netifaces import AF_INET, ifaddresses, interfaces, gateways

 from kube_hunter.conf import get_config
 from kube_hunter.modules.discovery.kubernetes_client import list_all_k8s_cluster_nodes
@@ -140,9 +137,7 @@ class FromPodHostDiscovery(Discovery):
            elif self.is_aws_pod_v2():
                subnets, cloud = self.aws_metadata_v2_discovery()

-            gateway_subnet = self.gateway_discovery()
-            if gateway_subnet:
-                subnets += gateway_subnet
+            subnets += self.gateway_discovery()

            should_scan_apiserver = False
            if self.event.kubeservicehost:
@@ -222,24 +217,7 @@ class FromPodHostDiscovery(Discovery):
    # for pod scanning
    def gateway_discovery(self):
        """Retrieving default gateway of pod, which is usually also a contact point with the host"""
-        # read the default gateway directly from /proc
-        # netifaces currently does not have a maintainer. so we backported to linux support only for this cause.
-        # TODO: implement WMI queries for windows support
-        # https://stackoverflow.com/a/6556951
-        if not Path("/proc/net/route").exists():
-            logging.debug("Error getting default gateway from /proc/net/route. not runnning in linux environment")
-            return False
-
-        try:
-            with open("/proc/net/route") as fh:
-                for line in fh:
-                    fields = line.strip().split()
-                    if fields[1] != "00000000" or not int(fields[3], 16) & 2:
-                        # If not default route or not RTF_GATEWAY, skip it
-                        continue
-                return [socket.inet_ntoa(struct.pack("<L", int(fields[2], 16))), "24"]
-        except Exception as x:
-            logging.debug(f"Exception when parsing /proc/net/route to figure default gateway: {x}")
+        return [[gateways()["default"][AF_INET][0], "24"]]

    # querying AWS's interface metadata api v1 | works only from a pod
    def aws_metadata_v1_discovery(self):
@@ -360,21 +338,12 @@ class HostDiscovery(Discovery):

    # generate all subnets from all internal network interfaces
    def generate_interfaces_subnet(self, sn="24"):
-        ifaces = net_if_addrs()
-        for _, ifaceAddresses in ifaces.items():
-            # filter only ipv4 addresses on interface
-            ipv4_addresses = list(filter(lambda x: x.family == socket.AF_INET, ifaceAddresses))
-            if ipv4_addresses:
-                for address in ipv4_addresses:
-                    # unless specified explicitly with localhost scan flag, skip localhost ip addresses
-                    if not self.event.localhost and address.address.__str__().startswith(
-                        InterfaceTypes.LOCALHOST.value
-                    ):
-                        continue
-
-                    ip_network = IPNetwork(f"{address.address}/{sn}")
-                    for ip in ip_network:
-                        yield ip
+        for ifaceName in interfaces():
+            for ip in [i["addr"] for i in ifaddresses(ifaceName).setdefault(AF_INET, [])]:
+                if not self.event.localhost and InterfaceTypes.LOCALHOST.value in ip.__str__():
+                    continue
+                for ip in IPNetwork(f"{ip}/{sn}"):
+                    yield ip


 # for comparing prefixes
--- a/setup.cfg
+++ b/setup.cfg
@@ -31,7 +31,7 @@ zip_safe = False
 packages = find:
 install_requires =
    netaddr
-    psutil
+    netifaces
    requests
    PrettyTable
    urllib3>=1.24.3
Author	SHA1	Message	Date
danielsagi	e6d1bb3fb2	changed import also on test_handler	2022-05-12 12:08:56 -07:00
danielsagi	d1867ac430	removed automatic import of handler object in events package and renamed handler.py to event_handler.py to solve name collision	2022-05-12 11:24:37 -07:00