# flake8: noqa: E402 from kube_hunter.conf import Config, set_config set_config(Config(active=True)) from kube_hunter.core.events.handler import handler from kube_hunter.modules.discovery.apiserver import ApiServiceDiscovery from kube_hunter.modules.discovery.dashboard import KubeDashboard as KubeDashboardDiscovery from kube_hunter.modules.discovery.etcd import EtcdRemoteAccess as EtcdRemoteAccessDiscovery from kube_hunter.modules.discovery.hosts import FromPodHostDiscovery, HostDiscovery from kube_hunter.modules.discovery.kubectl import KubectlClientDiscovery from kube_hunter.modules.discovery.kubelet import KubeletDiscovery from kube_hunter.modules.discovery.ports import PortDiscovery from kube_hunter.modules.discovery.proxy import KubeProxy as KubeProxyDiscovery from kube_hunter.modules.hunting.aks import AzureSpnHunter, ProveAzureSpnExposure from kube_hunter.modules.hunting.apiserver import ( AccessApiServer, ApiVersionHunter, AccessApiServerActive, AccessApiServerWithToken, ) from kube_hunter.modules.hunting.arp import ArpSpoofHunter from kube_hunter.modules.hunting.capabilities import PodCapabilitiesHunter from kube_hunter.modules.hunting.certificates import CertificateDiscovery from kube_hunter.modules.hunting.cves import K8sClusterCveHunter, KubectlCVEHunter from kube_hunter.modules.hunting.dashboard import KubeDashboard from kube_hunter.modules.hunting.dns import DnsSpoofHunter from kube_hunter.modules.hunting.etcd import EtcdRemoteAccess, EtcdRemoteAccessActive from kube_hunter.modules.hunting.kubelet import ( ProveAnonymousAuth,
import json from types import SimpleNamespace from requests_mock import Mocker from kube_hunter.conf import Config, set_config set_config(Config()) from kube_hunter.modules.hunting.dashboard import KubeDashboard # noqa: E402 class TestKubeDashboard: @staticmethod def get_nodes_mock(result: dict, **kwargs): with Mocker() as m: m.get("http://mockdashboard:8000/api/v1/node", text=json.dumps(result), **kwargs) hunter = KubeDashboard( SimpleNamespace(host="mockdashboard", port=8000)) return hunter.get_nodes() @staticmethod def test_get_nodes_with_result(): nodes = {"nodes": [{"objectMeta": {"name": "node1"}}]} expected = ["node1"] actual = TestKubeDashboard.get_nodes_mock(nodes) assert expected == actual @staticmethod
def test_execute_scan_remote(self): set_config(Config(remote="1.2.3.4")) f = FromPodHostDiscovery(RunningAsPodEvent()) f.execute()
args = parse_args(add_args_hook=pm.hook.parser_add_arguments) config = Config( active=args.active, cidr=args.cidr, include_patched_versions=args.include_patched_versions, interface=args.interface, log_file=args.log_file, mapping=args.mapping, network_timeout=args.network_timeout, pod=args.pod, quick=args.quick, remote=args.remote, statistics=args.statistics, ) setup_logger(args.log, args.log_file) set_config(config) # Running all other registered plugins before execution pm.hook.load_plugin(args=args) from kube_hunter.core.events import handler from kube_hunter.core.events.types import HuntFinished, HuntStarted from kube_hunter.modules.discovery.hosts import RunningAsPodEvent, HostScanEvent from kube_hunter.modules.report import get_reporter, get_dispatcher logger = logging.getLogger(__name__) config.dispatcher = get_dispatcher(args.dispatch) config.reporter = get_reporter(args.report) def interactive_set_config():
def test_execute_scan_cidr(self): set_config(Config(cidr="1.2.3.4/30")) f = FromPodHostDiscovery(RunningAsPodEvent()) f.execute()