Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

also identify open cAdvisor #75

Open
carnal0wnage opened this issue Jan 4, 2019 · 5 comments
Open

also identify open cAdvisor #75

carnal0wnage opened this issue Jan 4, 2019 · 5 comments
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@carnal0wnage
Copy link

It would be nice if kube-hunter also identified open cAdvisor

http://192.168.41.233:4194/api/v2.0/spec?recursive=true
@oriagmon
Copy link
Contributor

oriagmon commented Jan 7, 2019

Hey, that's a great idea and we actually planning to add such hunter!

@lizrice lizrice added the enhancement New feature or request label Feb 15, 2019
@lizrice lizrice added the good first issue Good for newcomers label Oct 4, 2019
@iyehuda
Copy link
Contributor

iyehuda commented Oct 20, 2019

Hi @carnal0wnage !

Sorry for taking forever to deal with this issue.
Can you explain more about implications of finding an open cAdvisor endpoint?
Are you familiar with cAdvisor vulnerabilities that we can scan for or information we can gather from such open service?

@RaitoBezarius
Copy link
Contributor

@iyehuda It appears to me that getting the remote REST API of cAdvisor enables us to get a lot of info on all running containers, as per https://github.com/google/cadvisor/blob/master/docs/api.md

@swapniljha001
Copy link

Is this issue still unresolved?

@danielsagi
Copy link
Contributor

@swapniljha001 Yes

@danielsagi danielsagi pinned this issue Nov 28, 2020
py-go pushed a commit to py-go/kube-hunter that referenced this issue Aug 29, 2021
@krisctl
fix: Add check for empty server lines in docker config (aquasecurity#77)
f87b354 
Resolves: aquasecurity#75

Co-authored-by: Krishan-Sharma <krishan.sharma@mathworks.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@RaitoBezarius @lizrice @carnal0wnage @oriagmon @swapniljha001 @iyehuda @danielsagi