Closed dbernues closed 3 years ago
Thanks for noticing! Thats a bug in our new feature for aws scanning in release v5.0.0
Currently you can run with tag v0.4.1. We will release a new release to fix this later this week 👍👍
@danielsagi Thanks for the latest release! Will you also be updating the image on Docker?
We have github actions that should automatically publish everything. Ill take a look at why the release is not there..
@dbernues The new release v0.5.2 is on dockerhub :)
What happened
I tried to run kube-hunter in pod mode using the job in
kube-hunter/job.yaml
but the end result is always that "Kube Hunter couldn't find any clusters" and the only vulnerabilities it can find are those local to the pod where kube-hunter is running.I thought at first this had to do with pod permissions, but after running kube-hunter with
--log debug
I saw an error having to do with how subnets are discovered. This is the error:172.35.0.0/22 is where I have one of two worker nodes attached to my EKS cluster; the other is in a different subnet (172.35.8.0/22). If I run kube-hunter as a container in either worker node, there is no problem with finding the other.
Expected behavior
Kube-hunter should be able to reach and find the vulnerabilities of the pod it is running on as well as the others that are in the cluster.