search

aquasecurity / kube-hunter

Hunt for security weaknesses in Kubernetes clusters
Apache License 2.0
4.66k stars 578 forks source link

Cluster Not found - bare python installation #475

Closed DiptoChakrabarty closed 2 years ago

DiptoChakrabarty commented 2 years ago

What happened

Kube Hunter returns back cluster not found

I have installed kube-hunter using pip in a virtual environment , however I keep getting an error of cluster not found in output I am attempting to perform a remote scan using the python package from a terminal

Expected behavior

Should return the list of vulnerabilities present

Provide list of vulnerabilities and report Selection_054

danielsagi commented 2 years ago

Hi, can you run again with --log debug flag?

DiptoChakrabarty commented 2 years ago

2021-08-20 20:50:03,632 DEBUG root <class 'kube_hunter.modules.report.collector.Collector'> subscribed to <class 'kube_hunter.core.events.types.Vulnerability'> 2021-08-20 20:50:03,633 DEBUG root <class 'kube_hunter.modules.report.collector.Collector'> subscribed to <class 'kube_hunter.core.events.types.Service'> 2021-08-20 20:50:03,633 DEBUG root <class 'kube_hunter.modules.report.collector.SendFullReport'> subscribed to <class 'kube_hunter.core.events.types.HuntFinished'> 2021-08-20 20:50:03,633 DEBUG root <class 'kube_hunter.modules.report.collector.StartedInfo'> subscribed to <class 'kube_hunter.core.events.types.HuntStarted'> 2021-08-20 20:50:03,657 DEBUG root <class 'kube_hunter.modules.discovery.apiserver.ApiServiceDiscovery'> subscribed to <class 'kube_hunter.core.events.types.OpenPortEvent'> 2021-08-20 20:50:03,657 DEBUG root <class 'kube_hunter.modules.discovery.apiserver.ApiServiceClassify'> filter subscribed to <class 'kube_hunter.modules.discovery.apiserver.K8sApiService'> 2021-08-20 20:50:03,657 DEBUG root <class 'kube_hunter.modules.discovery.dashboard.KubeDashboard'> subscribed to <class 'kube_hunter.core.events.types.OpenPortEvent'> 2021-08-20 20:50:03,658 DEBUG root <class 'kube_hunter.modules.discovery.etcd.EtcdRemoteAccess'> subscribed to <class 'kube_hunter.core.events.types.OpenPortEvent'> 2021-08-20 20:50:03,990 DEBUG root <class 'kube_hunter.modules.discovery.hosts.FromPodHostDiscovery'> subscribed to <class 'kube_hunter.modules.discovery.hosts.RunningAsPodEvent'> 2021-08-20 20:50:03,990 DEBUG root <class 'kube_hunter.modules.discovery.hosts.HostDiscovery'> subscribed to <class 'kube_hunter.modules.discovery.hosts.HostScanEvent'> 2021-08-20 20:50:03,991 DEBUG root <class 'kube_hunter.modules.discovery.kubectl.KubectlClientDiscovery'> subscribed to <class 'kube_hunter.core.events.types.HuntStarted'> 2021-08-20 20:50:03,991 DEBUG root <class 'kube_hunter.modules.discovery.kubelet.KubeletDiscovery'> subscribed to <class 'kube_hunter.core.events.types.OpenPortEvent'> 2021-08-20 20:50:03,992 DEBUG root <class 'kube_hunter.modules.discovery.ports.PortDiscovery'> subscribed to <class 'kube_hunter.core.events.types.NewHostEvent'> 2021-08-20 20:50:03,992 DEBUG root <class 'kube_hunter.modules.discovery.proxy.KubeProxy'> subscribed to <class 'kube_hunter.core.events.types.OpenPortEvent'> 2021-08-20 20:50:03,994 DEBUG root <class 'kube_hunter.modules.hunting.kubelet.ReadOnlyKubeletPortHunter'> subscribed to <class 'kube_hunter.modules.discovery.kubelet.ReadOnlyKubeletEvent'> 2021-08-20 20:50:03,994 DEBUG root <class 'kube_hunter.modules.hunting.kubelet.SecureKubeletPortHunter'> subscribed to <class 'kube_hunter.modules.discovery.kubelet.SecureKubeletEvent'> 2021-08-20 20:50:03,995 DEBUG root <class 'kube_hunter.modules.hunting.aks.AzureSpnHunter'> subscribed to <class 'kube_hunter.modules.hunting.kubelet.ExposedPodsHandler'> 2021-08-20 20:50:03,995 DEBUG root <class 'kube_hunter.modules.hunting.apiserver.AccessApiServer'> subscribed to <class 'kube_hunter.modules.discovery.apiserver.ApiServer'> 2021-08-20 20:50:03,996 DEBUG root <class 'kube_hunter.modules.hunting.apiserver.AccessApiServerWithToken'> subscribed to <class 'kube_hunter.modules.discovery.apiserver.ApiServer'> 2021-08-20 20:50:03,996 DEBUG root <class 'kube_hunter.modules.hunting.apiserver.ApiVersionHunter'> subscribed to <class 'kube_hunter.modules.discovery.apiserver.ApiServer'> 2021-08-20 20:50:04,332 DEBUG root <class 'kube_hunter.modules.hunting.capabilities.PodCapabilitiesHunter'> subscribed to <class 'kube_hunter.modules.discovery.hosts.RunningAsPodEvent'> 2021-08-20 20:50:04,333 DEBUG root <class 'kube_hunter.modules.hunting.certificates.CertificateDiscovery'> subscribed to <class 'kube_hunter.core.events.types.Service'> 2021-08-20 20:50:04,338 DEBUG root <class 'kube_hunter.modules.hunting.cves.K8sClusterCveHunter'> subscribed to <class 'kube_hunter.core.events.types.K8sVersionDisclosure'> 2021-08-20 20:50:04,338 DEBUG root <class 'kube_hunter.modules.hunting.cves.KubectlCVEHunter'> subscribed to <class 'kube_hunter.modules.discovery.kubectl.KubectlClientEvent'> 2021-08-20 20:50:04,338 DEBUG root <class 'kube_hunter.modules.hunting.dashboard.KubeDashboard'> subscribed to <class 'kube_hunter.modules.discovery.dashboard.KubeDashboardEvent'> 2021-08-20 20:50:04,339 DEBUG root <class 'kube_hunter.modules.hunting.etcd.EtcdRemoteAccess'> subscribed to <class 'kube_hunter.core.events.types.OpenPortEvent'> 2021-08-20 20:50:04,340 DEBUG root <class 'kube_hunter.modules.hunting.mounts.VarLogMountHunter'> subscribed to <class 'kube_hunter.modules.hunting.kubelet.ExposedPodsHandler'> 2021-08-20 20:50:04,340 DEBUG root <class 'kube_hunter.modules.hunting.proxy.KubeProxy'> subscribed to <class 'kube_hunter.modules.discovery.proxy.KubeProxyEvent'> 2021-08-20 20:50:04,341 DEBUG root <class 'kube_hunter.modules.hunting.secrets.AccessSecrets'> subscribed to <class 'kube_hunter.modules.discovery.hosts.RunningAsPodEvent'> 2021-08-20 20:50:04,341 DEBUG kube_hunter.core.events.handler Event <class 'kube_hunter.core.events.types.HuntStarted'> got published to hunter - <class 'kube_hunter.modules.report.collector.StartedInfo'> with <kube_hunter.core.events.types.HuntStarted object at 0x7fe9c0584190> 2021-08-20 20:50:04,341 DEBUG kube_hunter.core.events.handler Event <class 'kube_hunter.core.events.types.HuntStarted'> got published to hunter - <class 'kube_hunter.modules.discovery.kubectl.KubectlClientDiscovery'> with <kube_hunter.core.events.types.HuntStarted object at 0x7fe9c0584190> 2021-08-20 20:50:04,341 DEBUG kube_hunter.core.events.handler Executing <class 'kube_hunter.modules.report.collector.StartedInfo'> with {'previous': None, 'hunter': None} 2021-08-20 20:50:04,342 INFO kube_hunter.modules.report.collector Started hunting 2021-08-20 20:50:04,342 DEBUG kube_hunter.core.events.handler Event <class 'kube_hunter.modules.discovery.hosts.HostScanEvent'> got published to hunter - <class 'kube_hunter.modules.discovery.hosts.HostDiscovery'> with <kube_hunter.modules.discovery.hosts.HostScanEvent object at 0x7fe9c226fd90> 2021-08-20 20:50:04,342 DEBUG kube_hunter.core.events.handler Executing <class 'kube_hunter.modules.discovery.kubectl.KubectlClientDiscovery'> with {'previous': None, 'hunter': None} 2021-08-20 20:50:04,342 DEBUG kube_hunter.core.events.handler Executing <class 'kube_hunter.modules.discovery.hosts.HostDiscovery'> with {'active': False, 'predefined_hosts': []} 2021-08-20 20:50:04,342 INFO kube_hunter.modules.report.collector Discovering Open Kubernetes Services 2021-08-20 20:50:04,342 DEBUG kube_hunter.modules.discovery.kubectl Attempting to discover a local kubectl client 2021-08-20 20:50:04,342 DEBUG kube_hunter.core.events.handler Event <class 'kube_hunter.core.events.types.NewHostEvent'> got published to hunter - <class 'kube_hunter.modules.discovery.ports.PortDiscovery'> with ip-{ipaddr}.us-east-2.compute.internal 2021-08-20 20:50:04,342 DEBUG kube_hunter.core.events.handler Executing <class 'kube_hunter.modules.discovery.ports.PortDiscovery'> with {'host': 'ip-{ipaddr}.us-east-2.compute.internal', 'cloud_type': None, 'event_id': 0, 'previous': <kube_hunter.modules.discovery.hosts.HostScanEvent object at 0x7fe9c226fd90>, 'hunter': <class 'kube_hunter.modules.discovery.hosts.HostDiscovery'>} 2021-08-20 20:50:04,347 DEBUG kube_hunter.modules.discovery.ports host ip-{ipaddr}.us-east-2.compute.internal try ports: [8001, 8080, 10250, 10255, 30000, 443, 6443, 2379] 2021-08-20 20:50:04,348 DEBUG kube_hunter.modules.discovery.ports Scanning ip-{ipaddr}.us-east-2.compute.internal:8001 2021-08-20 20:50:04,358 DEBUG kube_hunter.modules.discovery.kubectl Could not find kubectl client 2021-08-20 20:50:04,528 DEBUG kube_hunter.modules.discovery.ports Failed to probe ip-{ipaddr}.us-east-2.compute.internal:8001 2021-08-20 20:50:04,528 DEBUG kube_hunter.modules.discovery.ports Scanning ip-{ipaddr}.us-east-2.compute.internal:8080 2021-08-20 20:50:04,529 DEBUG kube_hunter.modules.discovery.ports Failed to probe ip-{ipaddr}.us-east-2.compute.internal:8080 2021-08-20 20:50:04,529 DEBUG kube_hunter.modules.discovery.ports Scanning ip-{ipaddr}.us-east-2.compute.internal:10250 2021-08-20 20:50:04,530 DEBUG kube_hunter.modules.discovery.ports Failed to probe ip-{ipaddr}.us-east-2.compute.internal:10250 2021-08-20 20:50:04,530 DEBUG kube_hunter.modules.discovery.ports Scanning ip-{ipaddr}.us-east-2.compute.internal:10255 2021-08-20 20:50:04,531 DEBUG kube_hunter.modules.discovery.ports Failed to probe ip-{ipaddr}.us-east-2.compute.internal:10255 2021-08-20 20:50:04,531 DEBUG kube_hunter.modules.discovery.ports Scanning ip-{ipaddr}.us-east-2.compute.internal:30000 2021-08-20 20:50:04,532 DEBUG kube_hunter.modules.discovery.ports Failed to probe ip-{ipaddr}.us-east-2.compute.internal:30000 2021-08-20 20:50:04,532 DEBUG kube_hunter.modules.discovery.ports Scanning ip-{ipaddr}.us-east-2.compute.internal:443 2021-08-20 20:50:04,533 DEBUG kube_hunter.modules.discovery.ports Failed to probe ip-{ipaddr}.us-east-2.compute.internal:443 2021-08-20 20:50:04,533 DEBUG kube_hunter.modules.discovery.ports Scanning ip-{ipaddr}.us-east-2.compute.internal:6443 2021-08-20 20:50:04,534 DEBUG kube_hunter.modules.discovery.ports Failed to probe ip-{ipaddr}.us-east-2.compute.internal:6443 2021-08-20 20:50:04,534 DEBUG kube_hunter.modules.discovery.ports Scanning ip-{ipaddr}.us-east-2.compute.internal:2379 2021-08-20 20:50:04,535 DEBUG kube_hunter.modules.discovery.ports Failed to probe ip-{ipaddr}.us-east-2.compute.internal:2379 2021-08-20 20:50:04,536 DEBUG kube_hunter.core.events.handler Event <class 'kube_hunter.core.events.types.HuntFinished'> got published to hunter - <class 'kube_hunter.modules.report.collector.SendFullReport'> with <kube_hunter.core.events.types.HuntFinished object at 0x7fe7ad5d9fd0> 2021-08-20 20:50:04,536 DEBUG kube_hunter.core.events.handler Executing <class 'kube_hunter.modules.report.collector.SendFullReport'> with {'previous': None, 'hunter': None} 2021-08-20 20:50:04,537 DEBUG kube_hunter.modules.report.dispatchers Dispatching report via stdout

Kube Hunter couldn't find any clusters 2021-08-20 20:50:04,537 DEBUG kube_hunter.main Cleaned Queue

DiptoChakrabarty commented 2 years ago

Hi, can you run again with --log debug flag?

pasted the output

DiptoChakrabarty commented 2 years ago

hey how can I resolve this since my cluster is accessible from kubectl but kube-hunter cant find my cluster.

I list my nodes using kubectl get nodes -o wide and pass on the node name or private ip address to kubehunter remote scanning option but kube hunter returns the cluster not found error.

Is any of my steps wrong.

DiptoChakrabarty commented 2 years ago

Hey @danielsagi I think this has been discussed in #404