discovery: Make kubectl.py able to find kubectl

martbhell commented 2 years ago

Description

I was trying to get kube-hunter to display something about the remote k3s cluster with only port 6443 accessible. While doing so I saw in the debug log output that it couldn't find kubectl, even though it's in $PATH

Doing so I eventually made conclusion that the arguments in subprocess check_output function in python 3.8.10 needs to be a list. I do not know if this has changed in python. There might be better ways to change this. At least this change makes the code find the kubectl version.

Contribution Guidelines

Please Read through the Contribution Guidelines.

Fixed Issues

Fixes #512

"BEFORE" and "AFTER" output

BEFORE

Before the change the error in "--log debug" would look like:

2022-06-03 13:54:56,497 DEBUG kube_hunter.modules.discovery.kubectl Could not find kubectl client

AFTER

And if I add small code change to also print the exception error it prints:

2022-06-03 13:54:56,497 DEBUG kube_hunter.modules.discovery.kubectl [Errno 2] No such file or directory: 'kubectl version --client'
2022-06-03 13:54:56,497 DEBUG kube_hunter.modules.discovery.kubectl Could not find kubectl client

Contribution checklist

[x] I have read the Contributing Guidelines.
[x] The commits refer to an active issue in the repository.
[ ] I have added automated testing to cover this case.

Notes

Haven't added any testing as I'm completely unfamiliar with Mock. Suggestion for what to test would be much appreciated!

CLAassistant commented 2 years ago

All committers have signed the CLA.

martbhell commented 1 year ago

And shlex seems to have been in python3 for a long time. Looks good to me :)

aquasecurity / kube-hunter