aquasecurity / kube-hunter

Hunt for security weaknesses in Kubernetes clusters
Apache License 2.0
4.77k stars 587 forks source link

Kube hunter fails when testing Rancher cluster. #515

Open tanmaypandey7 opened 2 years ago

tanmaypandey7 commented 2 years ago

What happened

Ran kube-hunter on Rancher cluster. Got an 404 Not Found error for CIDR. image I am using kube-hunter 0.6.5 image and Rancher is running on k8s 1.23.

Expected behavior

The test should run successfully.

The execution starts from here when we confirm if we are using an aws pod or not. The token hits a token endpoint which always fetches a 200 response code(see screenshot). This is the main bug. image

Once the condition is true, the condition calls the function here, where we hit an hardcoded API which fetches a 404 code when getting the response from token.

Solution - Instead of using a hardcoded api, the input can be taken from the user about which Cloud Provider should be used for the testing.