oriagmon
commented
5 years ago Hey, that's a great idea and we actually planning to add such hunter!
Open carnal0wnage opened 5 years ago
oriagmon
commented
5 years ago Hey, that's a great idea and we actually planning to add such hunter!
iyehuda
commented
4 years ago Hi @carnal0wnage !
Sorry for taking forever to deal with this issue. Can you explain more about implications of finding an open cAdvisor endpoint? Are you familiar with cAdvisor vulnerabilities that we can scan for or information we can gather from such open service?
RaitoBezarius
commented
4 years ago @iYehuda It appears to me that getting the remote REST API of cAdvisor enables us to get a lot of info on all running containers, as per https://github.com/google/cadvisor/blob/master/docs/api.md
swapniljha001
commented
3 years ago Is this issue still unresolved?
danielsagi
commented
3 years ago @swapniljha001 Yes
It would be nice if kube-hunter also identified open cAdvisor
http://192.168.41.233:4194/api/v2.0/spec?recursive=true