search

vchinnipilli / kubestriker

A Blazing fast Security Auditing tool for Kubernetes
https://github.com/vchinnipilli/kubestriker
Apache License 2.0
984 stars 105 forks source link

Misconfiguration in curl query strings #31

Open kutysam opened 3 years ago

kutysam commented 3 years ago

Hi, Firstly, awesome project!

  1. I can't seem to find FE and BE endpoint codes. Are they open sourced too? I am currently pulling from the docker container.
  2. As you can see the image, there is no token= appended. Thus, token is not working. I've manually sent a curl with = and its working. image

Basically this happens when you are adding a Generic k8s cluster from FE ^. Should be an easy fix.