View Issue Details

IDProjectCategoryView StatusLast Update
0005756Kali Linux[All Projects] New Tool Requestspublic2020-01-13 13:47
Reporteraveronesis Assigned To 
PrioritynormalSeverityfeatureReproducibilityhave not tried
Status closedResolutionreopened 
Product Version 
Target VersionFixed in Version 
Summary0005756: Kubolt - scanning public kubernetes clusters
DescriptionHello,
I would like to request on addition Kubolt utility to the Kali default packages.
Why? - because at the moment Kali doesn't have offensive tool to attack k8s clusters.
You can examine my tool on github - https://github.com/averonesis/kubolt
Let me know if I need make any changes to the tool/code.

Activities

averonesis

2019-10-26 07:29

reporter   ~0011224

- [Name] - Kubolt
- [Version] - Latest
- [Homepage] - https://github.com/averonesis/kubolt
- [Download] - git clone https://github.com/averonesis/kubolt
- [Author] - Anton Bulavin
- [Licence] - GNU General Public License v3.0
- [Description] - Kubolt is simple utility for scanning public unauthinticated kubernetes clusters and run commands inside containers
- [Dependencies] - https://github.com/averonesis/kubolt/blob/master/requirements.txt
click==6.7
shodan==1.7.7
requests==2.18.4
- [Similar tools] - https://github.com/serain/kubelet-anon-rce (the main difference, that my tool designed to work with a big scopes from Shodan)
- [How to install] -
git clone https://github.com/averonesis/kubolt
cd kubolt
mkdir output
pip install -r requirements.txt
- [How to use] -
python kubolt.py --query "org:'ACME Corporation' country:UK"
https://github.com/averonesis/kubolt/raw/master/github-scale.gif

g0tmi1k

2020-01-13 13:27

administrator   ~0011886

Nice tool - but we can't have that depancy with Shodan (how would you edit your API key when its packaged up?)

A lot of this could be repeated with a bit of cURL and bash loops too

averonesis

2020-01-13 13:40

reporter   ~0011895

Hello, @g0tmilk
What if I add a key to start with requirement to fill own Shodan API key?
And I'm not fully agree with bash scripting is the same, because kubolt is actually automate two processes:
- look for potentially vulnerable servers in Shodan
- check for vulnerability exploitation
So, this could be highly useful if you start pentest some company and you know their ASN, for example :)
Anyway, I know that recon-ng tool also have ability to input Shodan API key to perform scans - agree, this is not the same, but it's also have dependency on shodan in some way...
And today I think every pentester has Shodan API key, as well as Shodan provide a free limited API key.

Thank you.

g0tmi1k

2020-01-13 13:42

administrator   ~0011897

The sole input can't be from an online service (such as Shodan).
Manual import would be required.

averonesis

2020-01-13 13:45

reporter   ~0011899

ok, if I add a new feature as scan from list of IPs - kubolt would be accepted, right?

g0tmi1k

2020-01-13 13:47

administrator   ~0011902

Last edited: 2020-01-13 13:47

View 2 revisions

Sure =)

Issue History

Date Modified Username Field Change
2019-10-26 07:21 averonesis New Issue
2019-10-26 07:29 averonesis Note Added: 0011224
2019-10-28 14:07 g0tmi1k Summary Add kubolt to kali => kubolt - Kubolt utility for scanning public kubernetes clusters
2019-10-28 14:07 g0tmi1k Summary kubolt - Kubolt utility for scanning public kubernetes clusters => Kubolt - scanning public kubernetes clusters
2019-10-28 16:01 g0tmi1k Severity minor => feature
2019-10-28 16:01 g0tmi1k Status new => assigned
2020-01-06 13:07 g0tmi1k Status assigned => acknowledged
2020-01-06 13:13 g0tmi1k Status acknowledged => new
2020-01-06 13:13 g0tmi1k Category Queued Tool Addition => New Tool Requests
2020-01-13 13:27 g0tmi1k Note Added: 0011886
2020-01-13 13:28 g0tmi1k Status new => closed
2020-01-13 13:28 g0tmi1k Resolution open => won't fix
2020-01-13 13:40 averonesis Status closed => feedback
2020-01-13 13:40 averonesis Resolution won't fix => reopened
2020-01-13 13:40 averonesis Note Added: 0011895
2020-01-13 13:42 g0tmi1k Note Added: 0011897
2020-01-13 13:43 g0tmi1k Status feedback => closed
2020-01-13 13:45 averonesis Status closed => feedback
2020-01-13 13:45 averonesis Note Added: 0011899
2020-01-13 13:47 g0tmi1k Note Added: 0011902
2020-01-13 13:47 g0tmi1k Status feedback => closed
2020-01-13 13:47 g0tmi1k Note Edited: 0011902 View Revisions