add evaluate: cloud metadata api

cdk-team · Dec 1, 2020 · 29211a2 · 29211a2
1 parent fbc2f0f
commit 29211a2
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 8 deletions.
diff --git a/pkg/evaluate/cloud_metadata_api.go b/pkg/evaluate/cloud_metadata_api.go
@@ -1,9 +1,29 @@
 package evaluate
 
-import "github.com/Xyntax/CDK/conf"
-
-func CheckAlibabaCloudMetadataAPI() {
-	for _, APIInstance := range conf.CloudAPI{
+import (
+	"fmt"
+	"github.com/Xyntax/CDK/conf"
+	"github.com/idoubi/goz"
+	"log"
+	"strings"
+)
 
+func CheckCloudMetadataAPI() {
+	for _, apiInstance := range conf.CloudAPI {
+		cli := goz.NewClient(goz.Options{
+			Timeout: 1,
+		})
+		resp, err := cli.Get(apiInstance.API)
+		if err != nil {
+			log.Printf("failed to dial %s API.", apiInstance.CloudProvider)
+			continue
+		}
+		r, _ := resp.GetBody()
+		if strings.Contains(r.String(), apiInstance.ResponseMatch) {
+			fmt.Printf("\t%s Metadata API available in %s\n", apiInstance.CloudProvider, apiInstance.API)
+			fmt.Printf("\tDocs: %s\n", apiInstance.DocURL)
+		} else {
+			log.Printf("failed to dial %s API.", apiInstance.CloudProvider)
+		}
 	}
 }
diff --git a/pkg/lib/parse.go b/pkg/lib/parse.go
@@ -67,7 +67,7 @@ func ParseDocopt() {
 	}
 
 	// nc needs -v and -h , parse it outside
-	if os.Args[1] ==  "nc" {
+	if os.Args[1] == "nc" {
 		// https://github.com/jiguangin/netcat
 		PassInnerArgs()
 		netcat.RunVendorNetcat()
@@ -92,12 +92,15 @@ func ParseDocopt() {
 		fmt.Printf("\n[Information Gathering - Mounts]\n")
 		evaluate.MountEscape()
 
-		fmt.Printf("\n[Information Gathering - K8s API Server]\n")
+		fmt.Printf("\n[Discovery - K8s API Server]\n")
 		evaluate.CheckK8sAnonymousLogin()
 
-		fmt.Printf("\n[Information Gathering - K8s Service Account]\n")
+		fmt.Printf("\n[Discovery - K8s Service Account]\n")
 		evaluate.CheckK8sServiceAccount(conf.K8sSATokenDefaultPath)
 
+		fmt.Printf("\n[Discovery - Cloud Provider Metadata API]\n")
+		evaluate.CheckCloudMetadataAPI()
+
 		if Args["--full"].(bool) {
 			fmt.Printf("\n[Information Gathering - Sensitive Files]\n")
 			evaluate.SearchLocalFilePath()
@@ -133,7 +136,7 @@ func ParseDocopt() {
 			if len(args) != 4 {
 				log.Fatal("invalid input args, Example: ./cdk ucurl get /var/run/docker.sock http://127.0.0.1/info \"\"")
 			}
-			ans:=util.UnixHttpSend(args[0], args[1], args[2], args[3])
+			ans := util.UnixHttpSend(args[0], args[1], args[2], args[3])
 			log.Println("response:")
 			fmt.Println(ans)
 		case "ifconfig":