update: SpiderResolver and dns discovery

Esonhugh · Esonhugh · commit 193a1cf5bf72 · 2024-07-20T03:12:11.000+08:00
diff --git a/cmd/all/all.go b/cmd/all/all.go
@@ -20,7 +20,10 @@ func init() {
 }
 
 var AllCmd = &cobra.Command{
-	Use:   "all",
+	Use: "all",
+	Aliases: []string{
+		"a",
+	},
 	Short: "all is a tool to discover k8s services and available ip in subnet",
 	Run: func(cmd *cobra.Command, args []string) {
 		if command.Opts.Cidr == "" {
diff --git a/cmd/neighbor/neighbor.go b/cmd/neighbor/neighbor.go
@@ -48,7 +48,7 @@ var NeighborCmd = &cobra.Command{
 	Short:   "neighbor is a tool to discover k8s pod and available ip in subnet (require k8s coredns with pod verified config)",
 	Aliases: []string{"n", "nei"},
 	Run: func(cmd *cobra.Command, args []string) {
-		if !pkg.TestPodVerified() {
+		if !pkg.CheckPodVerified() {
 			log.Fatalf("k8s coredns with pod verified config could not be set")
 		}
 		if Opts.NamespaceWordlist != "" {
diff --git a/cmd/root.go b/cmd/root.go
@@ -1,9 +1,7 @@
 package cmd
 
 import (
-	"context"
 	"fmt"
-	"net"
 	"os"
 
 	"github.com/esonhugh/k8spider/pkg"
@@ -28,6 +26,7 @@ var Opts = struct {
 func init() {
 	RootCmd.PersistentFlags().StringVarP(&Opts.Cidr, "cidr", "c", os.Getenv("KUBERNETES_SERVICE_HOST")+"/16", "cidr like: 192.168.0.1/16")
 	RootCmd.PersistentFlags().StringVarP(&Opts.DnsServer, "dns-server", "d", "", "dns server")
+	RootCmd.PersistentFlags().IntVarP(&pkg.DnsTimeout, "dns-timeout", "i", 2, "dns timeout")
 	RootCmd.PersistentFlags().StringSliceVarP(&Opts.SvcDomains, "svc-domains", "s", []string{}, "service domains, like: kubernetes.default,etcd.default don't add zone like svc.cluster.local")
 	RootCmd.PersistentFlags().StringVarP(&Opts.Zone, "zone", "z", "cluster.local", "zone")
 	RootCmd.PersistentFlags().StringVarP(&Opts.OutputFile, "output-file", "o", "", "output file")
@@ -44,21 +43,15 @@ var RootCmd = &cobra.Command{
 	Long:  "k8spider is a tool to discover k8s services",
 	PersistentPreRun: func(cmd *cobra.Command, args []string) {
 		SetLogLevel(Opts.Verbose)
-		if !Opts.SkipKubeDNSCheck { // Not Skip
-			if pkg.CheckKubernetes() {
+		if Opts.DnsServer != "" {
+			pkg.NetResolver = pkg.WarpDnsServer(Opts.DnsServer)
+		}
+		if Opts.SkipKubeDNSCheck == false { // Not Skip
+			if pkg.CheckKubeDNS() {
 				log.Warn("current environment is not a kubernetes cluster")
 				os.Exit(1)
 			}
 		}
-		if Opts.DnsServer != "" {
-			pkg.NetResolver = &net.Resolver{
-				PreferGo: true,
-				Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
-					d := net.Dialer{}
-					return d.DialContext(ctx, network, Opts.DnsServer)
-				},
-			}
-		}
 		pkg.Zone = Opts.Zone
 	},
 	Run: func(cmd *cobra.Command, args []string) {
diff --git a/cmd/service/service.go b/cmd/service/service.go
@@ -16,7 +16,10 @@ func init() {
 }
 
 var ServiceCmd = &cobra.Command{
-	Use:   "service",
+	Use: "service",
+	Aliases: []string{
+		"srv",
+	},
 	Short: "service is a tool to discover k8s services",
 	Run: func(cmd *cobra.Command, args []string) {
 		if command.Opts.Zone == "" || command.Opts.SvcDomains == nil || len(command.Opts.SvcDomains) == 0 {
diff --git a/cmd/subnet/subnet.go b/cmd/subnet/subnet.go
@@ -18,7 +18,11 @@ func init() {
 }
 
 var SubNetCmd = &cobra.Command{
-	Use:   "subnet",
+	Use: "subnet",
+	Aliases: []string{
+		"sub",
+		"s",
+	},
 	Short: "subnet is a tool to discover k8s available ip in subnet",
 	Run: func(cmd *cobra.Command, args []string) {
 		if command.Opts.Cidr == "" {
diff --git a/cmd/whereisdns/dns.go b/cmd/whereisdns/dns.go
@@ -0,0 +1,52 @@
+package whereisdns
+
+import (
+	"fmt"
+
+	command "github.com/esonhugh/k8spider/cmd"
+	"github.com/esonhugh/k8spider/pkg"
+	log "github.com/sirupsen/logrus"
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	command.RootCmd.AddCommand(WhereIsDnsCmd)
+}
+
+var WhereIsDnsCmd = &cobra.Command{
+	Use: "whereisdns",
+	Aliases: []string{
+		"dns",
+	},
+	Short: "this command will help you check where is the dns server in provided CIDR",
+	Run: func(cmd *cobra.Command, args []string) {
+		ipNets, err := pkg.ParseStringToIPNet(command.Opts.Cidr)
+		if err != nil {
+			log.Warnf("ParseStringToIPNet failed: %v", err)
+			return
+		}
+		s := false
+		for _, ip := range pkg.ParseIPNetToIPs(ipNets) {
+			serverAddr := fmt.Sprintf("%s:53", ip.String())
+			if checkdns(serverAddr) {
+				s = true
+			}
+			serverAddr = fmt.Sprintf("%s:5353", ip.String())
+			if checkdns(serverAddr) {
+				s = true
+			}
+		}
+		if s {
+			log.Warn("DNS Server Not Found!")
+		}
+	},
+}
+
+func checkdns(serverAddr string) bool {
+	dns := pkg.WarpDnsServer(serverAddr)
+	if pkg.CheckKubeDNS(dns) {
+		log.Infof("Possible cluster DNS Server Found: %s", serverAddr)
+		return true
+	}
+	return false
+}
diff --git a/cmd/wildcard/wildcard.go b/cmd/wildcard/wildcard.go
@@ -13,7 +13,10 @@ func init() {
 }
 
 var WildCardCmd = &cobra.Command{
-	Use:   "wild",
+	Use: "wild",
+	Aliases: []string{
+		"w",
+	},
 	Short: "wild is a tool to abuse wildcard feature in kubernetes service discovery",
 	Run: func(cmd *cobra.Command, args []string) {
 		if command.Opts.Zone == "" {
diff --git a/main.go b/main.go
@@ -7,6 +7,7 @@ import (
 	_ "github.com/esonhugh/k8spider/cmd/neighbor"
 	_ "github.com/esonhugh/k8spider/cmd/service"
 	_ "github.com/esonhugh/k8spider/cmd/subnet"
+	_ "github.com/esonhugh/k8spider/cmd/whereisdns"
 	_ "github.com/esonhugh/k8spider/cmd/wildcard"
 )
 
diff --git a/pkg/ip_utils.go b/pkg/ip_utils.go
@@ -0,0 +1,36 @@
+package pkg
+
+import (
+	"encoding/binary"
+	"fmt"
+	"net"
+	"strings"
+)
+
+func ParseStringToIPNet(s string) (ipnet *net.IPNet, err error) {
+	_, ipnet, err = net.ParseCIDR(s)
+	return
+}
+
+func ParseIPNetToIPs(ipv4Net *net.IPNet) (ips []net.IP) {
+	// convert IPNet struct mask and address to uint32
+	// network is BigEndian
+	mask := binary.BigEndian.Uint32(ipv4Net.Mask)
+	start := binary.BigEndian.Uint32(ipv4Net.IP)
+
+	// find the final address
+	finish := (start & mask) | (mask ^ 0xffffffff)
+
+	// loop through addresses as uint32
+	for i := start; i <= finish; i++ {
+		// convert back to net.IP
+		ip := make(net.IP, 4)
+		binary.BigEndian.PutUint32(ip, i)
+		ips = append(ips, ip)
+	}
+	return
+}
+
+func IPtoPodHostName(ip, namespace string) string {
+	return fmt.Sprintf("%s.%s.pod.%s", strings.ReplaceAll(ip, ".", "-"), namespace, Zone)
+}
diff --git a/pkg/query_utils.go b/pkg/query_utils.go
@@ -0,0 +1,92 @@
+package pkg
+
+import (
+	"context"
+	"net"
+	"time"
+
+	log "github.com/sirupsen/logrus"
+)
+
+var (
+	DnsTimeout  = 2
+	NetResolver = DefaultResolver()
+	Zone        string // Zone is the domain name of the cluster
+)
+
+type SpiderResolver struct {
+	dns string
+	ctx context.Context
+	r   *net.Resolver
+}
+
+func DefaultResolver() *SpiderResolver {
+	ctx, _ := context.WithTimeout(context.Background(), time.Duration(DnsTimeout)*time.Second) // I don't think if a inside cluster dns query has more than 2s latency.
+	return &SpiderResolver{
+		dns: "<default-dns>",
+		r:   net.DefaultResolver,
+		ctx: ctx,
+	}
+}
+
+func WarpDnsServer(dnsServer string) *SpiderResolver {
+	ctx, _ := context.WithTimeout(context.Background(), time.Duration(DnsTimeout)*time.Second)
+	return &SpiderResolver{
+		dns: dnsServer,
+		r: &net.Resolver{
+			PreferGo: true,
+			Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
+				d := net.Dialer{}
+				return d.DialContext(ctx, network, dnsServer)
+			},
+		},
+		ctx: ctx,
+	}
+}
+
+func (s *SpiderResolver) CurrentDNS() string {
+	return s.dns
+}
+
+func (s *SpiderResolver) PTRRecord(ip net.IP) []string {
+	names, err := s.r.LookupAddr(s.ctx, ip.String())
+	if err != nil {
+		log.Debugf("LookupAddr failed: %v", err)
+		return nil
+	}
+	return names
+}
+
+func PTRRecord(ip net.IP) []string {
+	return NetResolver.PTRRecord(ip)
+}
+
+func (s *SpiderResolver) SRVRecord(svcDomain string) (string, []*net.SRV, error) {
+	cname, srvs, err := s.r.LookupSRV(s.ctx, "", "", svcDomain)
+	return cname, srvs, err
+}
+
+func (s *SpiderResolver) CustomSRVRecord(svcDomain string, service, proto string) (string, []*net.SRV, error) {
+	cname, srvs, err := s.r.LookupSRV(s.ctx, service, proto, svcDomain)
+	return cname, srvs, err
+}
+
+func SRVRecord(svcDomain string) (string, []*net.SRV, error) {
+	return NetResolver.SRVRecord(svcDomain)
+}
+
+func (s *SpiderResolver) ARecord(domain string) ([]net.IP, error) {
+	return s.r.LookupIP(s.ctx, "ip", domain)
+}
+
+func ARecord(domain string) (ips []net.IP, err error) {
+	return NetResolver.ARecord(domain)
+}
+
+func (s *SpiderResolver) TXTRecord(domain string) ([]string, error) {
+	return s.r.LookupTXT(s.ctx, domain)
+}
+
+func TXTRecord(domain string) (txts []string, err error) {
+	return NetResolver.TXTRecord(domain)
+}
diff --git a/pkg/utils.go b/pkg/utils.go

Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ var NeighborCmd = &cobra.Command{`
`48`	`48`	`Short: "neighbor is a tool to discover k8s pod and available ip in subnet (require k8s coredns with pod verified config)",`
`49`	`49`	`Aliases: []string{"n", "nei"},`
`50`	`50`	`Run: func(cmd *cobra.Command, args []string) {`
`51`		`- if !pkg.TestPodVerified() {`
	`51`	`+ if !pkg.CheckPodVerified() {`
`52`	`52`	`log.Fatalf("k8s coredns with pod verified config could not be set")`
`53`	`53`	`}`
`54`	`54`	`if Opts.NamespaceWordlist != "" {`
Original file line number	Diff line number	Diff line change
`@@ -7,6 +7,7 @@ import (`
`7`	`7`	`_ "github.com/esonhugh/k8spider/cmd/neighbor"`
`8`	`8`	`_ "github.com/esonhugh/k8spider/cmd/service"`
`9`	`9`	`_ "github.com/esonhugh/k8spider/cmd/subnet"`
	`10`	`+ _ "github.com/esonhugh/k8spider/cmd/whereisdns"`
`10`	`11`	`_ "github.com/esonhugh/k8spider/cmd/wildcard"`
`11`	`12`	`)`
`12`	`13`