3 # COPYRIGHT NOTICE STARTS HERE
5 # Copyright 2019 Samsung Electronics Co., Ltd.
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
19 # COPYRIGHT NOTICE ENDS HERE
21 # Check all ports exposed by pods to internal network and look for
28 # Return value: Number of discovered JDWP ports
29 # Output: List of pods and exposing JDWP interface
32 if [ "$#" -lt 1 ]; then
33 echo "Usage: $0 <k8s-namespace>"
41 kubectl get po --namespace=$K8S_NAMESPACE | grep Running | awk '{print $1}' | grep -v NAME
47 local jdwp_challenge="JDWP-Handshake\n"
48 local jdwp_response="JDWP-Handshake"
50 local response=`nc $ip $port <<<$jdwp_challenge`
51 if [[ $response == *"$jdwp_response"* ]]; then
57 # get open ports from procfs as netstat is not always available
58 get_open_ports_on_pod() {
60 local open_ports_hex=`kubectl exec --namespace=$K8S_NAMESPACE $pod cat /proc/net/tcp 2>/dev/null| grep -v "local_address" | awk '{ print $2" "$4 }' | grep '0A$' | tr ":" " " | awk '{ print $2 }' | sort | uniq`
61 for hex_port in $open_ports_hex; do
62 echo $((16#$hex_port))
69 for pod in `list_pods`; do
70 open_ports=`get_open_ports_on_pod $pod`
71 # if there is no open ports just go to next pod
72 if [ -z "$open_ports" ]; then
76 # let's setup a proxy and check every open port
77 for port in $open_ports; do
79 kubectl port-forward --namespace=$K8S_NAMESPACE $pod $LOCAL_PORT:$port &>/dev/null &
83 do_jdwp_handshake $LOCAL_PORT
88 kill $proxy_pid 2>/dev/null
89 wait $proxy_pid 2>/dev/null