moving stuff around, pep8 some stuff

ec2_get_all_instances.py

@@ -1,7 +0,0 @@
-'''
-This file is used to list ec2 instances
-'''
-from libs.ec2 import *
-from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
-
-get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

libs/dynamodbstreams.py

@@ -18,6 +18,7 @@ def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
     try:
         for region in regions:
             client = boto3.client('dynamodbstreams', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
+            response = client.list_streams()
             if response.get('Streams') is None:
                 print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
             elif len(response['Streams']) <= 0:

libs/ec2.py

@@ -1,4 +1,6 @@
-#ec2 functions go here
+'''
+ec2 functions go here
+'''
 
 import boto3
 import botocore
@@ -6,117 +8,130 @@ import pprint
 
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
-#from http://docs.aws.amazon.com/general/latest/gr/rande.html
-regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2',  ]
+# from http://docs.aws.amazon.com/general/latest/gr/rande.html
+regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2']
 
 # we are past the enumeration stage at this point assume you have key that works
+
+
 def review_encrypted_volumes(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
-	print("Reviewing EC2 Volumes... This may take a few....")
-	not_encrypted = []
-	encrypted = []
-	try:
-		with open("{}-volumes_list.txt" .format(AWS_ACCESS_KEY_ID), "w") as fout:
-			for region in regions:
-				client = boto3.client(
-					'ec2',
-					aws_access_key_id = AWS_ACCESS_KEY_ID,
-					aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
-					region_name=region
-				)
+    print("Reviewing EC2 Volumes... This may take a few....")
+    not_encrypted = []
+    encrypted = []
+    try:
+        with open("{}-volumes_list.txt" .format(AWS_ACCESS_KEY_ID), "w") as fout:
+            for region in regions:
+                client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
+                response = client.describe_volumes(Filters=[{
+                    'Name': 'status',
+                    'Values': ['in-use']
+                }])['Volumes']
 
-				response = client.describe_volumes(Filters=[{
-					'Name' : 'status',
-					'Values' : ['in-use']
-				}])['Volumes']
-
-				for volume in response:
-					if volume['Encrypted']:
-						encrypted.append(volume['VolumeId'])
-					else:
-						not_encrypted.append(volume['VolumeId'])
-					fout.write("\nEncrypted: " + str(volume['Encrypted']))
-					for attachments in volume['Attachments']:
-						fout.write("\nInstance ID: " + attachments['InstanceId'])
-					fout.write("\nVolume ID: " + volume['VolumeId'])
-					fout.write("\nRegion: " + region)
-					fout.write("\n" + "-" * 40)
-			print("Writing out results")
-			fout.write("\nNot encrypted: " + str(len(not_encrypted)) + "\n")
-			fout.write(pprint.pformat(not_encrypted))
-			fout.write("\nEncrypted: " + str(len(encrypted)) + "\n")
-			fout.write(pprint.pformat(encrypted))
-	except botocore.exceptions.ClientError as e:
-		if e.response['Error']['Code'] == 'UnauthorizedOperation':
-			print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
-		else:
-			print(e)
-	except KeyboardInterrupt:
-		print("CTRL-C received, exiting...")
+                for volume in response:
+                    if volume['Encrypted']:
+                        encrypted.append(volume['VolumeId'])
+                    else:
+                        not_encrypted.append(volume['VolumeId'])
+                    fout.write("\nEncrypted: " + str(volume['Encrypted']))
+                    for attachments in volume['Attachments']:
+                        fout.write("\nInstance ID: " + attachments['InstanceId'])
+                    fout.write("\nVolume ID: " + volume['VolumeId'])
+                    fout.write("\nRegion: " + region)
+                    fout.write("\n" + "-" * 40)
+            print("Writing out results")
+            fout.write("\nNot encrypted: " + str(len(not_encrypted)) + "\n")
+            fout.write(pprint.pformat(not_encrypted))
+            fout.write("\nEncrypted: " + str(len(encrypted)) + "\n")
+            fout.write(pprint.pformat(encrypted))
+    except botocore.exceptions.ClientError as e:
+        if e.response['Error']['Code'] == 'UnauthorizedOperation':
+            print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
+        else:
+            print(e)
+    except KeyboardInterrupt:
+        print("CTRL-C received, exiting...")
 
 
 def get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
-	try:
-		for region in regions:
-			client = boto3.client(
-				'ec2',
-				aws_access_key_id = AWS_ACCESS_KEY_ID,
-				aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
-				region_name=region
-			)
+    try:
+        for region in regions:
+            client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
+            response = client.describe_instances()
+            if len(response['Reservations']) <= 0:
+                print("[-] List instances allowed for {} but no results [-]" .format(region))
+            else:
+                print("[+] Listing instances for region: {} [+]" .format(region))
+                for r in response['Reservations']:
+                    for i in r['Instances']:
+                        pp.pprint(i)
 
-			instances = client.describe_instances()
-			for r in instances['Reservations']:
-				for i in r['Instances']:
-					pp.pprint(i)
+    except botocore.exceptions.ClientError as e:
+        print(e)
+    except KeyboardInterrupt:
+        print("CTRL-C received, exiting...")
+
+
+def get_instance_details_basic(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
+    try:
+        for region in regions:
+            client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
+            response = client.describe_instances()
+            if len(response['Reservations']) <= 0:
+                print("[-] List instances allowed for {} but no results [-]" .format(region))
+            else:
+                # print (response)
+                print("[+] Listing instances for region: {} [+]" .format(region))
+                for r in response['Reservations']:
+                    for i in r['Instances']:
+                        launchtime = i['LaunchTime']
+                        instanceid = i['InstanceId']
+                        instancetype = i['InstanceType']
+                        state = i['State']
+                        print("InstanceID: {}, InstanceType: {}, State: {}, Launchtime: {}".format(instanceid, instancetype, state, launchtime))
+
+    except botocore.exceptions.ClientError as e:
+        print(e)
+    except KeyboardInterrupt:
+        print("CTRL-C received, exiting...")
+
+# show volumes sorted by instanceId ex: instanceID-->multiple volumes  less detail than get_instance_volume_details2
 
-	except botocore.exceptions.ClientError as e:
-		print(e)
-	except KeyboardInterrupt:
-		print("CTRL-C received, exiting...")
 
-#show volumes sorted by instanceId ex: instanceID-->multiple volumes  less detail than get_instance_volume_details2
 def get_instance_volume_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
-	try:
-		for region in regions:
-			client = boto3.client(
-				'ec2',
-				aws_access_key_id = AWS_ACCESS_KEY_ID,
-				aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
-				region_name=region
-			)
+    try:
+        for region in regions:
+            client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
 
-			instances = client.describe_instances()
-			for r in instances['Reservations']:
-				for i in r['Instances']:
-					volumes = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='blockDeviceMapping')
-					print ("Instance ID: {} \n" .format(i['InstanceId']))
-					pp.pprint(volumes)
+            instances = client.describe_instances()
+            for r in instances['Reservations']:
+                for i in r['Instances']:
+                    volumes = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='blockDeviceMapping')
+                    print("Instance ID: {} \n" .format(i['InstanceId']))
+                    pp.pprint(volumes)
+
+    except botocore.exceptions.ClientError as e:
+        print(e)
+    except KeyboardInterrupt:
+        print("CTRL-C received, exiting...")
+
+# show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
 
-	except botocore.exceptions.ClientError as e:
-		print(e)
-	except KeyboardInterrupt:
-		print("CTRL-C received, exiting...")
 
-#show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
 def get_instance_volume_details2(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
-	try:
-		for region in regions:
-			client = boto3.client(
-				'ec2',
-				aws_access_key_id = AWS_ACCESS_KEY_ID,
-				aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
-				region_name=region
-			)
-			response = client.describe_volumes(Filters=[{
-					'Name' : 'status',
-					'Values' : ['in-use']
-				}])['Volumes']
-			for volume in response:
-				print("InstandID:{} \n" .format(volume['Attachments'][0]['InstanceId']))
-				pp.pprint(volume)
-				print("\n")
+    try:
+        for region in regions:
+            client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
 
-	except botocore.exceptions.ClientError as e:
-		print(e)
-	except KeyboardInterrupt:
-		print("CTRL-C received, exiting...")
+            response = client.describe_volumes(Filters=[{
+                    'Name': 'status',
+                    'Values': ['in-use']
+                }])['Volumes']
+            for volume in response:
+                print("InstandID:{} \n" .format(volume['Attachments'][0]['InstanceId']))
+                pp.pprint(volume)
+                print("\n")
+
+    except botocore.exceptions.ClientError as e:
+        print(e)
+    except KeyboardInterrupt:
+        print("CTRL-C received, exiting...")

modules/datapipeline.py

@@ -4,5 +4,5 @@ data pipeline example
 from libs.datapipeline import *
 from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
 
-
-list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+def step_datapipeline_list_pipelines():
+    list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

modules/db.py

@@ -17,3 +17,11 @@ def step_show_services_by_key():
     print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
     for result in results:
     	print("{}:{}".format(result[0],result[1]))
+
+#same as show_sevices
+def step_list_services_by_key():
+    db_name = "weirdAAL.db"
+    results = search_recon_by_key(db_name,AWS_ACCESS_KEY_ID)
+    print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
+    for result in results:
+    	print("{}:{}".format(result[0],result[1]))

modules/dynamodb.py

@@ -0,0 +1,11 @@
+'''
+dynamoDB examples
+'''
+from libs.dynamodb import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+def step_dynamodb_list_tables():
+    list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+def step_dynamodb_list_tables_detailed():
+    list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

modules/dynamodbstreams.py

@@ -0,0 +1,8 @@
+'''
+dynamoDBstreams examples
+'''
+from libs.dynamodbstreams import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+def step_dynamodbstreams_list_streams():
+    list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

modules/ec2.py

@@ -0,0 +1,13 @@
+'''
+This file is used to list ec2 instances
+'''
+from libs.ec2 import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_ec2_get_instances_basic():
+    get_instance_details_basic(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_ec2_get_instances_detailed():
+    get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)