From 75ea430cefec94194ecf80caf76f0074c8eda590 Mon Sep 17 00:00:00 2001 From: Kenneth Toler Date: Tue, 25 Sep 2018 16:22:30 -0400 Subject: [PATCH 01/19] added roles assumable --- libs/iam.py | 27 +++++++++++++++++++++++++++ modules/iam.py | 6 ++++++ 2 files changed, 33 insertions(+) diff --git a/libs/iam.py b/libs/iam.py index c8f1062..426263f 100644 --- a/libs/iam.py +++ b/libs/iam.py @@ -455,6 +455,33 @@ def iam_list_roles(): except KeyboardInterrupt: print("CTRL-C received, exiting...") +def iam_list_roles_assumable(): + ''' + Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list + ''' + print("### Roles that can be Assumed by AWS Principals ###") + try: + for region in regions: + client = boto3.client('iam', region_name="us-east-1") + response = client.list_roles() + roles = response.get("Roles") + for role in roles: + if "AWS" in role["AssumeRolePolicyDocument"]["Statement"][0]["Principal"]: + print(role["RoleId"] + " " + role["RoleName"]) + print(role["AssumeRolePolicyDocument"]["Statement"][0]["Principal"]["AWS"]) + except botocore.exceptions.ClientError as e: + if e.response['Error']['Code'] == 'InvalidClientTokenId': + sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'AccessDenied': + print('{} : Is NOT a root/IAM key' .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'SubscriptionRequiredException': + print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'OptInRequired': + print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) + else: + print("Unexpected error: {}" .format(e)) + except KeyboardInterrupt: + print("CTRL-C received, exiting...") def iam_list_policies(): ''' diff --git a/modules/iam.py b/modules/iam.py index b191b20..105067a 100644 --- a/modules/iam.py +++ b/modules/iam.py @@ -60,6 +60,12 @@ def module_iam_list_roles(): ''' iam_list_roles() +def module_iam_list_roles_assumable(): + ''' + Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list. + python3 weirdAAL.py -m iam_list_roles -t yolo + ''' + iam_list_roles_assumable() def module_iam_list_policies(): ''' From a07d643c441e3c5c4b874e599ea7d86379efaa15 Mon Sep 17 00:00:00 2001 From: Kenneth Toler Date: Tue, 25 Sep 2018 16:25:07 -0400 Subject: [PATCH 02/19] commenting assumable role functionality --- libs/iam.py | 2 +- modules/iam.py | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/libs/iam.py b/libs/iam.py index 426263f..2d3121b 100644 --- a/libs/iam.py +++ b/libs/iam.py @@ -457,7 +457,7 @@ def iam_list_roles(): def iam_list_roles_assumable(): ''' - Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list + Lists IAM roles that are assumable by AWS Principals and excludes roles that are assumable by Services ''' print("### Roles that can be Assumed by AWS Principals ###") try: diff --git a/modules/iam.py b/modules/iam.py index 105067a..901494d 100644 --- a/modules/iam.py +++ b/modules/iam.py @@ -62,8 +62,8 @@ def module_iam_list_roles(): def module_iam_list_roles_assumable(): ''' - Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list. - python3 weirdAAL.py -m iam_list_roles -t yolo + Lists the IAM roles that have the specified path prefix that are assumable by AWS principals and excludes roles assumable by AWS services. If there are none, the operation returns an empty list. + python3 weirdAAL.py -m iam_list_roles_assumable -t yolo ''' iam_list_roles_assumable() From 303ba79742c7d7680b06958928b82fb9d217c0d9 Mon Sep 17 00:00:00 2001 From: Kenneth Toler Date: Tue, 25 Sep 2018 16:31:54 -0400 Subject: [PATCH 03/19] removed hardcoded region from roles assumable --- libs/iam.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libs/iam.py b/libs/iam.py index 2d3121b..25f3cf4 100644 --- a/libs/iam.py +++ b/libs/iam.py @@ -462,7 +462,7 @@ def iam_list_roles_assumable(): print("### Roles that can be Assumed by AWS Principals ###") try: for region in regions: - client = boto3.client('iam', region_name="us-east-1") + client = boto3.client('iam', region_name=region) response = client.list_roles() roles = response.get("Roles") for role in roles: From 159a9d862c023d46523706cca2bf74393f46302a Mon Sep 17 00:00:00 2001 From: Kenneth Toler Date: Tue, 25 Sep 2018 16:22:30 -0400 Subject: [PATCH 04/19] added roles assumable commenting assumable role functionality removed hardcoded region from roles assumable --- libs/iam.py | 27 +++++++++++++++++++++++++++ modules/iam.py | 6 ++++++ 2 files changed, 33 insertions(+) diff --git a/libs/iam.py b/libs/iam.py index c8f1062..25f3cf4 100644 --- a/libs/iam.py +++ b/libs/iam.py @@ -455,6 +455,33 @@ def iam_list_roles(): except KeyboardInterrupt: print("CTRL-C received, exiting...") +def iam_list_roles_assumable(): + ''' + Lists IAM roles that are assumable by AWS Principals and excludes roles that are assumable by Services + ''' + print("### Roles that can be Assumed by AWS Principals ###") + try: + for region in regions: + client = boto3.client('iam', region_name=region) + response = client.list_roles() + roles = response.get("Roles") + for role in roles: + if "AWS" in role["AssumeRolePolicyDocument"]["Statement"][0]["Principal"]: + print(role["RoleId"] + " " + role["RoleName"]) + print(role["AssumeRolePolicyDocument"]["Statement"][0]["Principal"]["AWS"]) + except botocore.exceptions.ClientError as e: + if e.response['Error']['Code'] == 'InvalidClientTokenId': + sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'AccessDenied': + print('{} : Is NOT a root/IAM key' .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'SubscriptionRequiredException': + print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'OptInRequired': + print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) + else: + print("Unexpected error: {}" .format(e)) + except KeyboardInterrupt: + print("CTRL-C received, exiting...") def iam_list_policies(): ''' diff --git a/modules/iam.py b/modules/iam.py index b191b20..901494d 100644 --- a/modules/iam.py +++ b/modules/iam.py @@ -60,6 +60,12 @@ def module_iam_list_roles(): ''' iam_list_roles() +def module_iam_list_roles_assumable(): + ''' + Lists the IAM roles that have the specified path prefix that are assumable by AWS principals and excludes roles assumable by AWS services. If there are none, the operation returns an empty list. + python3 weirdAAL.py -m iam_list_roles_assumable -t yolo + ''' + iam_list_roles_assumable() def module_iam_list_policies(): ''' From f94482eb28c86968887802f199fbd268242b4f9f Mon Sep 17 00:00:00 2001 From: cktricky Date: Sun, 3 Jun 2018 00:14:27 -0400 Subject: [PATCH 05/19] Fixes issue #50 --- libs/sns.py | 37 ++++++++++++++++++++++++++++--------- modules/sns.py | 7 +++++++ target.txt | 0 3 files changed, 35 insertions(+), 9 deletions(-) create mode 100644 target.txt diff --git a/libs/sns.py b/libs/sns.py index 140c94e..361f52e 100644 --- a/libs/sns.py +++ b/libs/sns.py @@ -11,20 +11,25 @@ regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', ' session = boto3.Session() credentials = session.get_credentials() AWS_ACCESS_KEY_ID = credentials.access_key +topics_list = {} -def list_sns_topics(): +def list_sns_topics(should_i_print=True): title = "SNS Topics" - print(title) - print("-" * len(title)) + if should_i_print: + print(title) + print("-" * len(title)) try: for region in regions: client = boto3.client('sns', region_name=region) topics = client.list_topics() - print(region) - print("=" * len(region)) + if should_i_print: + print(region) + print("=" * len(region)) if topics['Topics']: - for topic in topics['Topics']: - print(topic) + topics_list[region] = topics['Topics'] + if should_i_print: + for topic in topics['Topics']: + print(topic) except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("The AWS KEY IS INVALID. Exiting") @@ -79,6 +84,20 @@ def delete_sns_topic(topic, region): except KeyboardInterrupt: print("CTRL-C received, exiting...") +def list_all_sns_subscribers(): + print("Scanning regions....") + list_sns_topics(False) + for region,topics in topics_list.items(): + for topic in topics: + region_title = "Region: {}".format(region) + print(region_title) + print("=" * len(region_title)) + list_sns_subscribers(topic['TopicArn'],region) + + + + + def delete_sns_subscriber(endpoint, region): try: client = boto3.client('sns', region_name=region) @@ -90,8 +109,8 @@ def delete_sns_subscriber(endpoint, region): print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID)) elif e.response['Error']['Code'] == 'SubscriptionRequiredException': print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) - #elif e.response['Error']['Code'] == 'InvalidParameter': - # print('The region you provided ({}) is invalid for the Subscriber endpoint. Are you sure this subscriber exists in this region?'.format(region)) + elif e.response['Error']['Code'] == 'InvalidParameter': + print('The region you provided ({}) is invalid for the Subscriber endpoint. Are you sure this subscriber exists in this region?'.format(region)) else: print("Unexpected error: {}" .format(e)) except KeyboardInterrupt: diff --git a/modules/sns.py b/modules/sns.py index cf9460d..b529bab 100644 --- a/modules/sns.py +++ b/modules/sns.py @@ -22,6 +22,13 @@ def module_sns_list_subscribers(*args): except IndexError: print("Please provide a topic arn *AND* region, ex: -a arn:aws:sns:us-east-1:123456789123:sometopic,us-east-1") +def module_sns_list_all_subscribers(): + ''' + Rather than listing a single topics subscribers, we'll list all topics and all subscribersself. + python3 weirdAAL.py -m sns_list_all_subscribers + ''' + list_all_sns_subscribers() + def module_sns_delete_topic(*args): ''' SNS delete a topic. Takes two arguments - the topic arn and the region. diff --git a/target.txt b/target.txt new file mode 100644 index 0000000..e69de29 From 4f5ad889d4510874b23808849dea0819e8ba6fbd Mon Sep 17 00:00:00 2001 From: Jonn Callahan Date: Wed, 27 Jun 2018 16:07:57 -0700 Subject: [PATCH 06/19] because sorting is better than not --- modules/db.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/db.py b/modules/db.py index cb18a9e..bc71771 100644 --- a/modules/db.py +++ b/modules/db.py @@ -45,10 +45,10 @@ def module_list_services_by_key(): Show services for a given key service:sub_service example: elasticbeanstalk:DescribeEvents ''' - results = search_recon_by_key(db_name, AWS_ACCESS_KEY_ID) + results = ["{}.{}".format(r[0], r[1]) for r in search_recon_by_key(db_name, AWS_ACCESS_KEY_ID)] print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID)) - for result in results: - print("{}:{}".format(result[0], result[1])) + for result in sorted(results): + print(result) # for a key, what services does it have listed in the DB and the date @@ -59,7 +59,7 @@ def module_list_services_by_key_with_date(): Show services for a given key service:sub_service with date example: elasticbeanstalk:DescribeEvents -> Date: 2018-04-18 20:36:41.791780 ''' - results = search_recon_by_key(db_name, AWS_ACCESS_KEY_ID) + results = [("{}.{}".format(r[0], r[1]), r[2]) for r in search_recon_by_key(db_name, AWS_ACCESS_KEY_ID)] print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID)) - for result in results: - print("{}:{} -> Date: {}".format(result[0], result[1], result[2])) + for result, date in sorted(results, key=lambda r: r[0]): + print("{} -> Date: {}".format(result, date)) From 34d22d77bee935e7641764797ba060d8bfd49fe8 Mon Sep 17 00:00:00 2001 From: Jonn Callahan Date: Wed, 27 Jun 2018 16:15:46 -0700 Subject: [PATCH 07/19] updated the other funcs as well --- modules/db.py | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/modules/db.py b/modules/db.py index bc71771..ec4f040 100644 --- a/modules/db.py +++ b/modules/db.py @@ -21,21 +21,21 @@ def module_show_services_by_key(): Show services for a given key service:sub_service example: elasticbeanstalk:DescribeEvents ''' - results = search_recon_by_key(db_name, AWS_ACCESS_KEY_ID) + results = ["{}.{}".format(r[0], r[1]) for r in search_recon_by_key(db_name, AWS_ACCESS_KEY_ID)] print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID)) - for result in results: - print("{}:{}".format(result[0], result[1])) + for result in sorted(results): + print(result) def module_show_services_by_key_with_date(): ''' Show services for a given key service:sub_service - example: elasticbeanstalk:DescribeEvents + example: elasticbeanstalk:DescribeEvents -> Date: 2018-04-18 20:36:41.791780 ''' - results = search_recon_by_key(db_name, AWS_ACCESS_KEY_ID) + results = [("{}.{}".format(r[0], r[1]), r[2]) for r in search_recon_by_key(db_name, AWS_ACCESS_KEY_ID)] print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID)) - for result in results: - print("{}:{} -> Date: {}".format(result[0], result[1], result[2])) + for result, date in sorted(results, key=lambda r: r[0]): + print("{} -> Date: {}".format(result, date)) # same as show_sevices From 8e0ded67d37d42c527d172efed2666a45e3d864e Mon Sep 17 00:00:00 2001 From: cktricky Date: Thu, 13 Sep 2018 20:09:26 -0400 Subject: [PATCH 08/19] more shuffling --- modules/{ => aws}/aws_lambda.py | 0 modules/{ => aws}/ce.py | 0 modules/{ => aws}/cloudfront.py | 0 modules/{ => aws}/cloudtrail.py | 0 modules/{ => aws}/cloudwatch.py | 0 modules/{ => aws}/config.py | 0 modules/{ => aws}/datapipeline.py | 0 modules/{ => aws}/db.py | 0 modules/{ => aws}/dynamodb.py | 0 modules/{ => aws}/dynamodbstreams.py | 0 modules/{ => aws}/ec2.py | 0 modules/{ => aws}/ecr.py | 0 modules/{ => aws}/elasticbeanstalk.py | 0 modules/{ => aws}/emr.py | 0 modules/{ => aws}/firehose.py | 0 modules/{ => aws}/iam.py | 0 modules/{ => aws}/iam_pwn.py | 0 modules/{ => aws}/lightsail.py | 0 modules/{ => aws}/opsworks.py | 0 modules/{ => aws}/pricing.py | 0 modules/{ => aws}/rds.py | 0 modules/{ => aws}/recon.py | 0 modules/{ => aws}/route53.py | 0 modules/{ => aws}/s3.py | 0 modules/{ => aws}/ses.py | 0 modules/{ => aws}/sns.py | 0 modules/{ => aws}/sqs.py | 0 modules/{ => aws}/sts.py | 0 modules/{ => aws}/translate.py | 0 weirdAAL.py | 2 +- 30 files changed, 1 insertion(+), 1 deletion(-) rename modules/{ => aws}/aws_lambda.py (100%) rename modules/{ => aws}/ce.py (100%) rename modules/{ => aws}/cloudfront.py (100%) rename modules/{ => aws}/cloudtrail.py (100%) rename modules/{ => aws}/cloudwatch.py (100%) rename modules/{ => aws}/config.py (100%) rename modules/{ => aws}/datapipeline.py (100%) rename modules/{ => aws}/db.py (100%) rename modules/{ => aws}/dynamodb.py (100%) rename modules/{ => aws}/dynamodbstreams.py (100%) rename modules/{ => aws}/ec2.py (100%) rename modules/{ => aws}/ecr.py (100%) rename modules/{ => aws}/elasticbeanstalk.py (100%) rename modules/{ => aws}/emr.py (100%) rename modules/{ => aws}/firehose.py (100%) rename modules/{ => aws}/iam.py (100%) rename modules/{ => aws}/iam_pwn.py (100%) rename modules/{ => aws}/lightsail.py (100%) rename modules/{ => aws}/opsworks.py (100%) rename modules/{ => aws}/pricing.py (100%) rename modules/{ => aws}/rds.py (100%) rename modules/{ => aws}/recon.py (100%) rename modules/{ => aws}/route53.py (100%) rename modules/{ => aws}/s3.py (100%) rename modules/{ => aws}/ses.py (100%) rename modules/{ => aws}/sns.py (100%) rename modules/{ => aws}/sqs.py (100%) rename modules/{ => aws}/sts.py (100%) rename modules/{ => aws}/translate.py (100%) diff --git a/modules/aws_lambda.py b/modules/aws/aws_lambda.py similarity index 100% rename from modules/aws_lambda.py rename to modules/aws/aws_lambda.py diff --git a/modules/ce.py b/modules/aws/ce.py similarity index 100% rename from modules/ce.py rename to modules/aws/ce.py diff --git a/modules/cloudfront.py b/modules/aws/cloudfront.py similarity index 100% rename from modules/cloudfront.py rename to modules/aws/cloudfront.py diff --git a/modules/cloudtrail.py b/modules/aws/cloudtrail.py similarity index 100% rename from modules/cloudtrail.py rename to modules/aws/cloudtrail.py diff --git a/modules/cloudwatch.py b/modules/aws/cloudwatch.py similarity index 100% rename from modules/cloudwatch.py rename to modules/aws/cloudwatch.py diff --git a/modules/config.py b/modules/aws/config.py similarity index 100% rename from modules/config.py rename to modules/aws/config.py diff --git a/modules/datapipeline.py b/modules/aws/datapipeline.py similarity index 100% rename from modules/datapipeline.py rename to modules/aws/datapipeline.py diff --git a/modules/db.py b/modules/aws/db.py similarity index 100% rename from modules/db.py rename to modules/aws/db.py diff --git a/modules/dynamodb.py b/modules/aws/dynamodb.py similarity index 100% rename from modules/dynamodb.py rename to modules/aws/dynamodb.py diff --git a/modules/dynamodbstreams.py b/modules/aws/dynamodbstreams.py similarity index 100% rename from modules/dynamodbstreams.py rename to modules/aws/dynamodbstreams.py diff --git a/modules/ec2.py b/modules/aws/ec2.py similarity index 100% rename from modules/ec2.py rename to modules/aws/ec2.py diff --git a/modules/ecr.py b/modules/aws/ecr.py similarity index 100% rename from modules/ecr.py rename to modules/aws/ecr.py diff --git a/modules/elasticbeanstalk.py b/modules/aws/elasticbeanstalk.py similarity index 100% rename from modules/elasticbeanstalk.py rename to modules/aws/elasticbeanstalk.py diff --git a/modules/emr.py b/modules/aws/emr.py similarity index 100% rename from modules/emr.py rename to modules/aws/emr.py diff --git a/modules/firehose.py b/modules/aws/firehose.py similarity index 100% rename from modules/firehose.py rename to modules/aws/firehose.py diff --git a/modules/iam.py b/modules/aws/iam.py similarity index 100% rename from modules/iam.py rename to modules/aws/iam.py diff --git a/modules/iam_pwn.py b/modules/aws/iam_pwn.py similarity index 100% rename from modules/iam_pwn.py rename to modules/aws/iam_pwn.py diff --git a/modules/lightsail.py b/modules/aws/lightsail.py similarity index 100% rename from modules/lightsail.py rename to modules/aws/lightsail.py diff --git a/modules/opsworks.py b/modules/aws/opsworks.py similarity index 100% rename from modules/opsworks.py rename to modules/aws/opsworks.py diff --git a/modules/pricing.py b/modules/aws/pricing.py similarity index 100% rename from modules/pricing.py rename to modules/aws/pricing.py diff --git a/modules/rds.py b/modules/aws/rds.py similarity index 100% rename from modules/rds.py rename to modules/aws/rds.py diff --git a/modules/recon.py b/modules/aws/recon.py similarity index 100% rename from modules/recon.py rename to modules/aws/recon.py diff --git a/modules/route53.py b/modules/aws/route53.py similarity index 100% rename from modules/route53.py rename to modules/aws/route53.py diff --git a/modules/s3.py b/modules/aws/s3.py similarity index 100% rename from modules/s3.py rename to modules/aws/s3.py diff --git a/modules/ses.py b/modules/aws/ses.py similarity index 100% rename from modules/ses.py rename to modules/aws/ses.py diff --git a/modules/sns.py b/modules/aws/sns.py similarity index 100% rename from modules/sns.py rename to modules/aws/sns.py diff --git a/modules/sqs.py b/modules/aws/sqs.py similarity index 100% rename from modules/sqs.py rename to modules/aws/sqs.py diff --git a/modules/sts.py b/modules/aws/sts.py similarity index 100% rename from modules/sts.py rename to modules/aws/sts.py diff --git a/modules/translate.py b/modules/aws/translate.py similarity index 100% rename from modules/translate.py rename to modules/aws/translate.py diff --git a/weirdAAL.py b/weirdAAL.py index 9771525..f7c8be0 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -19,7 +19,7 @@ os.environ['AWS_SHARED_CREDENTIALS_FILE'] = '.env' # If you want to use a transparent + supports SSL proxy you can put it here # os.environ['HTTPS_PROXY'] = 'https://127.0.0.1:3128' -sys.path.append("modules") +sys.path.append("modules/aws/") for module in all_modules: exec("from %s import *" % module) From 188cbec8110da6e77cf1e076926d8571f58984fb Mon Sep 17 00:00:00 2001 From: cktricky Date: Fri, 14 Sep 2018 11:52:27 -0400 Subject: [PATCH 09/19] still futzing around --- libs/utils/common.py | 13 +++++++++---- weirdAAL.py | 8 +++++--- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/libs/utils/common.py b/libs/utils/common.py index e7136e6..424f965 100644 --- a/libs/utils/common.py +++ b/libs/utils/common.py @@ -5,8 +5,13 @@ def list_all_files(directory): array = [] - for file in list_of_files: - filename_and_ext = os.path.splitext(file) - if (filename_and_ext[1] == ".py") and not (filename_and_ext[0].startswith("__")): - array.append(filename_and_ext[0]) + path ="modules" + for (dirpath, dirnames, filenames) in os.walk(path): + if ( not (dirpath == os.path.basename(directory)) and + (os.path.isdir(dirpath)) + and not (os.path.basename(dirpath).startswith('__')) ): + if filenames: + list_path_name = dirpath.split('/') + array.append(".".join(list_path_name)) + #array.append(directory.split) return array diff --git a/weirdAAL.py b/weirdAAL.py index f7c8be0..27b827b 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -19,10 +19,11 @@ os.environ['AWS_SHARED_CREDENTIALS_FILE'] = '.env' # If you want to use a transparent + supports SSL proxy you can put it here # os.environ['HTTPS_PROXY'] = 'https://127.0.0.1:3128' -sys.path.append("modules/aws/") -for module in all_modules: - exec("from %s import *" % module) +sys.path.append("modules") +#for module in all_modules: +# exec("from %s import *" % module) +from modules import * parser = argparse.ArgumentParser() parser.add_argument("-m", "--module", help="list the module you would like to run", action="store", type=str, required=True) @@ -56,6 +57,7 @@ def perform_credential_check(): def method_create(): try: + print(globals()) arg = globals()["module_" + args.module] return arg except KeyError: From 126cb6bb5fb594d77613268b0e109e0c459b2df3 Mon Sep 17 00:00:00 2001 From: cktricky Date: Fri, 14 Sep 2018 12:30:01 -0400 Subject: [PATCH 10/19] woohoo, can still invoke commands --- libs/utils/common.py | 5 ++--- weirdAAL.py | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/libs/utils/common.py b/libs/utils/common.py index 424f965..069c258 100644 --- a/libs/utils/common.py +++ b/libs/utils/common.py @@ -10,8 +10,7 @@ def list_all_files(directory): if ( not (dirpath == os.path.basename(directory)) and (os.path.isdir(dirpath)) and not (os.path.basename(dirpath).startswith('__')) ): - if filenames: + for file in filenames: list_path_name = dirpath.split('/') - array.append(".".join(list_path_name)) - #array.append(directory.split) + array.append(".".join(list_path_name) + "." + os.path.splitext(file)[0]) return array diff --git a/weirdAAL.py b/weirdAAL.py index 27b827b..fd57f12 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -20,10 +20,9 @@ os.environ['AWS_SHARED_CREDENTIALS_FILE'] = '.env' # os.environ['HTTPS_PROXY'] = 'https://127.0.0.1:3128' sys.path.append("modules") -#for module in all_modules: -# exec("from %s import *" % module) +for module in all_modules: + exec("from %s import *" % module) -from modules import * parser = argparse.ArgumentParser() parser.add_argument("-m", "--module", help="list the module you would like to run", action="store", type=str, required=True) From 3930acdd8034c75eb13e16b9b4c24eb8557f5679 Mon Sep 17 00:00:00 2001 From: cktricky Date: Fri, 14 Sep 2018 12:30:18 -0400 Subject: [PATCH 11/19] removing the print debug statement --- weirdAAL.py | 1 - 1 file changed, 1 deletion(-) diff --git a/weirdAAL.py b/weirdAAL.py index fd57f12..9771525 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -56,7 +56,6 @@ def perform_credential_check(): def method_create(): try: - print(globals()) arg = globals()["module_" + args.module] return arg except KeyError: From 3e48296d4e2dec95e721b663d433606975a1e3eb Mon Sep 17 00:00:00 2001 From: cktricky Date: Fri, 14 Sep 2018 20:34:46 -0400 Subject: [PATCH 12/19] reworked the logic of modules and what not --- weirdAAL.py | 29 ++++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/weirdAAL.py b/weirdAAL.py index 9771525..b448f7b 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -25,19 +25,16 @@ for module in all_modules: parser = argparse.ArgumentParser() -parser.add_argument("-m", "--module", help="list the module you would like to run", action="store", type=str, required=True) -parser.add_argument("-t", "--target", help="Give your target a name so we can track results", action="store", type=str, required=True) +parser.add_argument("-m", "--module", help="list the module you would like to run", action="store", type=str, required=False) +parser.add_argument("-t", "--target", help="Give your target a name so we can track results", action="store", type=str, required=False) parser.add_argument("-a", "--arguments", help="Provide a list of arguments, comma separated. Ex: arg1,arg2,arg3", action="store", type=str, required=False) -parser.add_argument("-l", "--list", help="list modules", action="store_true") +parser.add_argument("-l", "--list", help="list modules", required=False, action="store_true") parser.add_argument("-v", "--verbosity", help="increase output verbosity", action="store_true") args = parser.parse_args() # Provides us with a global var "db_name" we can access anywhere builtins.db_name = "weirdAAL.db" -# Provides us with a global var "target" we can access anywhere -builtins.target = args.target - def perform_credential_check(): ''' Check that the AWS keys work before we go any further. It picks the keys up from the local .env file @@ -71,7 +68,7 @@ except: sys.exit(1) if (args.list): - pass + print(all_modules) # arg_list has to be defined otherwise will cause an exception @@ -82,12 +79,18 @@ if (args.arguments): # We need the user to tell us the module they want to proceed on if (args.module): - arg = method_create() - if callable(arg): - if arg_list: - arg(arg_list) - else: - arg() + if not (args.target): + print("Use -t to give your target a name so we can track results!!!") + sys.exit(1) + else: + # Provides us with a global var "target" we can access anywhere + builtins.target = args.target + arg = method_create() + if callable(arg): + if arg_list: + arg(arg_list) + else: + arg() # Allow the user to specify verbosity for debugging From f54427dd18198d9dc1e61ece583688edd469c4a8 Mon Sep 17 00:00:00 2001 From: cktricky Date: Thu, 20 Sep 2018 09:39:56 -0400 Subject: [PATCH 13/19] listing is in progress but needed to add a .keep to the gcp folder --- modules/gcp/.keep | 0 weirdAAL.py | 3 ++- 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 modules/gcp/.keep diff --git a/modules/gcp/.keep b/modules/gcp/.keep new file mode 100644 index 0000000..e69de29 diff --git a/weirdAAL.py b/weirdAAL.py index b448f7b..61d041a 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -68,7 +68,8 @@ except: sys.exit(1) if (args.list): - print(all_modules) + for module in all_modules: + print(module) # arg_list has to be defined otherwise will cause an exception From d2075c39437c1f9838b283859ad00d134517118d Mon Sep 17 00:00:00 2001 From: cktricky Date: Thu, 20 Sep 2018 09:57:03 -0400 Subject: [PATCH 14/19] fix so that files like .keep are not imported --- libs/utils/common.py | 3 ++- weirdAAL.py | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/libs/utils/common.py b/libs/utils/common.py index 069c258..ecfc882 100644 --- a/libs/utils/common.py +++ b/libs/utils/common.py @@ -12,5 +12,6 @@ def list_all_files(directory): and not (os.path.basename(dirpath).startswith('__')) ): for file in filenames: list_path_name = dirpath.split('/') - array.append(".".join(list_path_name) + "." + os.path.splitext(file)[0]) + if not (file.startswith('.')): + array.append(".".join(list_path_name) + "." + os.path.splitext(file)[0]) return array diff --git a/weirdAAL.py b/weirdAAL.py index 61d041a..efabcfb 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -69,7 +69,7 @@ except: if (args.list): for module in all_modules: - print(module) + print(dir(module)) # arg_list has to be defined otherwise will cause an exception From f49880a877f329c466a09583a9e360f3a3cf4019 Mon Sep 17 00:00:00 2001 From: cktricky Date: Fri, 21 Sep 2018 20:59:32 -0400 Subject: [PATCH 15/19] sweeeeet. now i just need the table formatted correctly and we are rockin and rollin --- weirdAAL.py | 49 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 47 insertions(+), 2 deletions(-) diff --git a/weirdAAL.py b/weirdAAL.py index efabcfb..b16bbd4 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -13,6 +13,7 @@ from botocore.exceptions import ClientError from modules import * import sys import builtins +import re os.environ['AWS_SHARED_CREDENTIALS_FILE'] = '.env' @@ -24,6 +25,7 @@ for module in all_modules: exec("from %s import *" % module) + parser = argparse.ArgumentParser() parser.add_argument("-m", "--module", help="list the module you would like to run", action="store", type=str, required=False) parser.add_argument("-t", "--target", help="Give your target a name so we can track results", action="store", type=str, required=False) @@ -35,6 +37,7 @@ args = parser.parse_args() # Provides us with a global var "db_name" we can access anywhere builtins.db_name = "weirdAAL.db" + def perform_credential_check(): ''' Check that the AWS keys work before we go any further. It picks the keys up from the local .env file @@ -59,6 +62,48 @@ def method_create(): print("That module does not exist") exit(1) +builtins.aws_module_methods_info = {} +builtins.gcp_module_methods_info = {} + +def get_methods_for_classname(classname): + methods = [] + all_methods = dir(sys.modules[classname]) + for meth in all_methods: + if meth.startswith("module_"): + narg = "{}.__doc__".format(meth) + narg = eval(narg) + nhash = {} + nhash[meth] = narg + methods.append(nhash) + return methods + + +def make_list_of_methods(cloud_service, mod): + meths = get_methods_for_classname(mod) + if cloud_service == 'aws': + new_mod_name = re.sub("modules.aws.", "", mod) + aws_module_methods_info[new_mod_name.upper()] = meths + elif cloud_service == 'gcp': + new_mod_name = re.sub("modules.gcp.", "", mod) + gcp_module_methods_info[new_mod_name.upper()] = meths + + +def make_the_list(): + for m in sys.modules.keys(): + if (m.startswith("modules.aws") + and not (m == "modules.aws")): + make_list_of_methods("aws", m) + elif ((m.startswith("modules.gcp")) + and not (m == "modules.gcp")): + make_list_of_methods("gcp", m) + +def print_the_list(): + print("AWS") + print("---") + for (k) in aws_module_methods_info: + print(k) + print(aws_module_methods_info[k]) + print("....") # Need to figure out if we have keys in the ENV or not try: @@ -68,8 +113,8 @@ except: sys.exit(1) if (args.list): - for module in all_modules: - print(dir(module)) + make_the_list() + print_the_list() # arg_list has to be defined otherwise will cause an exception From cbe44a8662a3df5e4b887beb19428f843a838336 Mon Sep 17 00:00:00 2001 From: cktricky Date: Fri, 21 Sep 2018 22:52:30 -0400 Subject: [PATCH 16/19] kewl printing now --- requirements.txt | 1 + weirdAAL.py | 29 +++++++++++++++++++++++------ 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/requirements.txt b/requirements.txt index 3ae7987..dd47ee7 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,3 +6,4 @@ python-dateutil==2.6.1 s3transfer==0.1.11 six==1.11.0 virtualenv==15.1.0 +tabulate=0.8.2 diff --git a/weirdAAL.py b/weirdAAL.py index b16bbd4..c79be88 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -14,6 +14,8 @@ from modules import * import sys import builtins import re +from tabulate import tabulate +import textwrap os.environ['AWS_SHARED_CREDENTIALS_FILE'] = '.env' @@ -97,13 +99,28 @@ def make_the_list(): and not (m == "modules.gcp")): make_list_of_methods("gcp", m) +def normalize_comments(string): + string = textwrap.fill(string.strip(), 40) + return string + + +def make_tabulate_rows(hash, cloud_provider): + entire_contents = [] + for (key) in hash: + for item in hash[key]: + for (k,v) in item.items(): + normalized_comment = normalize_comments(v) + entire_contents.append([cloud_provider, key, k, normalized_comment]) + + return entire_contents + + + def print_the_list(): - print("AWS") - print("---") - for (k) in aws_module_methods_info: - print(k) - print(aws_module_methods_info[k]) - print("....") + aws_rows = make_tabulate_rows(aws_module_methods_info, 'AWS') + gcp_rows = make_tabulate_rows(gcp_module_methods_info, 'GCP') + print(tabulate(aws_rows, headers=['Cloud Provider', 'Service', 'Mod', 'Desc'])) + print(tabulate(gcp_rows, headers=['Cloud Provider', 'Service', 'Mod', 'Desc'])) # Need to figure out if we have keys in the ENV or not try: From 180fd7cf29415f4dc9c73055e2efb5d987a0a365 Mon Sep 17 00:00:00 2001 From: Chris Gates Date: Tue, 25 Sep 2018 15:51:57 -0400 Subject: [PATCH 17/19] Update requirements.txt missing an = --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index dd47ee7..c6365d1 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,4 +6,4 @@ python-dateutil==2.6.1 s3transfer==0.1.11 six==1.11.0 virtualenv==15.1.0 -tabulate=0.8.2 +tabulate==0.8.2 From 66291a7031a4da09562a20240a56bfb5aa10a077 Mon Sep 17 00:00:00 2001 From: cktricky Date: Tue, 25 Sep 2018 17:03:38 -0400 Subject: [PATCH 18/19] restructuring libs to be a bit more sane in terms of schema and so that we can split between aws and gcp --- create_dbs.py | 2 +- libs/{ => aws}/aws_lambda.py | 0 libs/{ => aws}/brute.py | 2 +- libs/{ => aws}/ce.py | 0 libs/{ => aws}/cloudfront.py | 0 libs/{ => aws}/cloudtrail.py | 0 libs/{ => aws}/cloudwatch.py | 0 libs/{ => aws}/config.py | 0 libs/{ => aws}/datapipeline.py | 0 libs/{ => aws}/dynamodb.py | 0 libs/{ => aws}/dynamodbstreams.py | 0 libs/{ => aws}/ec2.py | 2 +- libs/{ => aws}/ecr.py | 0 libs/{ => aws}/elasticbeanstalk.py | 0 libs/{ => aws}/emr.py | 0 libs/{ => aws}/firehose.py | 0 libs/{ => aws}/iam.py | 0 libs/{ => aws}/lightsail.py | 0 libs/{ => aws}/opsworks.py | 0 libs/{ => aws}/pricing.py | 0 libs/{ => aws}/rds.py | 0 libs/{ => aws}/route53.py | 0 libs/{ => aws}/s3.py | 0 libs/{ => aws}/ses.py | 0 libs/{ => aws}/sns.py | 0 libs/{ => aws}/sql.py | 0 libs/{ => aws}/sqs.py | 0 libs/{ => aws}/sts.py | 0 libs/{ => aws}/translate.py | 0 modules/aws/aws_lambda.py | 2 +- modules/aws/ce.py | 2 +- modules/aws/cloudfront.py | 2 +- modules/aws/cloudtrail.py | 2 +- modules/aws/cloudwatch.py | 2 +- modules/aws/config.py | 2 +- modules/aws/datapipeline.py | 2 +- modules/aws/db.py | 2 +- modules/aws/dynamodb.py | 2 +- modules/aws/dynamodbstreams.py | 2 +- modules/aws/ec2.py | 2 +- modules/aws/ecr.py | 2 +- modules/aws/elasticbeanstalk.py | 2 +- modules/aws/emr.py | 2 +- modules/aws/firehose.py | 2 +- modules/aws/iam.py | 2 +- modules/aws/iam_pwn.py | 4 ++-- modules/aws/lightsail.py | 2 +- modules/aws/opsworks.py | 2 +- modules/aws/pricing.py | 2 +- modules/aws/rds.py | 2 +- modules/aws/recon.py | 12 ++++++------ modules/aws/route53.py | 4 ++-- modules/aws/s3.py | 2 +- modules/aws/ses.py | 2 +- modules/aws/sns.py | 2 +- modules/aws/sqs.py | 2 +- modules/aws/sts.py | 2 +- modules/aws/translate.py | 2 +- 58 files changed, 39 insertions(+), 39 deletions(-) rename libs/{ => aws}/aws_lambda.py (100%) rename libs/{ => aws}/brute.py (99%) rename libs/{ => aws}/ce.py (100%) rename libs/{ => aws}/cloudfront.py (100%) rename libs/{ => aws}/cloudtrail.py (100%) rename libs/{ => aws}/cloudwatch.py (100%) rename libs/{ => aws}/config.py (100%) rename libs/{ => aws}/datapipeline.py (100%) rename libs/{ => aws}/dynamodb.py (100%) rename libs/{ => aws}/dynamodbstreams.py (100%) rename libs/{ => aws}/ec2.py (99%) rename libs/{ => aws}/ecr.py (100%) rename libs/{ => aws}/elasticbeanstalk.py (100%) rename libs/{ => aws}/emr.py (100%) rename libs/{ => aws}/firehose.py (100%) rename libs/{ => aws}/iam.py (100%) rename libs/{ => aws}/lightsail.py (100%) rename libs/{ => aws}/opsworks.py (100%) rename libs/{ => aws}/pricing.py (100%) rename libs/{ => aws}/rds.py (100%) rename libs/{ => aws}/route53.py (100%) rename libs/{ => aws}/s3.py (100%) rename libs/{ => aws}/ses.py (100%) rename libs/{ => aws}/sns.py (100%) rename libs/{ => aws}/sql.py (100%) rename libs/{ => aws}/sqs.py (100%) rename libs/{ => aws}/sts.py (100%) rename libs/{ => aws}/translate.py (100%) diff --git a/create_dbs.py b/create_dbs.py index b09248e..49325b6 100644 --- a/create_dbs.py +++ b/create_dbs.py @@ -6,7 +6,7 @@ import builtins import sqlite3 from sqlite3 import Error -from libs.sql import * +from libs.aws.sql import * diff --git a/libs/aws_lambda.py b/libs/aws/aws_lambda.py similarity index 100% rename from libs/aws_lambda.py rename to libs/aws/aws_lambda.py diff --git a/libs/brute.py b/libs/aws/brute.py similarity index 99% rename from libs/brute.py rename to libs/aws/brute.py index 04074c9..fa12771 100644 --- a/libs/brute.py +++ b/libs/aws/brute.py @@ -16,7 +16,7 @@ import pprint import sys -from libs.sql import * +from libs.aws.sql import * pp = pprint.PrettyPrinter(indent=5, width=80) diff --git a/libs/ce.py b/libs/aws/ce.py similarity index 100% rename from libs/ce.py rename to libs/aws/ce.py diff --git a/libs/cloudfront.py b/libs/aws/cloudfront.py similarity index 100% rename from libs/cloudfront.py rename to libs/aws/cloudfront.py diff --git a/libs/cloudtrail.py b/libs/aws/cloudtrail.py similarity index 100% rename from libs/cloudtrail.py rename to libs/aws/cloudtrail.py diff --git a/libs/cloudwatch.py b/libs/aws/cloudwatch.py similarity index 100% rename from libs/cloudwatch.py rename to libs/aws/cloudwatch.py diff --git a/libs/config.py b/libs/aws/config.py similarity index 100% rename from libs/config.py rename to libs/aws/config.py diff --git a/libs/datapipeline.py b/libs/aws/datapipeline.py similarity index 100% rename from libs/datapipeline.py rename to libs/aws/datapipeline.py diff --git a/libs/dynamodb.py b/libs/aws/dynamodb.py similarity index 100% rename from libs/dynamodb.py rename to libs/aws/dynamodb.py diff --git a/libs/dynamodbstreams.py b/libs/aws/dynamodbstreams.py similarity index 100% rename from libs/dynamodbstreams.py rename to libs/aws/dynamodbstreams.py diff --git a/libs/ec2.py b/libs/aws/ec2.py similarity index 99% rename from libs/ec2.py rename to libs/aws/ec2.py index 1c355d8..40a57fa 100644 --- a/libs/ec2.py +++ b/libs/aws/ec2.py @@ -10,7 +10,7 @@ import pprint import sys import time -from libs.sql import * +from libs.aws.sql import * pp = pprint.PrettyPrinter(indent=5, width=80) diff --git a/libs/ecr.py b/libs/aws/ecr.py similarity index 100% rename from libs/ecr.py rename to libs/aws/ecr.py diff --git a/libs/elasticbeanstalk.py b/libs/aws/elasticbeanstalk.py similarity index 100% rename from libs/elasticbeanstalk.py rename to libs/aws/elasticbeanstalk.py diff --git a/libs/emr.py b/libs/aws/emr.py similarity index 100% rename from libs/emr.py rename to libs/aws/emr.py diff --git a/libs/firehose.py b/libs/aws/firehose.py similarity index 100% rename from libs/firehose.py rename to libs/aws/firehose.py diff --git a/libs/iam.py b/libs/aws/iam.py similarity index 100% rename from libs/iam.py rename to libs/aws/iam.py diff --git a/libs/lightsail.py b/libs/aws/lightsail.py similarity index 100% rename from libs/lightsail.py rename to libs/aws/lightsail.py diff --git a/libs/opsworks.py b/libs/aws/opsworks.py similarity index 100% rename from libs/opsworks.py rename to libs/aws/opsworks.py diff --git a/libs/pricing.py b/libs/aws/pricing.py similarity index 100% rename from libs/pricing.py rename to libs/aws/pricing.py diff --git a/libs/rds.py b/libs/aws/rds.py similarity index 100% rename from libs/rds.py rename to libs/aws/rds.py diff --git a/libs/route53.py b/libs/aws/route53.py similarity index 100% rename from libs/route53.py rename to libs/aws/route53.py diff --git a/libs/s3.py b/libs/aws/s3.py similarity index 100% rename from libs/s3.py rename to libs/aws/s3.py diff --git a/libs/ses.py b/libs/aws/ses.py similarity index 100% rename from libs/ses.py rename to libs/aws/ses.py diff --git a/libs/sns.py b/libs/aws/sns.py similarity index 100% rename from libs/sns.py rename to libs/aws/sns.py diff --git a/libs/sql.py b/libs/aws/sql.py similarity index 100% rename from libs/sql.py rename to libs/aws/sql.py diff --git a/libs/sqs.py b/libs/aws/sqs.py similarity index 100% rename from libs/sqs.py rename to libs/aws/sqs.py diff --git a/libs/sts.py b/libs/aws/sts.py similarity index 100% rename from libs/sts.py rename to libs/aws/sts.py diff --git a/libs/translate.py b/libs/aws/translate.py similarity index 100% rename from libs/translate.py rename to libs/aws/translate.py diff --git a/modules/aws/aws_lambda.py b/modules/aws/aws_lambda.py index 913e205..5d7ff5f 100644 --- a/modules/aws/aws_lambda.py +++ b/modules/aws/aws_lambda.py @@ -1,7 +1,7 @@ ''' This file is used to list lambda functions and event mappings ''' -from libs.aws_lambda import * +from libs.aws.aws_lambda import * def module_lambda_list_functions(): diff --git a/modules/aws/ce.py b/modules/aws/ce.py index 3d0c318..2133552 100644 --- a/modules/aws/ce.py +++ b/modules/aws/ce.py @@ -4,7 +4,7 @@ usually have to be root or be specifically assigned the permission to get anything from this ''' -from libs.ce import * +from libs.aws.ce import * def module_costexplorer_get_cost_and_usage(): diff --git a/modules/aws/cloudfront.py b/modules/aws/cloudfront.py index e4ed6c6..060a0d7 100644 --- a/modules/aws/cloudfront.py +++ b/modules/aws/cloudfront.py @@ -2,7 +2,7 @@ This file is used to perform some EMR actions ''' -from libs.cloudfront import * +from libs.aws.cloudfront import * def module_cloudfront_list_distributions(): diff --git a/modules/aws/cloudtrail.py b/modules/aws/cloudtrail.py index ce80466..844d654 100644 --- a/modules/aws/cloudtrail.py +++ b/modules/aws/cloudtrail.py @@ -1,7 +1,7 @@ ''' This file is used to perform cloudtrail actions ''' -from libs.cloudtrail import * +from libs.aws.cloudtrail import * def module_cloudtrail_describe_trails(): diff --git a/modules/aws/cloudwatch.py b/modules/aws/cloudwatch.py index b3d6072..9d94fec 100644 --- a/modules/aws/cloudwatch.py +++ b/modules/aws/cloudwatch.py @@ -2,7 +2,7 @@ example calling cloudwatch functions decribe alarms, describe alarm history, list metrics ''' -from libs.cloudwatch import * +from libs.aws.cloudwatch import * def module_cloudwatch_describe_alarms(): diff --git a/modules/aws/config.py b/modules/aws/config.py index babc125..a8e83b4 100644 --- a/modules/aws/config.py +++ b/modules/aws/config.py @@ -2,7 +2,7 @@ Module for interacting with the config service ''' -from libs.config import * +from libs.aws.config import * def module_config_list_all_rules(): diff --git a/modules/aws/datapipeline.py b/modules/aws/datapipeline.py index e2f75cd..191c0b9 100644 --- a/modules/aws/datapipeline.py +++ b/modules/aws/datapipeline.py @@ -2,7 +2,7 @@ datapipeline modules ''' -from libs.datapipeline import * +from libs.aws.datapipeline import * def module_datapipeline_list_pipelines(): diff --git a/modules/aws/db.py b/modules/aws/db.py index ec4f040..e3f6d33 100644 --- a/modules/aws/db.py +++ b/modules/aws/db.py @@ -6,7 +6,7 @@ import boto3 import sqlite3 from sqlite3 import Error -from libs.sql import * +from libs.aws.sql import * session = boto3.Session() credentials = session.get_credentials() diff --git a/modules/aws/dynamodb.py b/modules/aws/dynamodb.py index 08ac82e..126d5f8 100644 --- a/modules/aws/dynamodb.py +++ b/modules/aws/dynamodb.py @@ -1,7 +1,7 @@ ''' dynamoDB examples ''' -from libs.dynamodb import * +from libs.aws.dynamodb import * def module_dynamodb_list_tables(): diff --git a/modules/aws/dynamodbstreams.py b/modules/aws/dynamodbstreams.py index bc6da65..7c2a040 100644 --- a/modules/aws/dynamodbstreams.py +++ b/modules/aws/dynamodbstreams.py @@ -1,7 +1,7 @@ ''' dynamoDBstreams examples ''' -from libs.dynamodbstreams import * +from libs.aws.dynamodbstreams import * def module_dynamodbstreams_list_streams(): diff --git a/modules/aws/ec2.py b/modules/aws/ec2.py index f0f6fe1..3681591 100644 --- a/modules/aws/ec2.py +++ b/modules/aws/ec2.py @@ -2,7 +2,7 @@ This file is used to perform various EC2 operations ''' -from libs.ec2 import * +from libs.aws.ec2 import * def module_ec2_describe_instances_basic(): diff --git a/modules/aws/ecr.py b/modules/aws/ecr.py index 3e977ab..2c933cf 100644 --- a/modules/aws/ecr.py +++ b/modules/aws/ecr.py @@ -2,7 +2,7 @@ ECR functions ''' -from libs.ecr import * +from libs.aws.ecr import * def module_ecr_describe_repos(): diff --git a/modules/aws/elasticbeanstalk.py b/modules/aws/elasticbeanstalk.py index a16777c..e59dc6f 100644 --- a/modules/aws/elasticbeanstalk.py +++ b/modules/aws/elasticbeanstalk.py @@ -1,7 +1,7 @@ ''' This file is used to perform some ElasticBeanstalk actions ''' -from libs.elasticbeanstalk import * +from libs.aws.elasticbeanstalk import * ''' diff --git a/modules/aws/emr.py b/modules/aws/emr.py index a1b4e64..15b24e7 100644 --- a/modules/aws/emr.py +++ b/modules/aws/emr.py @@ -2,7 +2,7 @@ This file is used to perform some EMR actions ''' -from libs.emr import * +from libs.aws.emr import * def module_emr_list_clusters(): diff --git a/modules/aws/firehose.py b/modules/aws/firehose.py index 75aed36..eabefe0 100644 --- a/modules/aws/firehose.py +++ b/modules/aws/firehose.py @@ -1,7 +1,7 @@ ''' Firehose functions ''' -from libs.firehose import * +from libs.aws.firehose import * def module_firehose_list_delivery_streams(): diff --git a/modules/aws/iam.py b/modules/aws/iam.py index 901494d..328d292 100644 --- a/modules/aws/iam.py +++ b/modules/aws/iam.py @@ -2,7 +2,7 @@ IAM recon functions ''' -from libs.iam import * +from libs.aws.iam import * def module_iam_list_groups(): diff --git a/modules/aws/iam_pwn.py b/modules/aws/iam_pwn.py index a7ebdfd..cd0cc94 100644 --- a/modules/aws/iam_pwn.py +++ b/modules/aws/iam_pwn.py @@ -2,8 +2,8 @@ Functions specifically related to IAM account takeover if you have root or IAM access gather user info, manipulate access keys or passwords, make backdoor account ''' -from libs.iam import * -from libs.sts import * +from libs.aws.iam import * +from libs.aws.sts import * def module_iam_get_account_summary(): diff --git a/modules/aws/lightsail.py b/modules/aws/lightsail.py index a3dd3f4..67acb0b 100644 --- a/modules/aws/lightsail.py +++ b/modules/aws/lightsail.py @@ -2,7 +2,7 @@ Module for interacting with the lightsail ''' -from libs.lightsail import * +from libs.aws.lightsail import * def module_lightsail_get_instances(): diff --git a/modules/aws/opsworks.py b/modules/aws/opsworks.py index 323e703..949bca1 100644 --- a/modules/aws/opsworks.py +++ b/modules/aws/opsworks.py @@ -1,4 +1,4 @@ -from libs.opsworks import * +from libs.aws.opsworks import * def module_opsworks_describe_stacks(): diff --git a/modules/aws/pricing.py b/modules/aws/pricing.py index 776267e..3039e6a 100644 --- a/modules/aws/pricing.py +++ b/modules/aws/pricing.py @@ -4,7 +4,7 @@ usually have to be root or be specifically assigned the permission to get anything from this ''' -from libs.pricing import * +from libs.aws.pricing import * def module_pricing_describe_services(): diff --git a/modules/aws/rds.py b/modules/aws/rds.py index 1f42a38..0ceb233 100644 --- a/modules/aws/rds.py +++ b/modules/aws/rds.py @@ -2,7 +2,7 @@ RDS module ''' -from libs.rds import * +from libs.aws.rds import * def module_rds_describe_db_instances(): diff --git a/modules/aws/recon.py b/modules/aws/recon.py index 57b69bc..aac095f 100644 --- a/modules/aws/recon.py +++ b/modules/aws/recon.py @@ -3,14 +3,14 @@ This module handles the core recon functionality by asking all the services that have functions that done have arguments if we can access them :-) ''' -from libs.brute import * -from libs.s3 import * +from libs.aws.brute import * +from libs.aws.s3 import * # for recon_defaults -from libs.elasticbeanstalk import * -from libs.opsworks import * -from libs.route53 import * -from libs.sts import * +from libs.aws.elasticbeanstalk import * +from libs.aws.opsworks import * +from libs.aws.route53 import * +from libs.aws.sts import * # maps to available services in boto 1.7.4 diff --git a/modules/aws/route53.py b/modules/aws/route53.py index 1cf62a7..1f03964 100644 --- a/modules/aws/route53.py +++ b/modules/aws/route53.py @@ -2,13 +2,13 @@ route53 functions ''' -from libs.route53 import * +from libs.aws.route53 import * def module_route53_list_geolocations(): ''' Route53 list geolocations - + python3 weirdAAL.py -m route53_list_geolocations -t demo ''' list_geolocations() diff --git a/modules/aws/s3.py b/modules/aws/s3.py index 763762b..416cae4 100644 --- a/modules/aws/s3.py +++ b/modules/aws/s3.py @@ -2,7 +2,7 @@ S3 module ''' -from libs.s3 import * +from libs.aws.s3 import * def module_s3_get_bucket_policy(*args): diff --git a/modules/aws/ses.py b/modules/aws/ses.py index e213799..a20b13e 100644 --- a/modules/aws/ses.py +++ b/modules/aws/ses.py @@ -2,7 +2,7 @@ SES module ''' -from libs.ses import * +from libs.aws.ses import * def module_ses_list_identities(): diff --git a/modules/aws/sns.py b/modules/aws/sns.py index b529bab..a7ef82c 100644 --- a/modules/aws/sns.py +++ b/modules/aws/sns.py @@ -2,7 +2,7 @@ SNS module ''' -from libs.sns import * +from libs.aws.sns import * def module_sns_list_topics(): ''' diff --git a/modules/aws/sqs.py b/modules/aws/sqs.py index a9d9f61..f060087 100644 --- a/modules/aws/sqs.py +++ b/modules/aws/sqs.py @@ -2,7 +2,7 @@ SQS Modules ''' -from libs.sqs import * +from libs.aws.sqs import * def module_sqs_list_queues(): diff --git a/modules/aws/sts.py b/modules/aws/sts.py index c476fc5..0162efb 100644 --- a/modules/aws/sts.py +++ b/modules/aws/sts.py @@ -2,7 +2,7 @@ This file is used to perform some EMR actions ''' -from libs.sts import * +from libs.aws.sts import * def module_sts_get_accountid(): diff --git a/modules/aws/translate.py b/modules/aws/translate.py index 252cb92..5701138 100644 --- a/modules/aws/translate.py +++ b/modules/aws/translate.py @@ -2,7 +2,7 @@ Translate module ''' -from libs.translate import * +from libs.aws.translate import * def module_translate_translate_text(*text): From e051b80aad12f5813157a56d16126aa61c9b4bcf Mon Sep 17 00:00:00 2001 From: cktricky Date: Tue, 25 Sep 2018 17:08:47 -0400 Subject: [PATCH 19/19] updated. Fixes #59 --- weirdAAL.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/weirdAAL.py b/weirdAAL.py index c79be88..387036f 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -122,6 +122,11 @@ def print_the_list(): print(tabulate(aws_rows, headers=['Cloud Provider', 'Service', 'Mod', 'Desc'])) print(tabulate(gcp_rows, headers=['Cloud Provider', 'Service', 'Mod', 'Desc'])) +if (args.list): + make_the_list() + print_the_list() + sys.exit(1) + # Need to figure out if we have keys in the ENV or not try: perform_credential_check() @@ -129,10 +134,6 @@ except: print("Check the above error message and fix to use weirdAAL") sys.exit(1) -if (args.list): - make_the_list() - print_the_list() - # arg_list has to be defined otherwise will cause an exception arg_list = None