updates
This commit is contained in:
carnal0wnage
@@ -9,4 +9,5 @@ from libs.sql import *
|
|||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
db_name = "weirdAAL.db"
|
db_name = "weirdAAL.db"
|
||||||
create_awskey_table(db_name, "AWSKey")
|
create_awskey_table(db_name, "AWSKey")
|
||||||
create_recon_table(db_name, "recon")
|
create_recon_table(db_name, "recon")
|
||||||
|
create_services_table(db_name,"services")
|
||||||
@@ -124,7 +124,7 @@ def generic_permission_bruteforcer(service, tests):
|
|||||||
|
|
||||||
db_logger = []
|
db_logger = []
|
||||||
for action in actions:
|
for action in actions:
|
||||||
db_logger.append([service, action, AWS_ACCESS_KEY_ID, timenow])
|
db_logger.append([service, action, AWS_ACCESS_KEY_ID, datetime.datetime.now()])
|
||||||
# print (db_logger)
|
# print (db_logger)
|
||||||
|
|
||||||
# scrapped the json logging idea but keeping it here just in case
|
# scrapped the json logging idea but keeping it here just in case
|
||||||
@@ -161,7 +161,7 @@ def generic_permission_bruteforcer_region(service, tests, region_passed):
|
|||||||
|
|
||||||
db_logger = []
|
db_logger = []
|
||||||
for action in actions:
|
for action in actions:
|
||||||
db_logger.append([service, action, AWS_ACCESS_KEY_ID, timenow])
|
db_logger.append([service, action, AWS_ACCESS_KEY_ID, datetime.datetime.now()])
|
||||||
# print (db_logger)
|
# print (db_logger)
|
||||||
|
|
||||||
# scrapped the json logging idea but keeping it here just in case
|
# scrapped the json logging idea but keeping it here just in case
|
||||||
|
|||||||
16
libs/sql.py
16
libs/sql.py
@@ -33,7 +33,7 @@ def create_recon_table(db_name, table_name):
|
|||||||
service text,
|
service text,
|
||||||
sub_service text,
|
sub_service text,
|
||||||
AWSKeyID text,
|
AWSKeyID text,
|
||||||
checked_at text,
|
checked_at timestamp,
|
||||||
PRIMARY KEY (ID))"""
|
PRIMARY KEY (ID))"""
|
||||||
#FOREIGN KEY (AWSKeyID) references AWSKey(ID))"""
|
#FOREIGN KEY (AWSKeyID) references AWSKey(ID))"""
|
||||||
create_table(db_name,table_name,sql)
|
create_table(db_name,table_name,sql)
|
||||||
@@ -48,6 +48,18 @@ def create_awskey_table(db_name, table_name):
|
|||||||
create_table(db_name,table_name,sql)
|
create_table(db_name,table_name,sql)
|
||||||
print ("created table: {}".format(table_name))
|
print ("created table: {}".format(table_name))
|
||||||
|
|
||||||
|
def create_services_table(db_name, table_name):
|
||||||
|
sql = """CREATE TABLE services
|
||||||
|
(ID integer,
|
||||||
|
AWSKeyID Text,
|
||||||
|
service text,
|
||||||
|
sub_service text,
|
||||||
|
sub_service_data text,
|
||||||
|
checked_at timestamp,
|
||||||
|
PRIMARY KEY(ID))"""
|
||||||
|
create_table(db_name,table_name,sql)
|
||||||
|
print ("created table: {}".format(table_name))
|
||||||
|
|
||||||
|
|
||||||
def insert_awskey_data(db_name, records):
|
def insert_awskey_data(db_name, records):
|
||||||
sql = """INSERT INTO AWSKey(AWSKeyID, Description) VALUES (?,?)"""
|
sql = """INSERT INTO AWSKey(AWSKeyID, Description) VALUES (?,?)"""
|
||||||
@@ -62,7 +74,7 @@ def insert_reconservice_data(db_name, records):
|
|||||||
def search_recon_by_key(db_name,AWSKeyID):
|
def search_recon_by_key(db_name,AWSKeyID):
|
||||||
with sqlite3.connect(db_name) as db:
|
with sqlite3.connect(db_name) as db:
|
||||||
cursor = db.cursor()
|
cursor = db.cursor()
|
||||||
cursor.execute("""SELECT service,sub_service FROM recon WHERE AWSKeyID=?""",(AWSKeyID,))
|
cursor.execute("""SELECT service,sub_service,checked_at FROM recon WHERE AWSKeyID=? ORDER BY datetime(checked_at)""",(AWSKeyID,))
|
||||||
results = cursor.fetchall()
|
results = cursor.fetchall()
|
||||||
return results
|
return results
|
||||||
|
|
||||||
|
|||||||
@@ -1,29 +1,66 @@
|
|||||||
'''
|
'''
|
||||||
queries that interact with db can go here
|
Queries that interact with the db
|
||||||
'''
|
'''
|
||||||
|
|
||||||
import boto3
|
import boto3
|
||||||
import sqlite3
|
import sqlite3
|
||||||
from sqlite3 import Error
|
from sqlite3 import Error
|
||||||
|
|
||||||
from libs.sql import *
|
from libs.sql import *
|
||||||
|
|
||||||
session = boto3.Session()
|
session = boto3.Session()
|
||||||
credentials = session.get_credentials()
|
credentials = session.get_credentials()
|
||||||
AWS_ACCESS_KEY_ID = credentials.access_key
|
AWS_ACCESS_KEY_ID = credentials.access_key
|
||||||
|
|
||||||
|
db_name = "weirdAAL.db"
|
||||||
|
|
||||||
# for a key, what services does it have listed in the DB
|
# for a key, what services does it have listed in the DB
|
||||||
|
|
||||||
|
|
||||||
def step_show_services_by_key():
|
def step_show_services_by_key():
|
||||||
db_name = "weirdAAL.db"
|
'''
|
||||||
results = search_recon_by_key(db_name,AWS_ACCESS_KEY_ID)
|
Show services for a given key service:sub_service
|
||||||
|
example: elasticbeanstalk:DescribeEvents
|
||||||
|
'''
|
||||||
|
results = search_recon_by_key(db_name, AWS_ACCESS_KEY_ID)
|
||||||
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
|
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
|
||||||
for result in results:
|
for result in results:
|
||||||
print("{}:{}".format(result[0],result[1]))
|
print("{}:{}".format(result[0], result[1]))
|
||||||
|
|
||||||
|
|
||||||
|
def step_show_services_by_key_with_date():
|
||||||
|
'''
|
||||||
|
Show services for a given key service:sub_service
|
||||||
|
example: elasticbeanstalk:DescribeEvents
|
||||||
|
'''
|
||||||
|
results = search_recon_by_key(db_name, AWS_ACCESS_KEY_ID)
|
||||||
|
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
|
||||||
|
for result in results:
|
||||||
|
print("{}:{} -> Date: {}".format(result[0], result[1], result[2]))
|
||||||
|
|
||||||
# same as show_sevices
|
# same as show_sevices
|
||||||
|
|
||||||
|
|
||||||
def step_list_services_by_key():
|
def step_list_services_by_key():
|
||||||
db_name = "weirdAAL.db"
|
'''
|
||||||
results = search_recon_by_key(db_name,AWS_ACCESS_KEY_ID)
|
Show services for a given key service:sub_service
|
||||||
|
example: elasticbeanstalk:DescribeEvents
|
||||||
|
'''
|
||||||
|
results = search_recon_by_key(db_name, AWS_ACCESS_KEY_ID)
|
||||||
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
|
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
|
||||||
for result in results:
|
for result in results:
|
||||||
print("{}:{}".format(result[0],result[1]))
|
print("{}:{}".format(result[0], result[1]))
|
||||||
|
|
||||||
|
|
||||||
|
# for a key, what services does it have listed in the DB and the date
|
||||||
|
|
||||||
|
|
||||||
|
def step_list_services_by_key_with_date():
|
||||||
|
'''
|
||||||
|
Show services for a given key service:sub_service with date
|
||||||
|
example: elasticbeanstalk:DescribeEvents -> Date: 2018-04-18 20:36:41.791780
|
||||||
|
'''
|
||||||
|
results = search_recon_by_key(db_name, AWS_ACCESS_KEY_ID)
|
||||||
|
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
|
||||||
|
for result in results:
|
||||||
|
print("{}:{} -> Date: {}".format(result[0], result[1], result[2]))
|
||||||
|
|||||||
@@ -60,9 +60,9 @@ def method_create():
|
|||||||
|
|
||||||
|
|
||||||
# Need to figure out if we have keys in the ENV or not
|
# Need to figure out if we have keys in the ENV or not
|
||||||
if AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY:
|
try:
|
||||||
perform_credential_check()
|
perform_credential_check()
|
||||||
else:
|
except:
|
||||||
print("Please supply keys as outlined in our README.md file")
|
print("Please supply keys as outlined in our README.md file")
|
||||||
# exit(1)
|
# exit(1)
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user