From 51d2887a60efaee2b50edbe4c971e6acf34baec0 Mon Sep 17 00:00:00 2001 From: cktricky Date: Fri, 6 Apr 2018 13:02:53 -1000 Subject: [PATCH] fixed indentation and print errors --- libs/brute.py | 4 +++- libs/config.py | 6 ++--- libs/datapipeline.py | 25 ++++++++++--------- libs/dynamodb.py | 52 +++++++++++++++++++--------------------- libs/dynamodbstreams.py | 26 ++++++++++---------- libs/ecr.py | 4 ++-- libs/elasticbeanstalk.py | 25 ++++++++++--------- libs/emr.py | 9 ++++--- libs/route53.py | 6 ++--- modules/__init__.py | 1 + modules/iam_pwn.py | 2 +- target.txt | 0 weirdAAL.py | 2 +- 13 files changed, 77 insertions(+), 85 deletions(-) create mode 100644 target.txt diff --git a/libs/brute.py b/libs/brute.py index 381e1c4..c76ce0b 100644 --- a/libs/brute.py +++ b/libs/brute.py @@ -10,7 +10,9 @@ import datetime #change as required once we decide time format from libs.sql import * - +def step_cg_test(): + pass + # we chould probably load this from one place in the future #TODO db_name = "weirdAAL.db" diff --git a/libs/config.py b/libs/config.py index a3aea8c..56915a2 100644 --- a/libs/config.py +++ b/libs/config.py @@ -32,7 +32,7 @@ def describe_configuration_recorders(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, r print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID)) pass else: - print "Unexpected error: {}" .format(e) + print("Unexpected error: {}" .format(e)) except KeyboardInterrupt: print("CTRL-C received, exiting...") @@ -57,8 +57,8 @@ def describe_configuration_rules(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, regio print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID)) pass else: - print "Unexpected error: {}" .format(e) + print("Unexpected error: {}" .format(e)) except KeyboardInterrupt: print("CTRL-C received, exiting...") - return response \ No newline at end of file + return response diff --git a/libs/datapipeline.py b/libs/datapipeline.py index 0307586..2237938 100644 --- a/libs/datapipeline.py +++ b/libs/datapipeline.py @@ -16,19 +16,18 @@ def list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): print("### Printing Data Pipeline Pipelines ###") try: for region in regions: - client = boto3.client('datapipeline', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) - - response = client.list_pipelines() - print"### {} Data Pipelines ###" .format(region) - if response.get('pipelineIdList') is None: - print("{} likely does not have Data Pipeline permissions\n" .format(AWS_ACCESS_KEY_ID)) - elif len(response['pipelineIdList']) <= 0: - print("[-] ListPipelines allowed for {} but no results [-]" .format(region)) - else: - print"### {} Data Pipelines ###" .format(region) - for pipes in response['pipelineIdList']: - pp.pprint(pipes) - print("\n") + client = boto3.client('datapipeline', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) + response = client.list_pipelines() + print("### {} Data Pipelines ###" .format(region)) + if response.get('pipelineIdList') is None: + print("{} likely does not have Data Pipeline permissions\n" .format(AWS_ACCESS_KEY_ID)) + elif len(response['pipelineIdList']) <= 0: + print("[-] ListPipelines allowed for {} but no results [-]" .format(region)) + else: + print("### {} Data Pipelines ###" .format(region)) + for pipes in response['pipelineIdList']: + pp.pprint(pipes) + print("\n") except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': diff --git a/libs/dynamodb.py b/libs/dynamodb.py index ee8ee94..3d5e7c7 100644 --- a/libs/dynamodb.py +++ b/libs/dynamodb.py @@ -15,19 +15,18 @@ regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', ' def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): print("### Printing DynamoDB Tables ###") try: - for region in regions: - client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) - - response = client.list_tables() - if response.get('TableNames') is None: - print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) - elif len(response['TableNames']) <= 0: - print("[-] ListTables allowed for {} but no results [-]" .format(region)) - else: - print"### {} DynamoDB Tables ###" .format(region) - for tables in response['TableNames']: - pp.pprint(tables) - print("\n") + for region in regions: + client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) + response = client.list_tables() + if response.get('TableNames') is None: + print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) + elif len(response['TableNames']) <= 0: + print("[-] ListTables allowed for {} but no results [-]" .format(region)) + else: + print("### {} DynamoDB Tables ###" .format(region)) + for tables in response['TableNames']: + pp.pprint(tables) + print("\n") except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': @@ -42,19 +41,17 @@ def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): print("### Printing DynamoDB Tables ###") try: - for region in regions: - client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) - - response = client.list_tables() - if response.get('TableNames') is None: - print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) - elif len(response['TableNames']) <= 0: - print("[-] ListTables allowed for {} but no results [-]" .format(region)) - else: - print"### {} DynamoDB Tables ###" .format(region) - for tables in response['TableNames']: - #pp.pprint(tables) - describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, tables, region) + for region in regions: + client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) + response = client.list_tables() + if response.get('TableNames') is None: + print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) + elif len(response['TableNames']) <= 0: + print("[-] ListTables allowed for {} but no results [-]" .format(region)) + else: + print("### {} DynamoDB Tables ###" .format(region)) + for tables in response['TableNames']: + describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, tables, region) print("\n") except botocore.exceptions.ClientError as e: @@ -70,8 +67,7 @@ def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): def describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, table, region): print("### Describing DynamoDB Table: {} ###" .format(table)) try: - client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) - + client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) response = client.describe_table(TableName=table) if response.get('Table') is None: print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) diff --git a/libs/dynamodbstreams.py b/libs/dynamodbstreams.py index cf7a3a8..2b55bb0 100644 --- a/libs/dynamodbstreams.py +++ b/libs/dynamodbstreams.py @@ -16,20 +16,18 @@ regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', ' def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): print("### Printing DynamoDBstreams ###") try: - for region in regions: - client = boto3.client('dynamodbstreams', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) + for region in regions: + client = boto3.client('dynamodbstreams', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) + if response.get('Streams') is None: + print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) + elif len(response['Streams']) <= 0: + print("[-] ListStreams allowed for {} but no results [-]" .format(region)) + else: + print("### {} DynamoDB Streams ###" .format(region)) + for streams in response['Streams']: + pp.pprint(streams) + print("\n") - response = client.list_streams() - if response.get('Streams') is None: - print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) - elif len(response['Streams']) <= 0: - print("[-] ListStreams allowed for {} but no results [-]" .format(region)) - else: - print"### {} DynamoDB Streams ###" .format(region) - for streams in response['Streams']: - pp.pprint(streams) - print("\n") - except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -38,4 +36,4 @@ def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): else: print("Unexpected error: {}" .format(e)) except KeyboardInterrupt: - print("CTRL-C received, exiting...") \ No newline at end of file + print("CTRL-C received, exiting...") diff --git a/libs/ecr.py b/libs/ecr.py index 82cc1f1..bfc4cce 100644 --- a/libs/ecr.py +++ b/libs/ecr.py @@ -27,11 +27,11 @@ def describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['repositories']) <= 0: print("[-] DescribeRepositories allowed for {} but no results [-]" .format(region)) else: - print"### {} ECR Repositories ###" .format(region) + print("### {} ECR Repositories ###" .format(region)) for tables in response['repositories']: pp.pprint(tables) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) diff --git a/libs/elasticbeanstalk.py b/libs/elasticbeanstalk.py index 8483523..b97caef 100644 --- a/libs/elasticbeanstalk.py +++ b/libs/elasticbeanstalk.py @@ -27,11 +27,11 @@ def describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['Applications']) <= 0: print("[-] DescribeApplications allowed for {} but no results [-]" .format(region)) else: - print"### {} ElasticBeanstalk Applications ###" .format(region) + print("### {} ElasticBeanstalk Applications ###" .format(region)) for app in response['Applications']: pp.pprint(app) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -57,11 +57,11 @@ def describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['ApplicationVersions']) <= 0: print("[-] DescribeApplicationVersions allowed for {} but no results [-]" .format(region)) else: - print"### {} ElasticBeanstalk Application Versions ###" .format(region) + print("### {} ElasticBeanstalk Application Versions ###" .format(region)) for app in response['ApplicationVersions']: pp.pprint(app) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -87,7 +87,7 @@ def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['Options']) <= 0: print("[-] DescribeConfigurationOptions allowed for {} but no results [-]" .format(region)) else: - print"### {} ElasticBeanstalk Configuration Options ###" .format(region) + print("### {} ElasticBeanstalk Configuration Options ###" .format(region)) #if response['PlatformArn'] is None: # pass #else: @@ -96,7 +96,7 @@ def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): print("SolutionStackName: {}" .format(response['SolutionStackName'])) pp.pprint( "Options: {}" .format(response['Options'])) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -122,11 +122,11 @@ def describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['Environments']) <= 0: print("[-] DescribeEnvironments allowed for {} but no results [-]" .format(region)) else: - print"### {} ElasticBeanstalk Environments ###" .format(region) + print("### {} ElasticBeanstalk Environments ###" .format(region)) for enviro in response['Environments']: - pp.pprint(enviro) + pp.pprint(enviro) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -152,11 +152,11 @@ def describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['Events']) <= 0: print("[-] DescribeEvents allowed for {} but no results [-]" .format(region)) else: - print"### {} ElasticBeanstalk Events ###" .format(region) + print("### {} ElasticBeanstalk Events ###" .format(region)) for events in response['Events']: - pp.pprint(events) + pp.pprint(events) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -166,4 +166,3 @@ def describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): print("Unexpected error: {}" .format(e)) except KeyboardInterrupt: print("CTRL-C received, exiting...") - diff --git a/libs/emr.py b/libs/emr.py index f405214..983bd4c 100644 --- a/libs/emr.py +++ b/libs/emr.py @@ -27,11 +27,11 @@ def list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['Clusters']) <= 0: print("[-] ListClusters allowed for {} but no results [-]" .format(region)) else: - print"### {} EMR Clusters ###" .format(region) + print("### {} EMR Clusters ###" .format(region)) for app in response['Clusters']: pp.pprint(app) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -57,11 +57,11 @@ def list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['SecurityConfigurations']) <= 0: print("[-] ListSecurityConfigurations allowed for {} but no results [-]" .format(region)) else: - print"### {} EMR Security Configuration ###" .format(region) + print("### {} EMR Security Configuration ###" .format(region)) for app in response['SecurityConfigurations']: pp.pprint(app) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -71,4 +71,3 @@ def list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): print("Unexpected error: {}" .format(e)) except KeyboardInterrupt: print("CTRL-C received, exiting...") - diff --git a/libs/route53.py b/libs/route53.py index c7b6163..d173a78 100644 --- a/libs/route53.py +++ b/libs/route53.py @@ -30,11 +30,11 @@ def list_geolocations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): elif len(response['GeoLocationDetailsList']) <= 0: print("[-] ListGeoLocations allowed for {} but no results [-]" .format(region)) else: - print"### {} Route53 GeoLocations ###" .format(region) + print("### {} Route53 GeoLocations ###" .format(region)) for app in response['GeoLocationDetailsList']: pp.pprint(app) print("\n") - + except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -44,5 +44,3 @@ def list_geolocations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): print("Unexpected error: {}" .format(e)) except KeyboardInterrupt: print("CTRL-C received, exiting...") - - diff --git a/modules/__init__.py b/modules/__init__.py index 7ad8262..4f3d876 100644 --- a/modules/__init__.py +++ b/modules/__init__.py @@ -8,4 +8,5 @@ dirpath = os.getcwd() foldername = os.path.dirname(os.path.realpath(__file__)) all_files = list_all_files(foldername) + __all__ = all_files diff --git a/modules/iam_pwn.py b/modules/iam_pwn.py index be8217e..1085294 100644 --- a/modules/iam_pwn.py +++ b/modules/iam_pwn.py @@ -3,7 +3,7 @@ if you have root or IAM access gather user info, manipulate access keys or passw ''' from libs.iam import * from libs.sts import * -from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY +#from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY def step_cg_test(): diff --git a/target.txt b/target.txt new file mode 100644 index 0000000..e69de29 diff --git a/weirdAAL.py b/weirdAAL.py index 0887c52..691eb30 100755 --- a/weirdAAL.py +++ b/weirdAAL.py @@ -11,7 +11,7 @@ import argparse import os from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY from botocore.exceptions import ClientError -from modules import * +from libs import * parser = argparse.ArgumentParser() parser.add_argument("-s", "--step", help="list the step you would like to run",