dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixed indentation and print errors

Browse Source
This commit is contained in:
cktricky
2018-04-06 13:02:53 -10:00
parent 3ae87d030a
commit 51d2887a60
13 changed files with 77 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libs/brute.py
View File

@@ -10,7 +10,9 @@ import datetime #change as required once we decide time format
from libs.sql import * from libs.sql import *
def step_cg_test():
pass
# we chould probably load this from one place in the future #TODO # we chould probably load this from one place in the future #TODO
db_name = "weirdAAL.db" db_name = "weirdAAL.db"

6
libs/config.py
View File

@@ -32,7 +32,7 @@ def describe_configuration_recorders(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, r
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID)) print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass pass
else: else:
print "Unexpected error: {}" .format(e) print("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
@@ -57,8 +57,8 @@ def describe_configuration_rules(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, regio
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID)) print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass pass
else: else:
print "Unexpected error: {}" .format(e) print("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
return response return response

25
libs/datapipeline.py
View File

@@ -16,19 +16,18 @@ def list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing Data Pipeline Pipelines ###") print("### Printing Data Pipeline Pipelines ###")
try: try:
for region in regions: for region in regions:
client = boto3.client('datapipeline', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) client = boto3.client('datapipeline', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_pipelines()
response = client.list_pipelines() print("### {} Data Pipelines ###" .format(region))
print"### {} Data Pipelines ###" .format(region) if response.get('pipelineIdList') is None:
if response.get('pipelineIdList') is None: print("{} likely does not have Data Pipeline permissions\n" .format(AWS_ACCESS_KEY_ID))
print("{} likely does not have Data Pipeline permissions\n" .format(AWS_ACCESS_KEY_ID)) elif len(response['pipelineIdList']) <= 0:
elif len(response['pipelineIdList']) <= 0: print("[-] ListPipelines allowed for {} but no results [-]" .format(region))
print("[-] ListPipelines allowed for {} but no results [-]" .format(region)) else:
else: print("### {} Data Pipelines ###" .format(region))
print"### {} Data Pipelines ###" .format(region) for pipes in response['pipelineIdList']:
for pipes in response['pipelineIdList']: pp.pprint(pipes)
pp.pprint(pipes) print("\n")
print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':

52
libs/dynamodb.py
View File

@@ -15,19 +15,18 @@ regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', '
def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing DynamoDB Tables ###") print("### Printing DynamoDB Tables ###")
try: try:
for region in regions: for region in regions:
client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_tables()
response = client.list_tables() if response.get('TableNames') is None:
if response.get('TableNames') is None: print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) elif len(response['TableNames']) <= 0:
elif len(response['TableNames']) <= 0: print("[-] ListTables allowed for {} but no results [-]" .format(region))
print("[-] ListTables allowed for {} but no results [-]" .format(region)) else:
else: print("### {} DynamoDB Tables ###" .format(region))
print"### {} DynamoDB Tables ###" .format(region) for tables in response['TableNames']:
for tables in response['TableNames']: pp.pprint(tables)
pp.pprint(tables) print("\n")
print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
@@ -42,19 +41,17 @@ def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing DynamoDB Tables ###") print("### Printing DynamoDB Tables ###")
try: try:
for region in regions: for region in regions:
client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_tables()
response = client.list_tables() if response.get('TableNames') is None:
if response.get('TableNames') is None: print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) elif len(response['TableNames']) <= 0:
elif len(response['TableNames']) <= 0: print("[-] ListTables allowed for {} but no results [-]" .format(region))
print("[-] ListTables allowed for {} but no results [-]" .format(region)) else:
else: print("### {} DynamoDB Tables ###" .format(region))
print"### {} DynamoDB Tables ###" .format(region) for tables in response['TableNames']:
for tables in response['TableNames']: describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, tables, region)
#pp.pprint(tables)
describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, tables, region)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
@@ -70,8 +67,7 @@ def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, table, region): def describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, table, region):
print("### Describing DynamoDB Table: {} ###" .format(table)) print("### Describing DynamoDB Table: {} ###" .format(table))
try: try:
client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.describe_table(TableName=table) response = client.describe_table(TableName=table)
if response.get('Table') is None: if response.get('Table') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID)) print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))

26
libs/dynamodbstreams.py
View File

@@ -16,20 +16,18 @@ regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', '
def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing DynamoDBstreams ###") print("### Printing DynamoDBstreams ###")
try: try:
for region in regions: for region in regions:
client = boto3.client('dynamodbstreams', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region) client = boto3.client('dynamodbstreams', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
if response.get('Streams') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Streams']) <= 0:
print("[-] ListStreams allowed for {} but no results [-]" .format(region))
else:
print("### {} DynamoDB Streams ###" .format(region))
for streams in response['Streams']:
pp.pprint(streams)
print("\n")
response = client.list_streams()
if response.get('Streams') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Streams']) <= 0:
print("[-] ListStreams allowed for {} but no results [-]" .format(region))
else:
print"### {} DynamoDB Streams ###" .format(region)
for streams in response['Streams']:
pp.pprint(streams)
print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -38,4 +36,4 @@ def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
else: else:
print("Unexpected error: {}" .format(e)) print("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")

4
libs/ecr.py
View File

@@ -27,11 +27,11 @@ def describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['repositories']) <= 0: elif len(response['repositories']) <= 0:
print("[-] DescribeRepositories allowed for {} but no results [-]" .format(region)) print("[-] DescribeRepositories allowed for {} but no results [-]" .format(region))
else: else:
print"### {} ECR Repositories ###" .format(region) print("### {} ECR Repositories ###" .format(region))
for tables in response['repositories']: for tables in response['repositories']:
pp.pprint(tables) pp.pprint(tables)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))

25
libs/elasticbeanstalk.py
View File

@@ -27,11 +27,11 @@ def describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['Applications']) <= 0: elif len(response['Applications']) <= 0:
print("[-] DescribeApplications allowed for {} but no results [-]" .format(region)) print("[-] DescribeApplications allowed for {} but no results [-]" .format(region))
else: else:
print"### {} ElasticBeanstalk Applications ###" .format(region) print("### {} ElasticBeanstalk Applications ###" .format(region))
for app in response['Applications']: for app in response['Applications']:
pp.pprint(app) pp.pprint(app)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -57,11 +57,11 @@ def describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['ApplicationVersions']) <= 0: elif len(response['ApplicationVersions']) <= 0:
print("[-] DescribeApplicationVersions allowed for {} but no results [-]" .format(region)) print("[-] DescribeApplicationVersions allowed for {} but no results [-]" .format(region))
else: else:
print"### {} ElasticBeanstalk Application Versions ###" .format(region) print("### {} ElasticBeanstalk Application Versions ###" .format(region))
for app in response['ApplicationVersions']: for app in response['ApplicationVersions']:
pp.pprint(app) pp.pprint(app)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -87,7 +87,7 @@ def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['Options']) <= 0: elif len(response['Options']) <= 0:
print("[-] DescribeConfigurationOptions allowed for {} but no results [-]" .format(region)) print("[-] DescribeConfigurationOptions allowed for {} but no results [-]" .format(region))
else: else:
print"### {} ElasticBeanstalk Configuration Options ###" .format(region) print("### {} ElasticBeanstalk Configuration Options ###" .format(region))
#if response['PlatformArn'] is None: #if response['PlatformArn'] is None:
# pass # pass
#else: #else:
@@ -96,7 +96,7 @@ def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("SolutionStackName: {}" .format(response['SolutionStackName'])) print("SolutionStackName: {}" .format(response['SolutionStackName']))
pp.pprint( "Options: {}" .format(response['Options'])) pp.pprint( "Options: {}" .format(response['Options']))
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -122,11 +122,11 @@ def describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['Environments']) <= 0: elif len(response['Environments']) <= 0:
print("[-] DescribeEnvironments allowed for {} but no results [-]" .format(region)) print("[-] DescribeEnvironments allowed for {} but no results [-]" .format(region))
else: else:
print"### {} ElasticBeanstalk Environments ###" .format(region) print("### {} ElasticBeanstalk Environments ###" .format(region))
for enviro in response['Environments']: for enviro in response['Environments']:
pp.pprint(enviro) pp.pprint(enviro)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -152,11 +152,11 @@ def describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['Events']) <= 0: elif len(response['Events']) <= 0:
print("[-] DescribeEvents allowed for {} but no results [-]" .format(region)) print("[-] DescribeEvents allowed for {} but no results [-]" .format(region))
else: else:
print"### {} ElasticBeanstalk Events ###" .format(region) print("### {} ElasticBeanstalk Events ###" .format(region))
for events in response['Events']: for events in response['Events']:
pp.pprint(events) pp.pprint(events)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -166,4 +166,3 @@ def describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("Unexpected error: {}" .format(e)) print("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")

9
libs/emr.py
View File

@@ -27,11 +27,11 @@ def list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['Clusters']) <= 0: elif len(response['Clusters']) <= 0:
print("[-] ListClusters allowed for {} but no results [-]" .format(region)) print("[-] ListClusters allowed for {} but no results [-]" .format(region))
else: else:
print"### {} EMR Clusters ###" .format(region) print("### {} EMR Clusters ###" .format(region))
for app in response['Clusters']: for app in response['Clusters']:
pp.pprint(app) pp.pprint(app)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -57,11 +57,11 @@ def list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['SecurityConfigurations']) <= 0: elif len(response['SecurityConfigurations']) <= 0:
print("[-] ListSecurityConfigurations allowed for {} but no results [-]" .format(region)) print("[-] ListSecurityConfigurations allowed for {} but no results [-]" .format(region))
else: else:
print"### {} EMR Security Configuration ###" .format(region) print("### {} EMR Security Configuration ###" .format(region))
for app in response['SecurityConfigurations']: for app in response['SecurityConfigurations']:
pp.pprint(app) pp.pprint(app)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -71,4 +71,3 @@ def list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("Unexpected error: {}" .format(e)) print("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")

6
libs/route53.py
View File

@@ -30,11 +30,11 @@ def list_geolocations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif len(response['GeoLocationDetailsList']) <= 0: elif len(response['GeoLocationDetailsList']) <= 0:
print("[-] ListGeoLocations allowed for {} but no results [-]" .format(region)) print("[-] ListGeoLocations allowed for {} but no results [-]" .format(region))
else: else:
print"### {} Route53 GeoLocations ###" .format(region) print("### {} Route53 GeoLocations ###" .format(region))
for app in response['GeoLocationDetailsList']: for app in response['GeoLocationDetailsList']:
pp.pprint(app) pp.pprint(app)
print("\n") print("\n")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
@@ -44,5 +44,3 @@ def list_geolocations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("Unexpected error: {}" .format(e)) print("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")

1
modules/__init__.py
View File

@@ -8,4 +8,5 @@ dirpath = os.getcwd()
foldername = os.path.dirname(os.path.realpath(__file__)) foldername = os.path.dirname(os.path.realpath(__file__))
all_files = list_all_files(foldername) all_files = list_all_files(foldername)
__all__ = all_files __all__ = all_files

2
modules/iam_pwn.py
View File

@@ -3,7 +3,7 @@ if you have root or IAM access gather user info, manipulate access keys or passw
''' '''
from libs.iam import * from libs.iam import *
from libs.sts import * from libs.sts import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY #from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_cg_test(): def step_cg_test():

0
target.txt Normal file
View File

2
weirdAAL.py
View File

@@ -11,7 +11,7 @@ import argparse
import os import os
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
from botocore.exceptions import ClientError from botocore.exceptions import ClientError
from modules import * from libs import *
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
parser.add_argument("-s", "--step", help="list the step you would like to run", parser.add_argument("-s", "--step", help="list the step you would like to run",