From 53c89be8ddbdeb79487c2bc7692798caca6e5d25 Mon Sep 17 00:00:00 2001 From: carnal0wnage Date: Tue, 24 Apr 2018 21:40:16 -0400 Subject: [PATCH] pep8 fixes --- libs/aws_lambda.py | 40 ++++++++++++++++++++++++++++++++++++---- libs/brute.py | 30 ++++++++++++++++-------------- modules/aws_lambda.py | 15 +++++++++++---- 3 files changed, 63 insertions(+), 22 deletions(-) diff --git a/libs/aws_lambda.py b/libs/aws_lambda.py index a6de03c..370bc35 100644 --- a/libs/aws_lambda.py +++ b/libs/aws_lambda.py @@ -1,5 +1,5 @@ ''' -lamda functions for WeirdAAL +Lambda functions for WeirdAAL ''' import boto3 @@ -96,7 +96,7 @@ def lambda_get_function(functionname, region): client = boto3.client('lambda', region_name=region) response = client.get_function(FunctionName=functionname) - #print(response) + # print(response) if response.get('Configuration') is None: print("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID)) @@ -106,7 +106,7 @@ def lambda_get_function(functionname, region): print(response['Configuration']) print("\n") # print(response['Code']) - print("Download link for {}:{}".format(functionname,response['Code']['Location'])) + print("Download link for {}:{}".format(functionname, response['Code']['Location'])) except botocore.exceptions.ClientError as e: if e.response['Error']['Code'] == 'InvalidClientTokenId': sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) @@ -117,4 +117,36 @@ def lambda_get_function(functionname, region): else: print("Unexpected error: {}" .format(e)) except KeyboardInterrupt: - print("CTRL-C received, exiting...") \ No newline at end of file + print("CTRL-C received, exiting...") + + +def lambda_get_account_settings(): + ''' + Returns Lambda account info + ''' + print("### Attempting to get account settings ###") + try: + client = boto3.client('lambda') + response = client.get_account_settings() + # print(response) + if response.get('AccountLimit') is None: + print("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID)) + elif len(response['AccountLimit']) <= 0: + print("[-] GetAccountSettings allowed for {} but no results [-]" .format(region)) + else: + print("AccountLimit:") + pp.pprint(response['AccountLimit']) + print("AccountUsage:") + pp.pprint(response['AccountUsage']) + print("\n") + except botocore.exceptions.ClientError as e: + if e.response['Error']['Code'] == 'InvalidClientTokenId': + sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'AccessDenied': + print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'SubscriptionRequiredException': + print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) + else: + print("Unexpected error: {}" .format(e)) + except KeyboardInterrupt: + print("CTRL-C received, exiting...") diff --git a/libs/brute.py b/libs/brute.py index 95e7160..32f535a 100644 --- a/libs/brute.py +++ b/libs/brute.py @@ -146,6 +146,7 @@ def generic_permission_bruteforcer(service, tests): print("\n") return actions + def generic_permission_bruteforcer_region(service, tests, region_passed): actions = [] try: @@ -183,6 +184,7 @@ def generic_permission_bruteforcer_region(service, tests, region_passed): print("\n") return actions + def generic_method_bruteforcer(service, tests): actions = [] client = boto3.client(service, region_name=region) @@ -219,6 +221,7 @@ def generic_method_bruteforcer(service, tests): actions.append(api_action) return actions + def generic_method_bruteforcer_region(service, tests, region_passed): actions = [] client = boto3.client(service, region_name=region_passed) @@ -277,7 +280,7 @@ def brute_alexaforbusiness_permissions(): http://boto3.readthedocs.io/en/latest/reference/services/alexaforbusiness.html ''' print("### Enumerating Alexa For Business Permissions ###") - tests = [('CreateAddressBook', 'create_address_book', (), {'Name' : 'Test'}, ), ] + tests = [('CreateAddressBook', 'create_address_book', (), {'Name': 'Test'}, ), ] return generic_permission_bruteforcer('alexaforbusiness', tests) @@ -400,8 +403,8 @@ def brute_cloudformation_permissions(): print("### Enumerating CloudFormation Permissions ###") tests = [('ListStacks', 'list_stacks', (), {}), ('DescribeStacks', 'describe_stacks', (), {}), - #('DescribeStackEvents', 'describe_stack_events', (), {}), - #('DescribeStackResources', 'describe_stack_resources', (), {}), + # ('DescribeStackEvents', 'describe_stack_events', (), {}), + # ('DescribeStackResources', 'describe_stack_resources', (), {}), ('ListExports', 'list_exports', (), {}), ('DescribeAccountLimits', 'describe_account_limits', (), {}), ] return generic_permission_bruteforcer('cloudformation', tests) @@ -456,7 +459,7 @@ def brute_cloudsearchdomain_permissions(): Disabled---requires a custom search domain from cloudsearch describe_domains results ''' print("### Enumerating Amazon CloudSearch Domain Permissions ###") - tests = [('Search', 'search', (), {'query':'*'}, ), ] + tests = [('Search', 'search', (), {'query': '*'}, ), ] return generic_permission_bruteforcer('cloudsearchdomain', tests) @@ -509,7 +512,7 @@ def brute_codedeploy_permissions(): tests = [('ListApplications', 'list_applications', (), {}, ), ('ListDeployments', 'list_deployments', (), {}, ), ('ListDeploymentsConfigs', 'list_deployment_configs', (), {}, ), - ('ListGitHubAccountTokenNames', 'list_git_hub_account_token_names', (), {}, ), #returning an error no function of that name + ('ListGitHubAccountTokenNames', 'list_git_hub_account_token_names', (), {}, ), ('ListOnPremisesInstances', 'list_on_premises_instances', (), {}, ), ] return generic_permission_bruteforcer('codedeploy', tests) @@ -587,6 +590,7 @@ def brute_configservice_permissions(): # http://boto3.readthedocs.io/en/latest/reference/services/connect.html # no functions + def brute_costandusagereportservice_permissions(): ''' http://boto3.readthedocs.io/en/latest/reference/services/cur.html @@ -703,7 +707,7 @@ def brute_ec2_permissions(): ('DescribeVolumes', 'describe_volumes', (), {'DryRun': True}, ), ('CreateVolume', 'create_volume', (), {'AvailabilityZone': 'us-east-1a', 'Size': 8, 'DryRun': True}, ), ('DescribeSnapshots', 'describe_snapshots', (), {'DryRun': True, 'OwnerIds': ['self', ]}, ), - #('CreateSnapshot', 'create_snapshot', (), {'VolumeId': 'vol-05777eab71bc97dcb', 'DryRun': True}, ), + # ('CreateSnapshot', 'create_snapshot', (), {'VolumeId': 'vol-05777eab71bc97dcb', 'DryRun': True}, ), ('DescribeAccountAttributes', 'describe_account_attributes', (), {'DryRun': True}, ), ('DescribeAddresses', 'describe_addresses', (), {'DryRun': True}, ), ('DescribeAvailabilityZones', 'describe_availability_zones', (), {'DryRun': True}, ), @@ -914,10 +918,7 @@ def brute_gamelift_permissions(): ('DescribeEC2InstanceLimits', 'describe_ec2_instance_limits', (), {}), ('DescribeFleetAttributes', 'describe_fleet_attributes', (), {}), ('DescribeFleetCapacity', 'describe_fleet_capacity', (), {}), - #('DescribeGameSessionDetails', 'describe_game_session_details', (), {}), ('DescribeGameSessionQueues', 'describe_game_session_queues', (), {}), ] - #('DescribeGameSessions', 'describe_game_sessions', (), {}), - #('DescribePlayerSessions', 'describe_player_sessions', (), {}), ] return generic_permission_bruteforcer('gamelift', tests) @@ -1094,6 +1095,7 @@ def brute_lambda_permissions(): ''' print("### Enumerating Lambda Permissions ###") tests = [('ListFunctions', 'list_functions', (), {}, ), + ('GetAccountSettings', 'get_account_settings', (), {}), ('ListEventSourceMappings', 'list_event_source_mappings', (), {}), ] return generic_permission_bruteforcer('lambda', tests) @@ -1540,7 +1542,7 @@ def brute_ssm_permissions(): ''' print("### Enumerating Amazon Simple Systems Manager (SSM) Permissions ###") tests = [('DescribeActivations', 'describe_activations', (), {}), - #('DescribeAssociation', 'describe_association', (), {}), + # ('DescribeAssociation', 'describe_association', (), {}), ('ListDocuments', 'list_documents', (), {}), ('ListResourceComplianceSummaries', 'list_resource_compliance_summaries', (), {}), ] return generic_permission_bruteforcer('ssm', tests) @@ -1591,7 +1593,7 @@ def brute_swf_permissions(): http://boto3.readthedocs.io/en/latest/reference/services/swf.html ''' print("### Enumerating Amazon Simple Workflow Service (SWF) Permissions ###") - tests = [('ListDomains', 'list_domains', (), {'registrationStatus':'REGISTERED'}), ] + tests = [('ListDomains', 'list_domains', (), {'registrationStatus': 'REGISTERED'}), ] return generic_permission_bruteforcer('swf', tests) @@ -1610,7 +1612,7 @@ def brute_translate_permissions(): http://boto3.readthedocs.io/en/latest/reference/services/translate.html ''' print("### Enumerating Amazon Translate Permissions ###") - tests = [('TranslateText', 'translate_text', (), {'Text': 'secure your shit', 'SourceLanguageCode': 'en' ,'TargetLanguageCode': 'es' }), ] + tests = [('TranslateText', 'translate_text', (), {'Text': 'secure your shit', 'SourceLanguageCode': 'en', 'TargetLanguageCode': 'es'}), ] return generic_permission_bruteforcer('translate', tests) @@ -1621,7 +1623,7 @@ def brute_waf_permissions(): print("### Enumerating AWS WAF Permissions ###") tests = [('ListRules', 'list_rules', (), {}), ('ListRuleGroups', 'list_rule_groups', (), {}), - #('ListActivatedRulesInRuleGroup', 'list_activated_rules_in_rule_group', (), {}), + # ('ListActivatedRulesInRuleGroup', 'list_activated_rules_in_rule_group', (), {}), ('ListIpSets', 'list_ip_sets', (), {}), ] return generic_permission_bruteforcer('waf', tests) @@ -1633,7 +1635,7 @@ def brute_waf_regional_permissions(): print("### Enumerating AWS WAF Regional Permissions ###") tests = [('ListRules', 'list_rules', (), {}), ('ListRuleGroups', 'list_rule_groups', (), {}), - #('ListActivatedRulesInRuleGroup', 'list_activated_rules_in_rule_group', (), {}), + # ('ListActivatedRulesInRuleGroup', 'list_activated_rules_in_rule_group', (), {}), ('ListIpSets', 'list_ip_sets', (), {}), ] return generic_permission_bruteforcer('waf-regional', tests) diff --git a/modules/aws_lambda.py b/modules/aws_lambda.py index 63a1b81..9be4a96 100644 --- a/modules/aws_lambda.py +++ b/modules/aws_lambda.py @@ -13,8 +13,15 @@ def module_lambda_list_event_source_mappings(): def module_lambda_get_function(*text): - ''' - get specfied function. Takes function name from list_functions and region the function exists in + ''' + get specfied function. Takes function name from list_functions and region the function exists in + python3 weirdAAL.py -m lambda_get_function -a 'MY_LAMBDA_FUNCTION','us-west-2' -t yolo + ''' + lambda_get_function(text[0][0], text[0][1]) - ''' - lambda_get_function(text[0][0], text[0][1]) \ No newline at end of file + +def module_lambda_get_account_settings(): + ''' + Returns a customer's account settings. + ''' + lambda_get_account_settings()