dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

documentation and rm'ing the key piece

Browse Source
This commit is contained in:
carnal0wnage
2018-04-16 21:05:15 -04:00
parent b928189a66
commit 582c2c7d38
28 changed files with 412 additions and 210 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
libs/aws_lambda.py
View File

@@ -1,18 +1,25 @@
'''
lamda functions
'''
import boto3
import botocore
import os
import pprint
import sys
'''
lamda functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def list_functions():
print("### Listing Lambda Functions ###")

28
libs/brute.py
View File

@@ -11,6 +11,13 @@ import datetime
from libs.sql import *
'''
This is the main brute library so that we can get an idea what services a particular
key has access to. We do this by asking if we have permission on as many services &
subfunctions as we can. Printed to screen and logged to db.
'''
# we chould probably load this from one place in the future #TODO
db_name = "weirdAAL.db"
@@ -24,15 +31,30 @@ regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', '
region = 'us-east-1'
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
#print(AWS_ACCESS_KEY_ID)
def get_accountid():
client = boto3.client('sts', region_name=region)
account_id = client.get_caller_identity()["Account"]
try:
client = boto3.client("sts")
account_id = client.get_caller_identity()["Account"]
print("Account Id: {}" .format(account_id))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'EndpointConnectionError':
print("[-] Cant connect to the {} endpoint [-]" .format(region))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
return account_id
# NOT QUITE WORKING YET

20
libs/ce.py
View File

@@ -1,21 +1,29 @@
'''
Cost Explorer Library
'''
import boto3
import botocore
import pprint
import sys
'''
Cost Explorer functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', ]
def ce_get_cost_and_usage(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def ce_get_cost_and_usage():
try:
for region in regions:
client = boto3.client('ce', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('ce', region_name=region)
response = client.get_cost_and_usage(TimePeriod={'Start': '2018-01-01', 'End': '2018-04-01'}, Granularity='MONTHLY', Metrics=["BlendedCost", "UnblendedCost", "UsageQuantity"],)
print(response)
#if response.get('Services') is None:

25
libs/cloudtrail.py
View File

@@ -1,24 +1,32 @@
'''
Cloudtrail functions
'''
import boto3
import botocore
import os
import pprint
import sys
'''
Cloudtrail functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1' ]
# 'cn-north-1', 'cn-northwest-1', 'us-gov-west-1' throwing An error occurred (UnrecognizedClientException) when calling the DescribeTrails operation: The security token included in the request is invalid.
def describe_trails(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def describe_trails():
print("### Printing CloudTrail DescribeTrails ###")
try:
for region in regions:
client = boto3.client('cloudtrail', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('cloudtrail', region_name=region)
response = client.describe_trails()
@@ -49,11 +57,12 @@ def describe_trails(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def list_public_keys(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_public_keys():
print("### Printing CloudTrail DescribeTrails ###")
try:
for region in regions:
client = boto3.client('cloudtrail', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('cloudtrail', region_name=region)
response = client.list_public_keys()

31
libs/cloudwatch.py
View File

@@ -1,22 +1,31 @@
'''
cloudwatch functions
'''
import boto3
import botocore
import os
import pprint
import sys,os
import sys
'''
Cloudwatch functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
def describe_alarms(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def describe_alarms():
print("### Printing Cloudwatch Alarm Information ###")
try:
for region in regions:
client = boto3.client('cloudwatch', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('cloudwatch', region_name=region)
response = client.describe_alarms()
print ("### {} Alarms ###" .format(region))
@@ -37,11 +46,11 @@ def describe_alarms(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_alarm_history(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_alarm_history():
print("### Printing Cloudwatch Alarm History Information ###")
try:
for region in regions:
client = boto3.client('cloudwatch', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY,region_name=region)
client = boto3.client('cloudwatch', region_name=region)
response = client.describe_alarm_history()
#print response
@@ -68,11 +77,11 @@ def describe_alarm_history(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def list_metrics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_metrics():
print("### Printing Cloudwatch List Metrics ###")
try:
for region in regions:
client = boto3.client('cloudwatch', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY,region_name=region)
client = boto3.client('cloudwatch', region_name=region)
response = client.list_metrics()
#print response

23
libs/config.py
View File

@@ -1,22 +1,29 @@
'''
Config Library
'''
import boto3
import botocore
import pprint
import sys
'''
Config functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def describe_configuration_recorders(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, region):
def describe_configuration_recorders(region):
response = {}
try:
client = boto3.client("config", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY,region_name=region)
client = boto3.client("config", region_name=region)
response = client.describe_configuration_recorders()
#print response
@@ -40,10 +47,10 @@ def describe_configuration_recorders(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, r
return response
def describe_configuration_rules(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, region):
def describe_configuration_rules(region):
response = []
try:
client = boto3.client("config", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY,region_name=region)
client = boto3.client("config", region_name=region)
response = client.describe_config_rules()
#print response

36
libs/datapipeline.py
View File

@@ -1,22 +1,38 @@
'''
datapipeline functions
'''
import boto3
import botocore
import os
import pprint
import sys,os
import sys
'''
Datapipleine functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-west-2', 'eu-west-1', 'ap-northeast-1', 'ap-southeast-2', ]
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-west-2', 'eu-west-1', 'ap-northeast-1', 'ap-southeast-2', ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def list_pipelines():
'''
Function to use the datapipeline boto3 library to list available pipelines
'''
print("### Printing Data Pipeline Pipelines ###")
try:
for region in regions:
client = boto3.client('datapipeline', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
for region in regions:
client = boto3.client('datapipeline', region_name=region)
response = client.list_pipelines()
print("### {} Data Pipelines ###" .format(region))
if response.get('pipelineIdList') is None:

27
libs/dynamodb.py
View File

@@ -1,24 +1,31 @@
'''
dynamoDB functions
'''
import boto3
import botocore
import pprint
import sys
import os
'''
dynamoDB functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2']
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_dynamodb_tables():
print("### Printing DynamoDB Tables ###")
try:
for region in regions:
client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('dynamodb', region_name=region)
response = client.list_tables()
if response.get('TableNames') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -43,11 +50,11 @@ def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_dynamodb_tables_detailed():
print("### Printing DynamoDB Tables ###")
try:
for region in regions:
client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('dynamodb', region_name=region)
response = client.list_tables()
if response.get('TableNames') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -74,10 +81,10 @@ def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, table, region):
def describe_table(table, region):
print("### Describing DynamoDB Table: {} ###" .format(table))
try:
client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('dynamodb', region_name=region)
response = client.describe_table(TableName=table)
if response.get('Table') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))

19
libs/dynamodbstreams.py
View File

@@ -1,24 +1,31 @@
'''
dynamoDBstreams functions
'''
import boto3
import botocore
import pprint
import os
import sys
'''
dynamoDBstreams functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2']
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_dynamodbstreams():
print("### Printing DynamoDBstreams ###")
try:
for region in regions:
client = boto3.client('dynamodbstreams', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('dynamodbstreams', region_name=region)
response = client.list_streams()
if response.get('Streams') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))

15
libs/ec2.py
View File

@@ -1,17 +1,22 @@
'''
ec2 functions go here
'''
import boto3
import botocore
import pprint
'''
EC2 functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2']
# we are past the enumeration stage at this point assume you have key that works
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def review_encrypted_volumes():

20
libs/ecr.py
View File

@@ -1,23 +1,31 @@
'''
ECR functions
'''
import boto3
import botocore
import os
import pprint
import sys
'''
ECR functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-southeast-1', 'ap-southeast-2', ]
def describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def describe_repositories():
print("### Printing ECR Repositories ###")
try:
for region in regions:
client = boto3.client('ecr', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('ecr', region_name=region)
response = client.describe_repositories()

35
libs/elasticbeanstalk.py
View File

@@ -1,24 +1,31 @@
'''
ElasticBeanstalk functions
'''
import boto3
import botocore
import os
import pprint
import sys
'''
ElasticBeanstalk functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_applications():
print("### Printing ElasticBeanstalk Applications ###")
try:
for region in regions:
client = boto3.client('elasticbeanstalk', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('elasticbeanstalk', region_name=region)
response = client.describe_applications()
@@ -47,11 +54,11 @@ def describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_application_versions():
print("### Printing ElasticBeanstalk Applications Versions ###")
try:
for region in regions:
client = boto3.client('elasticbeanstalk', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('elasticbeanstalk', region_name=region)
response = client.describe_application_versions()
@@ -80,11 +87,11 @@ def describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_configuration_options():
print("### Printing ElasticBeanstalk Configuration Options ###")
try:
for region in regions:
client = boto3.client('elasticbeanstalk', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('elasticbeanstalk', region_name=region)
response = client.describe_configuration_options()
print(response)
@@ -119,11 +126,11 @@ def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_environments():
print("### Printing ElasticBeanstalk Environments ###")
try:
for region in regions:
client = boto3.client('elasticbeanstalk', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('elasticbeanstalk', region_name=region)
response = client.describe_environments()
@@ -152,11 +159,11 @@ def describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_events():
print("### Printing ElasticBeanstalk Environments ###")
try:
for region in regions:
client = boto3.client('elasticbeanstalk', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('elasticbeanstalk', region_name=region)
response = client.describe_events()

23
libs/emr.py
View File

@@ -1,24 +1,31 @@
'''
EMR functions
'''
import boto3
import botocore
import os
import pprint
import sys
'''
EMR functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_clusters():
print("### Printing EMR Clusters ###")
try:
for region in regions:
client = boto3.client('emr', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('emr', region_name=region)
response = client.list_clusters()
@@ -45,11 +52,11 @@ def list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_security_configurations():
print("### Printing EMR Security Configuration ###")
try:
for region in regions:
client = boto3.client('emr', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('emr', region_name=region)
response = client.list_security_configurations()

24
libs/firehose.py
View File

@@ -1,23 +1,31 @@
'''
Firehose functions
'''
import boto3
import botocore
import os
import pprint
import sys
'''
Firehose functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'eu-central-1', 'eu-west-1', 'ap-northeast-1', 'ap-southeast-1', 'ap-southeast-2', ]
def firehose_list_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def firehose_list_delivery_streams():
print("### Printing Firehose Delivery Streams ###")
try:
for region in regions:
client = boto3.client('firehose', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('firehose', region_name=region)
response = client.list_delivery_streams()
@@ -44,11 +52,11 @@ def firehose_list_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def firehose_describe_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def firehose_describe_delivery_streams():
print("### Printing Firehose Delivery Streams & details ###")
try:
for region in regions:
client = boto3.client('firehose', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('firehose', region_name=region)
response = client.list_delivery_streams()

93
libs/iam.py
View File

@@ -1,7 +1,3 @@
'''
IAM library
'''
import boto3
import botocore
@@ -11,12 +7,25 @@ import logging
import sys,os
import pprint
'''
IAM functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
region = 'us-east-1'
regions = ['us-east-1']
def check_root_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY,region_name='us-east-1')
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def check_root_account():
client = boto3.client('iam',region_name=region)
try:
acct_summary = client.get_account_summary()
@@ -58,8 +67,8 @@ def check_root_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def change_user_console_password(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, password):
client = boto3.client('iam', aws_access_key_id = AWS_ACCESS_KEY_ID, aws_secret_access_key = AWS_SECRET_ACCESS_KEY, region_name=region)
def change_user_console_password(username, password):
client = boto3.client('iam', region_name=region)
try:
response = client.update_login_profile(UserName=username,Password=password, PasswordResetRequired=False)
@@ -76,8 +85,8 @@ def change_user_console_password(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, usern
print("CTRL-C received, exiting...")
def create_user_console_password(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, password):
client = boto3.client('iam', aws_access_key_id = AWS_ACCESS_KEY_ID, aws_secret_access_key = AWS_SECRET_ACCESS_KEY, region_name=region)
def create_user_console_password(username, password):
client = boto3.client('iam', region_name=region)
try:
response = client.create_login_profile(UserName=username,Password=password, PasswordResetRequired=False)
@@ -94,8 +103,8 @@ def create_user_console_password(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, usern
print("CTRL-C received, exiting...")
def get_password_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
client = boto3.client('iam', aws_access_key_id = AWS_ACCESS_KEY_ID, aws_secret_access_key = AWS_SECRET_ACCESS_KEY, region_name=region)
def get_password_policy():
client = boto3.client('iam', region_name=region)
try:
pass_policy = client.get_account_password_policy()
@@ -106,8 +115,8 @@ def get_password_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def create_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
def create_user(username):
client = boto3.client('iam', region_name=region)
try:
print("Creating a new IAM user named: {}" .format(username))
@@ -123,8 +132,8 @@ def create_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def create_access_key(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
def create_access_key( username):
client = boto3.client('iam', region_name=region)
try:
create_access_key = client.create_access_key(UserName=username)
@@ -135,8 +144,8 @@ def create_access_key(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def delete_access_key(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, accesskey):
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
def delete_access_key(username, accesskey):
client = boto3.client('iam', region_name=region)
try:
delete_access_key = client.delete_access_key(UserName=username, AccessKeyId=accesskey)
@@ -151,8 +160,8 @@ def delete_access_key(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, access
print("CTRL-C received, exiting...")
#untested :-/ but should work #TODO
def delete_mfa_device(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, mfaserial):
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
def delete_mfa_device(username, mfaserial):
client = boto3.client('iam', region_name=region)
try:
delete_mfa = client.deactivate_mfa_device(UserName=username, SerialNumber=mfaserial)
print("Deleting a MFA device: {} for: {}" .format(mfaserial, username))
@@ -166,8 +175,8 @@ def delete_mfa_device(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, mfaser
print("CTRL-C received, exiting...")
def make_admin(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
def make_admin(username):
client = boto3.client('iam', region_name=region)
try:
make_admin = client.attach_user_policy(UserName=username, PolicyArn='arn:aws:iam::aws:policy/AdministratorAccess')
@@ -182,8 +191,8 @@ def make_admin(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def make_backdoor_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, password):
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
def make_backdoor_account( username, password):
client = boto3.client('iam', region_name=region)
try:
print("making backdoor account with username: {}" .format(username))
@@ -197,11 +206,11 @@ def make_backdoor_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, pa
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_list_groups(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def iam_list_groups():
print("### Printing IAM Groups ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.list_groups()
if response.get('Groups') is None:
print("{} likely does not have IAM permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -227,11 +236,11 @@ def iam_list_groups(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_get_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def iam_get_user():
print("### Printing IAM User Info ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.get_user()
print(response)
if response.get('User') is None:
@@ -258,11 +267,11 @@ def iam_get_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_get_account_summary(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def iam_get_account_summary():
print("### Printing IAM Account Summary ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.get_account_summary()
# print(response)
@@ -287,11 +296,11 @@ def iam_get_account_summary(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_list_users(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def iam_list_users():
print("### Printing IAM Users ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.list_users()
# print(response)
@@ -317,11 +326,11 @@ def iam_list_users(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def iam_list_roles(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def iam_list_roles():
print("### Printing IAM Roles ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.list_roles()
# print(response)
@@ -350,11 +359,11 @@ def iam_list_roles(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def iam_list_policies(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def iam_list_policies():
print("### Printing IAM Policies ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.list_policies()
# print(response)
@@ -383,11 +392,11 @@ def iam_list_policies(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
# dont use see below
def iam_list_user_policies(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
def iam_list_user_policies(username):
print("### Printing IAM Policies for {} ###".format(username))
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.list_user_policies(UserName=username)
# print(response)
@@ -415,11 +424,11 @@ def iam_list_user_policies(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_list_attached_user_policies(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
def iam_list_attached_user_policies(username):
print("### Printing Attached IAM Policies for {} ###".format(username))
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.list_attached_user_policies(UserName=username)
# print(response)
@@ -447,11 +456,11 @@ def iam_list_attached_user_policies(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, us
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_list_entities_for_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, policy_arn):
def iam_list_entities_for_policy(policy_arn):
print("### Printing IAM Entity Policies for {} ###".format(policy_arn))
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('iam', region_name=region)
response = client.list_entities_for_policy(PolicyArn=policy_arn)
print(response)

19
libs/opsworks.py
View File

@@ -2,21 +2,30 @@ import boto3
import botocore
import pprint
'''
Opsworks functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
# http://docs.aws.amazon.com/general/latest/gr/rande.html#opsworks_region
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-1', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1' ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def describe_stacks(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_stacks():
print('#### Listing Stacks ####')
try:
for region in regions:
client = boto3.client(
'opsworks',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name=region
)
response = client.describe_stacks()
@@ -45,14 +54,12 @@ def describe_stacks(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("CTRL-C received, exiting...")
def describe_user_profiles(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_user_profiles():
print('#### Listing User Profiles ####')
try:
for region in regions:
client = boto3.client(
'opsworks',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name=region
)
response = client.describe_user_profiles()

21
libs/pricing.py
View File

@@ -1,22 +1,29 @@
'''
Pricing Library
'''
import boto3
import botocore
import pprint
import sys
'''
Pricing functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'ap-south-1', ]
regions = ['us-east-1', 'ap-south-1' ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def pricing_describe_services(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def pricing_describe_services():
try:
for region in regions:
client = boto3.client('pricing', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('pricing', region_name=region)
response = client.describe_services()
print(response)
if response.get('Services') is None:

17
libs/rds.py
View File

@@ -2,20 +2,29 @@ import boto3
import botocore
import pprint
'''
RDS functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def describe_db_instances(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def describe_db_instances():
print("### Printing RDS DB instances ###")
try:
for region in regions:
client = boto3.client(
'rds',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)

25
libs/route53.py
View File

@@ -1,25 +1,34 @@
'''
Route53 functions
'''
import boto3
import botocore
import os
import pprint
import sys,os
import sys
'''
Route53 functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
region_single = ['us-east-1']
def list_geolocations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def list_geolocations():
print("### Printing Route53 GeoLocations ###")
try:
#cheating because they are all the same for this function call
for region in region_single:
client = boto3.client('route53', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
client = boto3.client('route53', region_name=region)
response = client.list_geo_locations()

12
libs/s3.py
View File

@@ -1,17 +1,21 @@
'''
S3 Library
'''
import boto3
import botocore
import pprint
'''
S3 functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def get_s3bucket_policy(bucket):
client = boto3.client(
's3',

29
libs/ses.py
View File

@@ -1,25 +1,30 @@
'''
SES functions
'''
import boto3
import botocore
import pprint
'''
SES functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-west-2', 'eu-west-1' ]
def list_identities(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def list_identities():
print("### Printing SES Identifies ###")
try:
for region in regions:
client = boto3.client(
'ses',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
@@ -48,14 +53,12 @@ def list_identities(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_send_statistics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def get_send_statistics():
print("### Printing SES Identifies ###")
try:
for region in regions:
client = boto3.client(
'ses',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
@@ -84,14 +87,12 @@ def get_send_statistics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def list_configuration_sets(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def list_configuration_sets():
print("### Printing SES Identifies ###")
try:
for region in regions:
client = boto3.client(
'ses',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)

4
libs/sql.py
View File

@@ -1,6 +1,10 @@
import sqlite3
from sqlite3 import Error
'''
Custom SQL/database functions for WeirdAAL
'''
def create_table(db_name,table_name,sql):
with sqlite3.connect(db_name) as db:
cursor = db.cursor()

15
libs/sqs.py
View File

@@ -2,16 +2,27 @@ import boto3
import botocore
import pprint
'''
SQS functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from https://docs.aws.amazon.com/general/latest/gr/rande.html#sqs_region
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'cn-north-1', 'cn-northwest-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-gov-west-1' ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def sqs_list_queues(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def sqs_list_queues():
try:
for region in regions:
client = boto3.client("sqs", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
client = boto3.client("sqs", region_name=region)
response = client.list_queues()
if response.get('QueueUrls') is None:
print("[-] ListQueues allowed for {} but no results [-]" .format(region))

25
libs/sts.py
View File

@@ -1,16 +1,28 @@
import boto3
import botocore
import pprint
import sys
'''
STS libs for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
# regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
'''
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def sts_get_accountid():
try:
client = boto3.client("sts", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
client = boto3.client("sts")
account_id = client.get_caller_identity()["Account"]
print("Account Id: {}" .format(account_id))
except botocore.exceptions.ClientError as e:
@@ -22,16 +34,14 @@ def get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
return account_id
def get_accountid_all(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
def sts_get_accountid_all():
try:
client = boto3.client("sts", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
client = boto3.client("sts")
account_id = client.get_caller_identity()["Account"]
account_userid = client.get_caller_identity()["UserId"]
account_arn = client.get_caller_identity()["Arn"]
@@ -49,5 +59,4 @@ def get_accountid_all(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
return account_id

8
modules/datapipeline.py
View File

@@ -1,10 +1,12 @@
'''
data pipeline example
datapipeline modules
'''
from libs.datapipeline import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_datapipeline_list_pipelines():
list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
'''
List Pipelines
'''
list_pipelines()

6
modules/db.py
View File

@@ -2,13 +2,15 @@
queries that interact with db can go here
'''
import boto3
import sqlite3
from sqlite3 import Error
from libs.sql import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
session = boto3.Session()
credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
# for a key, what services does it have listed in the DB
def step_show_services_by_key():

1
modules/recon.py
View File

@@ -5,6 +5,7 @@ from libs.s3 import *
def step_recon_all():
get_accountid()
check_root_account()
brute_acm_permissions()
# AlexaForBusiness

6
modules/sts.py
View File

@@ -2,11 +2,11 @@
This file is used to perform some EMR actions
'''
from libs.sts import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_sts_get_accountid():
get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
get_accountid()
def step_sts_get_accountidall():
get_accountid_all(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
get_accountid_all()