From 611ce0ac29b5843a9e0cc7ffa5661ccc8a2bb645 Mon Sep 17 00:00:00 2001 From: carnal0wnage Date: Fri, 13 Apr 2018 03:07:47 -0400 Subject: [PATCH] initial ses --- libs/ses.py | 122 +++++++++++++++++++++++++++++++++++++++++++++++++ modules/rds.py | 2 +- modules/ses.py | 16 +++++++ 3 files changed, 139 insertions(+), 1 deletion(-) create mode 100644 libs/ses.py create mode 100644 modules/ses.py diff --git a/libs/ses.py b/libs/ses.py new file mode 100644 index 0000000..97cf092 --- /dev/null +++ b/libs/ses.py @@ -0,0 +1,122 @@ +''' +SES functions +''' + + +import boto3 +import botocore +import pprint + +pp = pprint.PrettyPrinter(indent=5, width=80) + +# from http://docs.aws.amazon.com/general/latest/gr/rande.html +regions = ['us-east-1', 'us-west-2', 'eu-west-1' ] + +def list_identities(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): + print("### Printing SES Identifies ###") + try: + for region in regions: + client = boto3.client( + 'ses', + aws_access_key_id = AWS_ACCESS_KEY_ID, + aws_secret_access_key = AWS_SECRET_ACCESS_KEY, + region_name=region + ) + + response = client.list_identities() + # print(response) + if response.get('Identities') is None: + print("{} likely does not have SES permissions\n" .format(AWS_ACCESS_KEY_ID)) + elif len(response['Identities']) <= 0: + print("[-] ListIdentities allowed for {} but no results [-]" .format(region)) + else: + print("### {} SES Identities ###" .format(region)) + for r in response['Identities']: + #for i in r['Instances']: + pp.pprint(r) + print("\n") + + except botocore.exceptions.ClientError as e: + if e.response['Error']['Code'] == 'InvalidClientTokenId': + sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'AccessDenied': + print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'SubscriptionRequiredException': + print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) + else: + print("Unexpected error: {}" .format(e)) + except KeyboardInterrupt: + print("CTRL-C received, exiting...") + +def get_send_statistics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): + print("### Printing SES Identifies ###") + try: + for region in regions: + client = boto3.client( + 'ses', + aws_access_key_id = AWS_ACCESS_KEY_ID, + aws_secret_access_key = AWS_SECRET_ACCESS_KEY, + region_name=region + ) + + response = client.get_send_statistics() + # print(response) + if response.get('SendDataPoints') is None: + print("{} likely does not have SES permissions\n" .format(AWS_ACCESS_KEY_ID)) + elif len(response['SendDataPoints']) <= 0: + print("[-] GetSendStatistics allowed for {} but no results [-]" .format(region)) + else: + print("### {} SES Send Statistics ###" .format(region)) + for r in response['SendDataPoints']: + #for i in r['Instances']: + pp.pprint(r) + print("\n") + + except botocore.exceptions.ClientError as e: + if e.response['Error']['Code'] == 'InvalidClientTokenId': + sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'AccessDenied': + print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'SubscriptionRequiredException': + print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) + else: + print("Unexpected error: {}" .format(e)) + except KeyboardInterrupt: + print("CTRL-C received, exiting...") + +def list_configuration_sets(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY): + print("### Printing SES Identifies ###") + try: + for region in regions: + client = boto3.client( + 'ses', + aws_access_key_id = AWS_ACCESS_KEY_ID, + aws_secret_access_key = AWS_SECRET_ACCESS_KEY, + region_name=region + ) + + response = client.list_configuration_sets() + # print(response) + if response.get('ConfigurationSets') is None: + print("{} likely does not have SES permissions\n" .format(AWS_ACCESS_KEY_ID)) + elif len(response['ConfigurationSets']) <= 0: + print("[-] ListConfigurationSets allowed for {} but no results [-]" .format(region)) + else: + print("### {} SES Configuration Sets ###" .format(region)) + for r in response['ConfigurationSets']: + #for i in r['Instances']: + pp.pprint(r) + print("\n") + + except botocore.exceptions.ClientError as e: + if e.response['Error']['Code'] == 'InvalidClientTokenId': + sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'AccessDenied': + print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID)) + elif e.response['Error']['Code'] == 'SubscriptionRequiredException': + print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID)) + else: + print("Unexpected error: {}" .format(e)) + except KeyboardInterrupt: + print("CTRL-C received, exiting...") + diff --git a/modules/rds.py b/modules/rds.py index 26278c0..2757fa6 100644 --- a/modules/rds.py +++ b/modules/rds.py @@ -1,5 +1,5 @@ ''' -rds module +RDS module ''' diff --git a/modules/ses.py b/modules/ses.py new file mode 100644 index 0000000..c09203e --- /dev/null +++ b/modules/ses.py @@ -0,0 +1,16 @@ +''' +SES module +''' + + +from libs.ses import * +from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY + +def step_ses_list_identities(): + list_identities(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) + +def step_ses_get_send_statistics(): + get_send_statistics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) + +def step_ses_list_configuration_sets(): + list_configuration_sets(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) \ No newline at end of file