dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

move comments around for pydocs functionality

Browse Source
This commit is contained in:
carnal0wnage
2018-04-19 23:03:08 -04:00
parent 6428dca3af
commit 6c6359476f
26 changed files with 239 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
libs/aws_lambda.py
View File

@@ -1,13 +1,13 @@
'''
lamda functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
lamda functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
def list_functions():
'''
List available lambda functions
'''
print("### Listing Lambda Functions ###")
try:
for region in regions:
@@ -36,7 +39,6 @@ def list_functions():
print("[-] ListFunctions allowed for {} but no results [-]" .format(region))
else: # THIS PART IS UNTESTED
for r in response['Functions']:
# for i in r['Instances']:
pp.pprint(r)
print("\n")
except botocore.exceptions.ClientError as e:
@@ -53,6 +55,9 @@ def list_functions():
def list_event_source_mappings():
'''
List Lambda event source mappings
'''
print("### Listing Lambda Event Source Mappings ###")
try:
for region in regions:

22
libs/brute.py
View File

@@ -1,4 +1,10 @@
from __future__ import print_function
'''
Brute functions for WeirdAAL
This is the main brute library so that we can get an idea what services a particular
key has access to. We do this by asking if we have permission on as many services &
subfunctions as we can. Printed to screen and logged to db.
'''
import boto3
import botocore
@@ -13,13 +19,6 @@ import sys
from libs.sql import *
#from conf.conf import *
'''
This is the main brute library so that we can get an idea what services a particular
key has access to. We do this by asking if we have permission on as many services &
subfunctions as we can. Printed to screen and logged to db.
'''
# we chould probably load this from one place in the future #TODO
db_name = "weirdAAL.db"
@@ -42,6 +41,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
def get_accountid():
'''
Get the accountID via sts call
'''
try:
client = boto3.client("sts")
account_id = client.get_caller_identity()["Account"]
@@ -68,8 +70,10 @@ def get_accountid():
def check_root_account():
'''
use IAM calls to check for root/IAM access
'''
client = boto3.client('iam')
try:
acct_summary = client.get_account_summary()
if acct_summary:

8
libs/ce.py
View File

@@ -1,12 +1,12 @@
'''
Cost Explorer functions for WeirdAAL
'''
import boto3
import botocore
import pprint
import sys
'''
Cost Explorer functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html

12
libs/cloudtrail.py
View File

@@ -1,13 +1,13 @@
'''
Cloudtrail functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
Cloudtrail functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -100,7 +100,7 @@ def list_public_keys():
def stop_trail(TrailARN):
'''
Stop a specified trailARN
port of https://github.com/dagrz/aws_pwn/blob/master/stealth/disrupt_cloudtrail.py
Port of https://github.com/dagrz/aws_pwn/blob/master/stealth/disrupt_cloudtrail.py
'''
print("### Attempting to stop trail {} ###\n".format(TrailARN[0]))
try:
@@ -144,7 +144,7 @@ def stop_trail(TrailARN):
def delete_trail(TrailARN):
'''
Delete a specified trailARN
port of https://github.com/dagrz/aws_pwn/blob/master/stealth/disrupt_cloudtrail.py
Port of https://github.com/dagrz/aws_pwn/blob/master/stealth/disrupt_cloudtrail.py
'''
print("### Attempting to delete trail {} ###\n".format(TrailARN[0]))
try:

8
libs/cloudwatch.py
View File

@@ -1,13 +1,13 @@
'''
Cloudwatch functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
Cloudwatch functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html

97
libs/config.py
View File

@@ -1,12 +1,12 @@
'''
Config functions for WeirdAAL
'''
import boto3
import botocore
import pprint
import sys
'''
Config functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -21,55 +21,56 @@ AWS_ACCESS_KEY_ID = credentials.access_key
def describe_configuration_recorders(region):
response = {}
try:
client = boto3.client("config", region_name=region)
response = []
try:
client = boto3.client("config", region_name=region)
response = client.describe_configuration_recorders()
#print response
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'UnrecognizedClientException':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'AccessDenied':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
response = client.describe_configuration_recorders()
# print response
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'UnrecognizedClientException':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'AccessDenied':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
return response
return response
def describe_configuration_rules(region):
response = []
try:
client = boto3.client("config", region_name=region)
response = []
try:
client = boto3.client("config", region_name=region)
response = client.describe_config_rules()
#print response
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'UnrecognizedClientException':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'AccessDenied':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
response = client.describe_config_rules()
# print response
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'UnrecognizedClientException':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'AccessDenied':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
return response
return response

8
libs/datapipeline.py
View File

@@ -1,13 +1,13 @@
'''
Datapipleine functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
Datapipleine functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
session = boto3.Session()

17
libs/dynamodb.py
View File

@@ -1,13 +1,13 @@
'''
dynamoDB functions for WeirdAAL
'''
import boto3
import botocore
import pprint
import sys
import os
'''
dynamoDB functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
def list_dynamodb_tables():
'''
Use dynamodb list_tables function to list table names
'''
print("### Printing DynamoDB Tables ###")
try:
for region in regions:
@@ -51,6 +54,9 @@ def list_dynamodb_tables():
def list_dynamodb_tables_detailed():
'''
Use dynamodb list_tables function to list table names and also attempt to describe each table from list_tables()
'''
print("### Printing DynamoDB Tables ###")
try:
for region in regions:
@@ -82,6 +88,9 @@ def list_dynamodb_tables_detailed():
def describe_table(table, region):
'''
dynamodb attempt to read infromation from specified DynamoDB table
'''
print("### Describing DynamoDB Table: {} ###" .format(table))
try:
client = boto3.client('dynamodb', region_name=region)

11
libs/dynamodbstreams.py
View File

@@ -1,13 +1,13 @@
'''
dynamoDBstreams functions for WeirdAAL
'''
import boto3
import botocore
import pprint
import os
import sys
'''
dynamoDBstreams functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
def list_dynamodbstreams():
'''
Use list_streams function in dynamodbstreams to list available streams
'''
print("### Printing DynamoDBstreams ###")
try:
for region in regions:

8
libs/ec2.py
View File

@@ -1,3 +1,7 @@
'''
EC2 functions for WeirdAAL
'''
import boto3
import botocore
import datetime
@@ -8,10 +12,6 @@ from libs.sql import *
# we chould probably load this from one place in the future #TODO
db_name = "weirdAAL.db"
'''
EC2 functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html

11
libs/ecr.py
View File

@@ -1,13 +1,13 @@
'''
ECR functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
ECR functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
def describe_repositories():
'''
Use ecr describe_repositories function to list available repositories
'''
print("### Printing ECR Repositories ###")
try:
for region in regions:

10
libs/elasticbeanstalk.py
View File

@@ -1,13 +1,13 @@
'''
ElasticBeanstalk functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
ElasticBeanstalk functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -167,7 +167,7 @@ def describe_events():
response = client.describe_events()
# print response
# print(response)
if response.get('Events') is None:
print("{} likely does not have ElasticBeanstalk permissions\n" .format(AWS_ACCESS_KEY_ID))

10
libs/emr.py
View File

@@ -1,13 +1,13 @@
'''
EMR functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
EMR functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -60,7 +60,7 @@ def list_security_configurations():
response = client.list_security_configurations()
# print response
# print(response)
if response.get('SecurityConfigurations') is None:
print("{} likely does not have EMR permissions\n" .format(AWS_ACCESS_KEY_ID))

14
libs/firehose.py
View File

@@ -1,13 +1,13 @@
'''
Firehose functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
Firehose functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
def firehose_list_delivery_streams():
'''
Use firehose list_delivery_streams to list available delivery streams
'''
print("### Printing Firehose Delivery Streams ###")
try:
for region in regions:
@@ -53,6 +56,9 @@ def firehose_list_delivery_streams():
def firehose_describe_delivery_streams():
'''
use firehose describe_delivery_stream function to list details of each deliver stream from list_delivery_streams
'''
print("### Printing Firehose Delivery Streams & details ###")
try:
for region in regions:

18
libs/iam.py
View File

@@ -1,16 +1,16 @@
import boto3
import botocore
import json
import urllib
import logging
import sys,os
import pprint
'''
IAM functions for WeirdAAL
'''
import boto3
import botocore
import json
import logging
import os
import pprint
import sys
import urllib
pp = pprint.PrettyPrinter(indent=5, width=80)
region = 'us-east-1'

8
libs/opsworks.py
View File

@@ -1,11 +1,11 @@
import boto3
import botocore
import pprint
'''
Opsworks functions for WeirdAAL
'''
import boto3
import botocore
import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html

8
libs/pricing.py
View File

@@ -1,12 +1,12 @@
'''
Pricing functions for WeirdAAL
'''
import boto3
import botocore
import pprint
import sys
'''
Pricing functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html

8
libs/rds.py
View File

@@ -1,11 +1,11 @@
import boto3
import botocore
import pprint
'''
RDS functions for WeirdAAL
'''
import boto3
import botocore
import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html

8
libs/route53.py
View File

@@ -1,13 +1,13 @@
'''
Route53 functions for WeirdAAL
'''
import boto3
import botocore
import os
import pprint
import sys
'''
Route53 functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html

8
libs/s3.py
View File

@@ -1,11 +1,11 @@
import boto3
import botocore
import pprint
'''
S3 functions for WeirdAAL
'''
import boto3
import botocore
import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
'''

8
libs/ses.py
View File

@@ -1,11 +1,11 @@
import boto3
import botocore
import pprint
'''
SES functions for WeirdAAL
'''
import boto3
import botocore
import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html

44
libs/sql.py
View File

@@ -1,11 +1,14 @@
import sqlite3
from sqlite3 import Error
'''
Custom SQL/database functions for WeirdAAL
'''
import sqlite3
from sqlite3 import Error
def create_table(db_name,table_name,sql):
'''
SQLite3 create table function
'''
with sqlite3.connect(db_name) as db:
cursor = db.cursor()
cursor.execute("""SELECT name FROM sqlite_master WHERE name=?""",(table_name,))
@@ -29,6 +32,9 @@ def create_table(db_name,table_name,sql):
def create_recon_table(db_name, table_name):
'''
Create recon table service:subservice:AWSKeyID,time
'''
sql = """CREATE TABLE recon
(ID integer,
service text,
@@ -42,6 +48,9 @@ def create_recon_table(db_name, table_name):
def create_awskey_table(db_name, table_name):
'''
Create awskey table (currently unused)
'''
sql = """CREATE TABLE AWSKey
(ID integer,
AWSKeyID Text,
@@ -52,6 +61,9 @@ def create_awskey_table(db_name, table_name):
def create_services_table(db_name, table_name):
'''
Create services table - service:sub_service:sub_service_data
'''
sql = """CREATE TABLE services
(ID integer,
AWSKeyID Text,
@@ -65,35 +77,49 @@ def create_services_table(db_name, table_name):
def insert_awskey_data(db_name, records):
'''
Insert AWS Key and a description to the AWSKey table (unused)
'''
sql = """INSERT INTO AWSKey(AWSKeyID, Description) VALUES (?,?)"""
for record in records:
query(db_name, sql,record)
def insert_reconservice_data(db_name, records):
'''
Insert data into the recon table
'''
sql = """INSERT INTO recon(service, sub_service, AWSKeyID, checked_at) VALUES (?,?,?,?)"""
for record in records:
query(db_name,sql,record)
def insert_sub_service_data(db_name, records):
'''
Insert service, sub_service & sub_service data into the DB
'''
sql = """INSERT INTO services(service, sub_service, sub_service_data, AWSKeyID, checked_at) VALUES (?,?,?,?,?)"""
for record in records:
query(db_name,sql,record)
def search_recon_by_key(db_name,AWSKeyID):
with sqlite3.connect(db_name) as db:
cursor = db.cursor()
cursor.execute("""SELECT DISTINCT service,sub_service,checked_at FROM recon WHERE AWSKeyID=? ORDER BY datetime(checked_at)""",(AWSKeyID,))
results = cursor.fetchall()
return results
'''
Function to query services by AWSKey and order them by time
'''
with sqlite3.connect(db_name) as db:
cursor = db.cursor()
cursor.execute("""SELECT DISTINCT service,sub_service,checked_at FROM recon WHERE AWSKeyID=? ORDER BY datetime(checked_at)""",(AWSKeyID,))
results = cursor.fetchall()
return results
def query(db_name,sql,data):
'''
Generic query function
'''
with sqlite3.connect(db_name) as db:
cursor = db.cursor()
#cursor.execute("""PRAGMA foreign_keys = ON""")
cursor.execute(sql,data)
db.commit()

8
libs/sqs.py
View File

@@ -1,11 +1,11 @@
import boto3
import botocore
import pprint
'''
SQS functions for WeirdAAL
'''
import boto3
import botocore
import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
# from https://docs.aws.amazon.com/general/latest/gr/rande.html#sqs_region

16
libs/sts.py
View File

@@ -1,12 +1,12 @@
'''
STS libs for WeirdAAL
'''
import boto3
import botocore
import pprint
import sys
'''
STS libs for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -21,6 +21,10 @@ AWS_ACCESS_KEY_ID = credentials.access_key
def sts_get_accountid():
'''
Use STS functions to get account data
ex: Account Id: 14681234567
'''
try:
client = boto3.client("sts")
account_id = client.get_caller_identity()["Account"]
@@ -40,6 +44,10 @@ def sts_get_accountid():
def sts_get_accountid_all():
'''
Use STS functions to get account data (detailed)
Prints AccountID, UserID, ARN
'''
try:
client = boto3.client("sts")
account_id = client.get_caller_identity()["Account"]

12
libs/translate.py
View File

@@ -1,11 +1,12 @@
'''
Translate functions for WeirdAAL
'''
import boto3
import botocore
import pprint
import sys
'''
Translate functions for WeirdAAL
'''
pp = pprint.PrettyPrinter(indent=5, width=80)
@@ -20,6 +21,11 @@ credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def translate_text(text, source_lang, target_lang):
'''
Translate a block of text from source to target language
Available languages: English (en), Arabic (ar), Chinese (Simplified) (zh), French (fr), German (de), Portuguese (pt), Spanish (es)
http://boto3.readthedocs.io/en/latest/reference/services/translate.html
'''
try:
for region in regions:
client = boto3.client('translate', region_name=region)