move comments around for pydocs functionality

libs/aws_lambda.py

@@ -1,13 +1,13 @@
+'''
+lamda functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-lamda functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
 
 
 def list_functions():
+    '''
+    List available lambda functions
+    '''
     print("### Listing Lambda Functions ###")
     try:
         for region in regions:
@@ -36,7 +39,6 @@ def list_functions():
                 print("[-] ListFunctions allowed for {} but no results [-]" .format(region))
             else:  # THIS PART IS UNTESTED
                 for r in response['Functions']:
-                    # for i in r['Instances']:
                     pp.pprint(r)
         print("\n")
     except botocore.exceptions.ClientError as e:
@@ -53,6 +55,9 @@ def list_functions():
 
 
 def list_event_source_mappings():
+    '''
+    List Lambda event source mappings
+    '''
     print("### Listing Lambda Event Source Mappings ###")
     try:
         for region in regions:

libs/brute.py

@@ -1,4 +1,10 @@
-from __future__ import print_function
+'''
+Brute functions for WeirdAAL
+
+This is the main brute library so that we can get an idea what services a particular
+key has access to. We do this by asking if we have permission on as many services & 
+subfunctions as we can. Printed to screen and logged to db.
+'''
 
 import boto3
 import botocore
@@ -13,13 +19,6 @@ import sys
 from libs.sql import *
 #from conf.conf import *
 
-'''
-This is the main brute library so that we can get an idea what services a particular
-key has access to. We do this by asking if we have permission on as many services & 
-subfunctions as we can. Printed to screen and logged to db.
-'''
-
-
 # we chould probably load this from one place in the future #TODO
 db_name = "weirdAAL.db"
 
@@ -42,6 +41,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
 
 
 def get_accountid():
+    '''
+    Get the accountID via sts call
+    '''
     try:
         client = boto3.client("sts")
         account_id = client.get_caller_identity()["Account"]
@@ -68,8 +70,10 @@ def get_accountid():
 
 
 def check_root_account():
+    '''
+    use IAM calls to check for root/IAM access
+    '''
     client = boto3.client('iam')
-
     try:
         acct_summary = client.get_account_summary()
         if acct_summary:

libs/ce.py

@@ -1,12 +1,12 @@
+'''
+Cost Explorer functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import pprint
 import sys
 
-'''
-Cost Explorer functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 #from http://docs.aws.amazon.com/general/latest/gr/rande.html

libs/cloudtrail.py

@@ -1,13 +1,13 @@
+'''
+Cloudtrail functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-Cloudtrail functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -100,7 +100,7 @@ def list_public_keys():
 def stop_trail(TrailARN):
     '''
     Stop a specified trailARN
-    port of https://github.com/dagrz/aws_pwn/blob/master/stealth/disrupt_cloudtrail.py
+    Port of https://github.com/dagrz/aws_pwn/blob/master/stealth/disrupt_cloudtrail.py
     '''
     print("### Attempting to stop trail {} ###\n".format(TrailARN[0]))
     try:
@@ -144,7 +144,7 @@ def stop_trail(TrailARN):
 def delete_trail(TrailARN):
     '''
     Delete a specified trailARN
-    port of https://github.com/dagrz/aws_pwn/blob/master/stealth/disrupt_cloudtrail.py
+    Port of https://github.com/dagrz/aws_pwn/blob/master/stealth/disrupt_cloudtrail.py
     '''
     print("### Attempting to delete trail {} ###\n".format(TrailARN[0]))
     try:

libs/cloudwatch.py

@@ -1,13 +1,13 @@
+'''
+Cloudwatch functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-Cloudwatch functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 #from http://docs.aws.amazon.com/general/latest/gr/rande.html

libs/config.py

@@ -1,12 +1,12 @@
+'''
+Config functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import pprint
 import sys
 
-'''
-Config functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 #from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -21,55 +21,56 @@ AWS_ACCESS_KEY_ID = credentials.access_key
 
 
 def describe_configuration_recorders(region):
-	response = {}
+    response = []
-	try:
+    try:
-		client = boto3.client("config", region_name=region)
+        client = boto3.client("config", region_name=region)
 
-		response = client.describe_configuration_recorders()
+        response = client.describe_configuration_recorders()
-		#print response
+        # print response
-	except botocore.exceptions.ClientError as e:
+    except botocore.exceptions.ClientError as e:
-		if e.response['Error']['Code'] == 'InvalidClientTokenId':
+        if e.response['Error']['Code'] == 'InvalidClientTokenId':
-			sys.exit("The AWS KEY IS INVALID. Exiting")
+            sys.exit("The AWS KEY IS INVALID. Exiting")
-		elif e.response['Error']['Code']  == 'UnrecognizedClientException':
+        elif e.response['Error']['Code']  == 'UnrecognizedClientException':
-			sys.exit("The AWS KEY IS INVALID. Exiting")
+            sys.exit("The AWS KEY IS INVALID. Exiting")
-		elif e.response['Error']['Code'] == 'AccessDenied':
+        elif e.response['Error']['Code'] == 'AccessDenied':
-			print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
+            print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
-			pass
+            pass
-		elif e.response['Error']['Code'] == 'AccessDeniedException':
+        elif e.response['Error']['Code'] == 'AccessDeniedException':
-			print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
+            print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
-			pass
+            pass
-		elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
+        elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
             print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
-		else:
+        else:
-			print("Unexpected error: {}" .format(e))
+            print("Unexpected error: {}" .format(e))
-	except KeyboardInterrupt:
+    except KeyboardInterrupt:
-		print("CTRL-C received, exiting...")
+        print("CTRL-C received, exiting...")
+
+    return response
 
-	return response
 
 def describe_configuration_rules(region):
-	response = []
+    response = []
-	try:
+    try:
-		client = boto3.client("config", region_name=region)
+        client = boto3.client("config", region_name=region)
 
-		response = client.describe_config_rules()
+        response = client.describe_config_rules()
-		#print response
+        # print response
-	except botocore.exceptions.ClientError as e:
+    except botocore.exceptions.ClientError as e:
-		if e.response['Error']['Code'] == 'InvalidClientTokenId':
+        if e.response['Error']['Code'] == 'InvalidClientTokenId':
-			sys.exit("The AWS KEY IS INVALID. Exiting")
+            sys.exit("The AWS KEY IS INVALID. Exiting")
-		elif e.response['Error']['Code']  == 'UnrecognizedClientException':
+        elif e.response['Error']['Code']  == 'UnrecognizedClientException':
-			sys.exit("The AWS KEY IS INVALID. Exiting")
+            sys.exit("The AWS KEY IS INVALID. Exiting")
-		elif e.response['Error']['Code'] == 'AccessDenied':
+        elif e.response['Error']['Code'] == 'AccessDenied':
-			print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
+            print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
-			pass
+            pass
-		elif e.response['Error']['Code'] == 'AccessDeniedException':
+        elif e.response['Error']['Code'] == 'AccessDeniedException':
-			print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
+            print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
-			pass
+            pass
-		elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
+        elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
             print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
-		else:
+        else:
-			print("Unexpected error: {}" .format(e))
+            print("Unexpected error: {}" .format(e))
-	except KeyboardInterrupt:
+    except KeyboardInterrupt:
-		print("CTRL-C received, exiting...")
+        print("CTRL-C received, exiting...")
 
-	return response
+    return response

libs/datapipeline.py

@@ -1,13 +1,13 @@
+'''
+Datapipleine functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-Datapipleine functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 session = boto3.Session()

libs/dynamodb.py

@@ -1,13 +1,13 @@
+'''
+dynamoDB functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import pprint
 import sys
 import os
 
-'''
-dynamoDB functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
 
 
 def list_dynamodb_tables():
+    '''
+    Use dynamodb list_tables function to list table names
+    '''
     print("### Printing DynamoDB Tables ###")
     try:
         for region in regions:
@@ -51,6 +54,9 @@ def list_dynamodb_tables():
 
 
 def list_dynamodb_tables_detailed():
+    '''
+    Use dynamodb list_tables function to list table names and also attempt to describe each table from list_tables()
+    '''
     print("### Printing DynamoDB Tables ###")
     try:
         for region in regions:
@@ -82,6 +88,9 @@ def list_dynamodb_tables_detailed():
 
 
 def describe_table(table, region):
+    '''
+    dynamodb attempt to read infromation from specified DynamoDB table
+    '''
     print("### Describing DynamoDB Table: {} ###" .format(table))
     try:
         client = boto3.client('dynamodb', region_name=region)

libs/dynamodbstreams.py

@@ -1,13 +1,13 @@
+'''
+dynamoDBstreams functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import pprint
 import os
 import sys
 
-'''
-dynamoDBstreams functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
 
 
 def list_dynamodbstreams():
+    '''
+    Use list_streams function in dynamodbstreams to list available streams
+    '''
     print("### Printing DynamoDBstreams ###")
     try:
         for region in regions:

libs/ec2.py

@@ -1,3 +1,7 @@
+'''
+EC2 functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import datetime
@@ -8,10 +12,6 @@ from libs.sql import *
 #  we chould probably load this from one place in the future #TODO
 db_name = "weirdAAL.db"
 
-'''
-EC2 functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html

libs/ecr.py

@@ -1,13 +1,13 @@
+'''
+ECR functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-ECR functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
 
 
 def describe_repositories():
+    '''
+    Use ecr describe_repositories function to list available repositories
+    '''
     print("### Printing ECR Repositories ###")
     try:
         for region in regions:

libs/elasticbeanstalk.py

@@ -1,13 +1,13 @@
+'''
+ElasticBeanstalk functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-ElasticBeanstalk functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -167,7 +167,7 @@ def describe_events():
 
             response = client.describe_events()
 
-            # print response
+            # print(response)
 
             if response.get('Events') is None:
                 print("{} likely does not have ElasticBeanstalk permissions\n" .format(AWS_ACCESS_KEY_ID))

libs/emr.py

@@ -1,13 +1,13 @@
+'''
+EMR functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-EMR functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -60,7 +60,7 @@ def list_security_configurations():
 
             response = client.list_security_configurations()
 
-            # print response
+            # print(response)
 
             if response.get('SecurityConfigurations') is None:
                 print("{} likely does not have EMR permissions\n" .format(AWS_ACCESS_KEY_ID))

libs/firehose.py

@@ -1,13 +1,13 @@
+'''
+Firehose functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-Firehose functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -22,6 +22,9 @@ AWS_ACCESS_KEY_ID = credentials.access_key
 
 
 def firehose_list_delivery_streams():
+    '''
+    Use firehose list_delivery_streams to list available delivery streams
+    '''
     print("### Printing Firehose Delivery Streams ###")
     try:
         for region in regions:
@@ -53,6 +56,9 @@ def firehose_list_delivery_streams():
 
 
 def firehose_describe_delivery_streams():
+    '''
+    use firehose describe_delivery_stream function to list details of each deliver stream from list_delivery_streams
+    '''
     print("### Printing Firehose Delivery Streams & details ###")
     try:
         for region in regions:

libs/iam.py

@@ -1,16 +1,16 @@
-import boto3
-import botocore
-
-import json
-import urllib
-import logging
-import sys,os
-import pprint
-
 '''
 IAM functions for WeirdAAL
 '''
 
+import boto3
+import botocore
+import json
+import logging
+import os
+import pprint
+import sys
+import urllib
+
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 region = 'us-east-1'

libs/opsworks.py

@@ -1,11 +1,11 @@
-import boto3
-import botocore
-import pprint
-
 '''
 Opsworks functions for WeirdAAL
 '''
 
+import boto3
+import botocore
+import pprint
+
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html

libs/pricing.py

@@ -1,12 +1,12 @@
+'''
+Pricing functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import pprint
 import sys
 
-'''
-Pricing functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 #from http://docs.aws.amazon.com/general/latest/gr/rande.html

libs/rds.py

@@ -1,11 +1,11 @@
-import boto3
-import botocore
-import pprint
-
 '''
 RDS functions for WeirdAAL
 '''
 
+import boto3
+import botocore
+import pprint
+
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html

libs/route53.py

@@ -1,13 +1,13 @@
+'''
+Route53 functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import os
 import pprint
 import sys
 
-'''
-Route53 functions for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html

libs/s3.py

@@ -1,11 +1,11 @@
-import boto3
-import botocore
-import pprint
-
 '''
 S3 functions for WeirdAAL
 '''
 
+import boto3
+import botocore
+import pprint
+
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 '''

libs/ses.py

@@ -1,11 +1,11 @@
-import boto3
-import botocore
-import pprint
-
 '''
 SES functions for WeirdAAL
 '''
 
+import boto3
+import botocore
+import pprint
+
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html

libs/sql.py

@@ -1,11 +1,14 @@
-import sqlite3
-from sqlite3 import Error
-
 '''
 Custom SQL/database functions for WeirdAAL
 '''
 
+import sqlite3
+from sqlite3 import Error
+
 def create_table(db_name,table_name,sql):
+    '''
+    SQLite3 create table function
+    '''
     with sqlite3.connect(db_name) as db:
         cursor = db.cursor()
         cursor.execute("""SELECT name FROM sqlite_master WHERE name=?""",(table_name,))
@@ -29,6 +32,9 @@ def create_table(db_name,table_name,sql):
 
 
 def create_recon_table(db_name, table_name):
+    '''
+    Create recon table service:subservice:AWSKeyID,time
+    '''
     sql = """CREATE TABLE recon
              (ID integer,
              service text,
@@ -42,6 +48,9 @@ def create_recon_table(db_name, table_name):
 
 
 def create_awskey_table(db_name, table_name):
+    '''
+    Create awskey table (currently unused)
+    '''
     sql = """CREATE TABLE AWSKey
              (ID integer,
              AWSKeyID Text,
@@ -52,6 +61,9 @@ def create_awskey_table(db_name, table_name):
 
 
 def create_services_table(db_name, table_name):
+    '''
+    Create services table - service:sub_service:sub_service_data
+    '''
     sql = """CREATE TABLE services
              (ID integer,
              AWSKeyID Text,
@@ -65,35 +77,49 @@ def create_services_table(db_name, table_name):
 
 
 def insert_awskey_data(db_name, records):
+    '''
+    Insert AWS Key and a description to the AWSKey table (unused)
+    '''
     sql = """INSERT INTO AWSKey(AWSKeyID, Description) VALUES (?,?)"""
     for record in records:
         query(db_name, sql,record)
 
 
 def insert_reconservice_data(db_name, records):
+    '''
+    Insert data into the recon table
+    '''
     sql = """INSERT INTO recon(service, sub_service, AWSKeyID, checked_at) VALUES (?,?,?,?)"""
     for record in records:
         query(db_name,sql,record)
 
 
 def insert_sub_service_data(db_name, records):
+    '''
+    Insert service, sub_service & sub_service data into the DB
+    '''
     sql = """INSERT INTO services(service, sub_service, sub_service_data, AWSKeyID, checked_at) VALUES (?,?,?,?,?)"""
     for record in records:
         query(db_name,sql,record)
 
 
 def search_recon_by_key(db_name,AWSKeyID):
-        with sqlite3.connect(db_name) as db:
+    '''
-                cursor = db.cursor()
+    Function to query services by AWSKey and order them by time
-                cursor.execute("""SELECT DISTINCT service,sub_service,checked_at FROM recon WHERE AWSKeyID=? ORDER BY datetime(checked_at)""",(AWSKeyID,))
+    '''
-                results = cursor.fetchall()
+    with sqlite3.connect(db_name) as db:
-                return results
+        cursor = db.cursor()
+        cursor.execute("""SELECT DISTINCT service,sub_service,checked_at FROM recon WHERE AWSKeyID=? ORDER BY datetime(checked_at)""",(AWSKeyID,))
+        results = cursor.fetchall()
+        return results
 
 
 def query(db_name,sql,data):
+    '''
+    Generic query function
+    '''
     with sqlite3.connect(db_name) as db:
         cursor = db.cursor()
         #cursor.execute("""PRAGMA foreign_keys = ON""")
         cursor.execute(sql,data)
         db.commit()
-        

libs/sqs.py

@@ -1,11 +1,11 @@
-import boto3
-import botocore
-import pprint
-
 '''
 SQS functions for WeirdAAL
 '''
 
+import boto3
+import botocore
+import pprint
+
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from https://docs.aws.amazon.com/general/latest/gr/rande.html#sqs_region

libs/sts.py

@@ -1,12 +1,12 @@
+'''
+STS libs for WeirdAAL
+'''
+
 import boto3
 import botocore
 import pprint
 import sys
 
-'''
-STS libs for WeirdAAL
-'''
-
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
 # from http://docs.aws.amazon.com/general/latest/gr/rande.html
@@ -21,6 +21,10 @@ AWS_ACCESS_KEY_ID = credentials.access_key
 
 
 def sts_get_accountid():
+    '''
+    Use STS functions to get account data
+    ex: Account Id: 14681234567
+    '''
     try:
         client = boto3.client("sts")
         account_id = client.get_caller_identity()["Account"]
@@ -40,6 +44,10 @@ def sts_get_accountid():
 
 
 def sts_get_accountid_all():
+    '''
+    Use STS functions to get account data (detailed)
+    Prints AccountID, UserID, ARN
+    '''
     try:
         client = boto3.client("sts")
         account_id = client.get_caller_identity()["Account"]

libs/translate.py

@@ -1,11 +1,12 @@
+'''
+Translate functions for WeirdAAL
+'''
+
 import boto3
 import botocore
 import pprint
 import sys
 
-'''
-Translate functions for WeirdAAL
-'''
 
 pp = pprint.PrettyPrinter(indent=5, width=80)
 
@@ -20,6 +21,11 @@ credentials = session.get_credentials()
 AWS_ACCESS_KEY_ID = credentials.access_key
 
 def translate_text(text, source_lang, target_lang):
+    '''
+    Translate a block of text from source to target language
+    Available languages: English (en), Arabic (ar), Chinese (Simplified) (zh), French (fr), German (de), Portuguese (pt), Spanish (es)
+    http://boto3.readthedocs.io/en/latest/reference/services/translate.html
+    '''
     try:
         for region in regions:
             client = boto3.client('translate', region_name=region)

modules/sts.py

@@ -1,12 +1,13 @@
 '''
 This file is used to perform some EMR actions
 '''
+
 from libs.sts import *
 
 
-
 def module_sts_get_accountid():
-    get_accountid()
+    sts_get_accountid()
 
-def module_sts_get_accountidall():
+
-    get_accountid_all()
+def module_sts_get_accountid_all():
+    sts_get_accountid_all()