dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

This is a post merge after having added in dynamic module loading. Merge branch 'master' of https://github.com/carnal0wnage/weirdAAL into more_meta

Browse Source
This commit is contained in:
cktricky
2018-04-12 23:59:00 -04:00
parent 78916326b9 c917df7dde
commit 9082908be5
53 changed files with 2081 additions and 964 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
cloudwatch_describe_alarms_and_metrics.py
View File

@@ -1,10 +0,0 @@
'''
example calling cloudwatch functions
decribe alarms, describe alarm history, list metrics
'''
from libs.cloudwatch import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
describe_alarms(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
describe_alarm_history(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
list_metrics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

8
dynamodb_list_tables.py
View File

@@ -1,8 +0,0 @@
'''
dynamoDB examples
'''
from libs.dynamodb import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

7
ec2_get_all_instances.py
View File

@@ -1,7 +0,0 @@
'''
This file is used to list ec2 instances
'''
from libs.ec2 import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

8
ec2_get_instance_volumes.py
View File

@@ -1,8 +0,0 @@
'''
This file is used to list volumes of ec2 instances
'''
from libs.ec2 import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
get_instance_volume_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
get_instance_volume_details2(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

8
ec2_review_encrypted_volumes.py
View File

@@ -1,8 +0,0 @@
'''
This file is used to list EBS volumes and whether or not they are encrypted. This is only for "in-use" (running) volumes.
'''
from libs.ec2 import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
review_encrypted_volumes(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

11
elasticbeanstalk_describe.py
View File

@@ -1,11 +0,0 @@
'''
This file is used to perform some ElasticBeanstalk actions
'''
from libs.elasticbeanstalk import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
#describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
#describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
#describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

9
emr_list_clusters.py
View File

@@ -1,9 +0,0 @@
'''
This file is used to perform some EMR actions
'''
from libs.emr import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

8
lambda_list_functions_and_mappings.py
View File

@@ -1,8 +0,0 @@
'''
This file is used to list lambda functions and event mappings
'''
from libs.aws_lambda import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
list_functions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
list_event_source_mappings(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

115
libs/aws_lambda.py
View File

@@ -4,64 +4,81 @@ lamda functions
import boto3
import botocore
import os
import pprint
import sys,os
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
def list_functions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print ("### Listing Lambda Functions ###")
try:
for region in regions:
client = boto3.client(
'lambda',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
print("### Listing Lambda Functions ###")
try:
for region in regions:
client = boto3.client(
'lambda',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name=region
)
response = client.list_functions()
response = client.list_functions()
if response.get('Functions') is None:
print("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Functions']) <= 0:
print("[-] ListFunctions allowed for {} but no results [-]" .format(region))
else: # THIS PART IS UNTESTED
for r in response['Functions']:
# for i in r['Instances']:
pp.pprint(r)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
if response.get('Functions') is None:
print ("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Functions']) <= 0:
print ("[-] ListFunctions allowed for {} but no results [-]" .format(region))
else: #THIS PART IS UNTESTED
for r in response['Functions']:
#for i in r['Instances']:
pp.pprint(r)
print ("\n")
except botocore.exceptions.ClientError as e:
print (e)
except KeyboardInterrupt:
print ("CTRL-C received, exiting...")
def list_event_source_mappings(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print ("### Listing Lambda Event Source Mappings ###")
try:
for region in regions:
client = boto3.client(
'lambda',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
print("### Listing Lambda Event Source Mappings ###")
try:
for region in regions:
client = boto3.client(
'lambda',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name=region
)
response = client.list_event_source_mappings()
response = client.list_event_source_mappings()
if response.get('EventSourceMappings') is None:
print ("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['EventSourceMappings']) <= 0:
print ("[-] ListEventSourceMappings allowed for {} but no results [-]" .format(region))
else:
for r in response['EventSourceMappings']:
#for i in r['Instances']:
pp.pprint(r)
print ("\n")
except botocore.exceptions.ClientError as e:
print (e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
if response.get('EventSourceMappings') is None:
print("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['EventSourceMappings']) <= 0:
print("[-] ListEventSourceMappings allowed for {} but no results [-]" .format(region))
else:
for r in response['EventSourceMappings']:
# for i in r['Instances']:
pp.pprint(r)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

1375
libs/brute.py
View File

File diff suppressed because it is too large Load Diff

40
libs/ce.py Normal file
View File

@@ -0,0 +1,40 @@
'''
Cost Explorer Library
'''
import boto3
import botocore
import pprint
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', ]
def ce_get_cost_and_usage(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
for region in regions:
client = boto3.client('ce', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.get_cost_and_usage(TimePeriod={'Start': '2018-01-01', 'End': '2018-04-01'}, Granularity='MONTHLY', Metrics=["BlendedCost", "UnblendedCost", "UsageQuantity"],)
print(response)
#if response.get('Services') is None:
# print("{} likely does not have Pricing permissions\n" .format(AWS_ACCESS_KEY_ID))
#elif len(response['Services']) <= 0:
# print("[-] Describe Pricing Services allowed for {} but no results [-]" .format(region))
#else:
# print("### {} Services ###" .format(region))
# for tables in response['ServiceCode']:
# pp.pprint(tables)
# print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('{} : (AccessDenied) when calling the Get Cost & Usage' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

84
libs/cloudtrail.py Normal file
View File

@@ -0,0 +1,84 @@
'''
Cloudtrail functions
'''
import boto3
import botocore
import os
import pprint
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1' ]
# 'cn-north-1', 'cn-northwest-1', 'us-gov-west-1' throwing An error occurred (UnrecognizedClientException) when calling the DescribeTrails operation: The security token included in the request is invalid.
def describe_trails(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing CloudTrail DescribeTrails ###")
try:
for region in regions:
client = boto3.client('cloudtrail', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.describe_trails()
# print (response)
# print(region)
if response['trailList'] is None:
print("{} likely does not have CloudTrail permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['trailList']) <= 0:
print("[-] ListTrails allowed for {} but no results [-]" .format(region))
else:
print("### {} CloudTrail Trails ###" .format(region))
for trail in response['trailList']:
pp.pprint(trail)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
#elif e.response['Error']['Code'] == 'UnrecognizedClientException':
# print('{} : UnrecognizedClientException error' .format(AWS_ACCESS_KEY_ID))
# pass
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
pass
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def list_public_keys(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing CloudTrail DescribeTrails ###")
try:
for region in regions:
client = boto3.client('cloudtrail', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_public_keys()
# print (response)
# print(region)
if response['PublicKeyList'] is None:
print("{} likely does not have CloudTrail permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['PublicKeyList']) <= 0:
print("[-] PublicKeyList allowed for {} but no results [-]" .format(region))
else:
print("### {} CloudTrail Public Keys ###" .format(region))
for keys in response['PublicKeyList']:
pp.pprint(keys)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
pass
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

16
libs/cloudwatch.py
View File

@@ -28,8 +28,12 @@ def describe_alarms(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
@@ -55,8 +59,12 @@ def describe_alarm_history(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print ('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
@@ -82,6 +90,10 @@ def list_metrics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print ('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
except KeyboardInterrupt:

4
libs/config.py
View File

@@ -31,6 +31,8 @@ def describe_configuration_recorders(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, r
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
@@ -56,6 +58,8 @@ def describe_configuration_rules(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, regio
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
pass
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:

2
libs/datapipeline.py
View File

@@ -34,6 +34,8 @@ def list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:

42
libs/dynamodb.py
View File

@@ -5,12 +5,14 @@ dynamoDB functions
import boto3
import botocore
import pprint
import sys,os
import sys
import os
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2']
def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing DynamoDB Tables ###")
@@ -33,11 +35,14 @@ def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing DynamoDB Tables ###")
try:
@@ -59,30 +64,35 @@ def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, table, region):
print("### Describing DynamoDB Table: {} ###" .format(table))
try:
client = boto3.client('dynamodb', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.describe_table(TableName=table)
if response.get('Table') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Table']) <= 0:
print("[-] DescribeTable allowed for {} but no results [-]" .format(region))
print("[-] DescribeTable allowed for {} but no results [-]" .format(region))
else:
print("TableArn: {}" .format(response['Table']['TableArn']))
print("AttributeDefinitions: {}" .format(response['Table']['AttributeDefinitions']))
print("ProvisionedThroughput: {}" .format(response['Table']['ProvisionedThroughput']))
print("TableSizeBytes: {}" .format(response['Table']['TableSizeBytes']))
print("TableName: {}" .format(response['Table']['TableName']))
print("TableStatus: {}" .format(response['Table']['TableStatus']))
print("KeySchema: {}" .format(response['Table']['KeySchema']))
print("ItemCount: {}" .format(response['Table']['ItemCount']))
print("CreationDateTime: {}" .format(response['Table']['CreationDateTime']))
print("TableArn: {}" .format(response['Table']['TableArn']))
print("AttributeDefinitions: {}" .format(response['Table']['AttributeDefinitions']))
print("ProvisionedThroughput: {}" .format(response['Table']['ProvisionedThroughput']))
print("TableSizeBytes: {}" .format(response['Table']['TableSizeBytes']))
print("TableName: {}" .format(response['Table']['TableName']))
print("TableStatus: {}" .format(response['Table']['TableStatus']))
print("KeySchema: {}" .format(response['Table']['KeySchema']))
print("ItemCount: {}" .format(response['Table']['ItemCount']))
print("CreationDateTime: {}" .format(response['Table']['CreationDateTime']))
print("\n")
except botocore.exceptions.ClientError as e:
@@ -90,6 +100,10 @@ def describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, table, region):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDeniedException':
print('{} : Does not have the required DescribeTable permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:

12
libs/dynamodbstreams.py
View File

@@ -1,16 +1,17 @@
'''
dynamoDBstreams functions
dynamoDBstreams functions
'''
import boto3
import botocore
import pprint
import sys,os
import os
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2']
def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
@@ -18,6 +19,7 @@ def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
for region in regions:
client = boto3.client('dynamodbstreams', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_streams()
if response.get('Streams') is None:
print("{} likely does not have DynamoDB permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Streams']) <= 0:
@@ -33,6 +35,8 @@ def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:

235
libs/ec2.py
View File

@@ -1,4 +1,6 @@
#ec2 functions go here
'''
ec2 functions go here
'''
import boto3
import botocore
@@ -6,117 +8,152 @@ import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2']
# we are past the enumeration stage at this point assume you have key that works
def review_encrypted_volumes(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("Reviewing EC2 Volumes... This may take a few....")
not_encrypted = []
encrypted = []
try:
with open("{}-volumes_list.txt" .format(AWS_ACCESS_KEY_ID), "w") as fout:
for region in regions:
client = boto3.client(
'ec2',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
print("Reviewing EC2 Volumes... This may take a few....")
not_encrypted = []
encrypted = []
try:
with open("{}-volumes_list.txt" .format(AWS_ACCESS_KEY_ID), "w") as fout:
for region in regions:
client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.describe_volumes(Filters=[{
'Name': 'status',
'Values': ['in-use']
}])['Volumes']
response = client.describe_volumes(Filters=[{
'Name' : 'status',
'Values' : ['in-use']
}])['Volumes']
for volume in response:
if volume['Encrypted']:
encrypted.append(volume['VolumeId'])
else:
not_encrypted.append(volume['VolumeId'])
fout.write("\nEncrypted: " + str(volume['Encrypted']))
for attachments in volume['Attachments']:
fout.write("\nInstance ID: " + attachments['InstanceId'])
fout.write("\nVolume ID: " + volume['VolumeId'])
fout.write("\nRegion: " + region)
fout.write("\n" + "-" * 40)
print("Writing out results")
fout.write("\nNot encrypted: " + str(len(not_encrypted)) + "\n")
fout.write(pprint.pformat(not_encrypted))
fout.write("\nEncrypted: " + str(len(encrypted)) + "\n")
fout.write(pprint.pformat(encrypted))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
for volume in response:
if volume['Encrypted']:
encrypted.append(volume['VolumeId'])
else:
not_encrypted.append(volume['VolumeId'])
fout.write("\nEncrypted: " + str(volume['Encrypted']))
for attachments in volume['Attachments']:
fout.write("\nInstance ID: " + attachments['InstanceId'])
fout.write("\nVolume ID: " + volume['VolumeId'])
fout.write("\nRegion: " + region)
fout.write("\n" + "-" * 40)
print("Writing out results")
fout.write("\nNot encrypted: " + str(len(not_encrypted)) + "\n")
fout.write(pprint.pformat(not_encrypted))
fout.write("\nEncrypted: " + str(len(encrypted)) + "\n")
fout.write(pprint.pformat(encrypted))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
for region in regions:
client = boto3.client(
'ec2',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
try:
for region in regions:
client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.describe_instances()
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']:
for i in r['Instances']:
pp.pprint(i)
instances = client.describe_instances()
for r in instances['Reservations']:
for i in r['Instances']:
pp.pprint(i)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_instance_details_basic(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
for region in regions:
client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.describe_instances()
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
# print (response)
print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']:
for i in r['Instances']:
launchtime = i['LaunchTime']
instanceid = i['InstanceId']
instancetype = i['InstanceType']
state = i['State']
print("InstanceID: {}, InstanceType: {}, State: {}, Launchtime: {}".format(instanceid, instancetype, state, launchtime))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances-- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
# show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2
except botocore.exceptions.ClientError as e:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
#show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2
def get_instance_volume_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
for region in regions:
client = boto3.client(
'ec2',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
try:
for region in regions:
client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
instances = client.describe_instances()
for r in instances['Reservations']:
for i in r['Instances']:
volumes = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='blockDeviceMapping')
print ("Instance ID: {} \n" .format(i['InstanceId']))
pp.pprint(volumes)
instances = client.describe_instances()
for r in instances['Reservations']:
for i in r['Instances']:
volumes = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='blockDeviceMapping')
print("Instance ID: {} \n" .format(i['InstanceId']))
pp.pprint(volumes)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
# show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
except botocore.exceptions.ClientError as e:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
#show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
def get_instance_volume_details2(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
for region in regions:
client = boto3.client(
'ec2',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
response = client.describe_volumes(Filters=[{
'Name' : 'status',
'Values' : ['in-use']
}])['Volumes']
for volume in response:
print("InstandID:{} \n" .format(volume['Attachments'][0]['InstanceId']))
pp.pprint(volume)
print("\n")
try:
for region in regions:
client = boto3.client('ec2', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
except botocore.exceptions.ClientError as e:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
response = client.describe_volumes(Filters=[{
'Name': 'status',
'Values': ['in-use']
}])['Volumes']
for volume in response:
print("InstandID:{} \n" .format(volume['Attachments'][0]['InstanceId']))
pp.pprint(volume)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have the required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

9
libs/ecr.py
View File

@@ -4,12 +4,13 @@ ECR functions
import boto3
import botocore
import os
import pprint
import sys,os
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-southeast-1', 'ap-southeast-2', ]
def describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
@@ -20,7 +21,7 @@ def describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
response = client.describe_repositories()
#print response
# print (response)
if response.get('repositories') is None:
print("{} likely does not have ECR permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -37,6 +38,8 @@ def describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:

39
libs/elasticbeanstalk.py
View File

@@ -4,13 +4,15 @@ ElasticBeanstalk functions
import boto3
import botocore
import os
import pprint
import sys,os
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
def describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing ElasticBeanstalk Applications ###")
@@ -20,7 +22,7 @@ def describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
response = client.describe_applications()
#print response
# print response
if response.get('Applications') is None:
print("{} likely does not have ElasticBeanstalk permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -37,11 +39,14 @@ def describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing ElasticBeanstalk Applications Versions ###")
try:
@@ -50,7 +55,7 @@ def describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
response = client.describe_application_versions()
#print response
# print response
if response.get('ApplicationVersions') is None:
print("{} likely does not have ElasticBeanstalk permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -67,11 +72,14 @@ def describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing ElasticBeanstalk Configuration Options ###")
try:
@@ -79,8 +87,9 @@ def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
client = boto3.client('elasticbeanstalk', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.describe_configuration_options()
print(response)
#print response
# print response
if response.get('Options') is None:
print("{} likely does not have ElasticBeanstalk permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -88,13 +97,13 @@ def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("[-] DescribeConfigurationOptions allowed for {} but no results [-]" .format(region))
else:
print("### {} ElasticBeanstalk Configuration Options ###" .format(region))
#if response['PlatformArn'] is None:
# if response['PlatformArn'] is None:
# pass
#else:
# else:
# print("PlatformArn: {}" .format(response['PlatformArn']))
print("SolutionStackName: {}" .format(response['SolutionStackName']))
pp.pprint( "Options: {}" .format(response['Options']))
pp.pprint("Options: {}" .format(response['Options']))
print("\n")
except botocore.exceptions.ClientError as e:
@@ -102,11 +111,14 @@ def describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing ElasticBeanstalk Environments ###")
try:
@@ -115,7 +127,7 @@ def describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
response = client.describe_environments()
#print response
# print response
if response.get('Environments') is None:
print("{} likely does not have ElasticBeanstalk permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -132,11 +144,14 @@ def describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing ElasticBeanstalk Environments ###")
try:
@@ -145,7 +160,7 @@ def describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
response = client.describe_events()
#print response
# print response
if response.get('Events') is None:
print("{} likely does not have ElasticBeanstalk permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -162,6 +177,8 @@ def describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:

21
libs/emr.py
View File

@@ -4,13 +4,15 @@ EMR functions
import boto3
import botocore
import os
import pprint
import sys,os
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
def list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing EMR Clusters ###")
@@ -20,8 +22,6 @@ def list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
response = client.list_clusters()
#print response
if response.get('Clusters') is None:
print("{} likely does not have EMR permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Clusters']) <= 0:
@@ -37,10 +37,13 @@ def list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
print("CTRL-C received, exiting...")
def list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing EMR Security Configuration ###")
@@ -50,7 +53,7 @@ def list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
response = client.list_security_configurations()
#print response
# print response
if response.get('SecurityConfigurations') is None:
print("{} likely does not have EMR permissions\n" .format(AWS_ACCESS_KEY_ID))
@@ -67,7 +70,9 @@ def list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
print("CTRL-C received, exiting...")

77
libs/firehose.py Normal file
View File

@@ -0,0 +1,77 @@
'''
Firehose functions
'''
import boto3
import botocore
import os
import pprint
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'eu-central-1', 'eu-west-1', 'ap-northeast-1', 'ap-southeast-1', 'ap-southeast-2', ]
def firehose_list_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing Firehose Delivery Streams ###")
try:
for region in regions:
client = boto3.client('firehose', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_delivery_streams()
# print(response)
if response['DeliveryStreamNames'] is None:
print("{} likely does not have Firehose permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['DeliveryStreamNames']) <= 0:
print("[-] ListDeliveryStreams allowed for {} but no results [-]" .format(region))
else:
print("### {} Firehose Delivery Streams ###" .format(region))
for stream in response['DeliveryStreamNames']:
pp.pprint(stream)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def firehose_describe_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing Firehose Delivery Streams & details ###")
try:
for region in regions:
client = boto3.client('firehose', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_delivery_streams()
# print(response)
if response['DeliveryStreamNames'] is None:
print("{} likely does not have Firehose permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['DeliveryStreamNames']) <= 0:
print("[-] ListDeliveryStreams allowed for {} but no results [-]" .format(region))
else:
print("### {} Firehose Delivery Streams ###" .format(region))
for stream in response['DeliveryStreamNames']:
details = client.describe_delivery_stream(DeliveryStreamName=stream)
# This just prints the blob, needs to be cleaned up
print(details)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

123
libs/iam.py
View File

@@ -13,7 +13,7 @@ import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
region = 'us-east-1'
regions = ['us-east-1']
def check_root_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY,region_name=region)
@@ -51,6 +51,8 @@ def check_root_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("The AWS KEY IS INVALID. Exiting")
if e.response['Error']['Code'] == 'AccessDenied':
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
@@ -194,3 +196,122 @@ def make_backdoor_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, pa
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_list_groups(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing IAM Groups ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_groups()
if response.get('Groups') is None:
print("{} likely does not have IAM permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Groups']) <= 0:
print("[-] ListGroups allowed for {} but no results [-]\n" .format(region))
else:
# print(response)
print ("### {} Groups ###" .format(region))
for group in response['Groups']:
pp.pprint(group)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_get_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing IAM User Info ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.get_user()
print(response)
if response.get('User') is None:
print("{} likely does not have IAM permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['User']) <= 0:
print("[-] GetUser allowed for {} but no results [-]\n" .format(region))
else:
# print(response)
print ("### {} User Account Info ###" .format(region))
for key, value in response['User'].items():
print(key,':', value)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Is NOT a root/IAM key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_get_account_summary(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing IAM Account Summary ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.get_account_summary()
# print(response)
if response.get('SummaryMap') is None:
print("{} likely does not have IAM permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['SummaryMap']) <= 0:
print("[-] GetAccountSummary allowed for {} but no results [-]\n" .format(region))
else:
pp.pprint(response['SummaryMap'])
# print(response)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Is NOT a root/IAM key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def iam_list_users(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("### Printing IAM Users ###")
try:
for region in regions:
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.list_users()
# print(response)
if response.get('Users') is None:
print("{} likely does not have IAM permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Users']) <= 0:
print("[-] ListUsers allowed for {} but no results [-]\n" .format(region))
else:
pp.pprint(response['Users'])
# print(response)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Is NOT a root/IAM key' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

107
libs/opsworks.py
View File

@@ -4,41 +4,80 @@ import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
#http://docs.aws.amazon.com/general/latest/gr/rande.html#opsworks_region
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', ]
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
# http://docs.aws.amazon.com/general/latest/gr/rande.html#opsworks_region
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-1', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1' ]
#region = 'us-east-1'
def describe_stacks(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print('#### Listing Stacks ####')
try:
for region in regions:
client = boto3.client(
'opsworks',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
response = client.describe_stacks()
#debug
print(response)
if response.get('Stacks') is None:
print("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Stacks']) <= 0:
print("[-] DescribeStacks allowed for {} but no results (everyone seems to have this permission) [-]\n" .format(region))
else: #THIS PART IS UNTESTED
for r in response['Stacks']:
pp.pprint(r)
except botocore.exceptions.EndpointConnectionError as e:
print("Unexpected error: {}" .format(e))
print('#### Listing Stacks ####')
try:
for region in regions:
client = boto3.client(
'opsworks',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name=region
)
response = client.describe_stacks()
# debug
# print(response)
if response.get('Stacks') is None:
print("{} likely does not have Opsworks permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Stacks']) <= 0:
print("[-] DescribeStacks allowed for {} but no results [-]\n" .format(region))
else: # THIS PART IS UNTESTED
for r in response['Stacks']:
pp.pprint(r)
except botocore.exceptions.EndpointConnectionError as e:
print("Unexpected error: {}" .format(e))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'EndpointConnectionError':
print("[-] Cant connect to the {} endpoint [-]" .format(region))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_user_profiles(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print('#### Listing User Profiles ####')
try:
for region in regions:
client = boto3.client(
'opsworks',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name=region
)
response = client.describe_user_profiles()
# debug
print(response)
#if response.get('Stacks') is None:
# print("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID))
#elif len(response['Stacks']) <= 0:
# print("[-] DescribeStacks allowed for {} but no results (everyone seems to have this permission) [-]\n" .format(region))
#else: # THIS PART IS UNTESTED
# for r in response['Stacks']:
# pp.pprint(r)
except botocore.exceptions.EndpointConnectionError as e:
print("Unexpected error: {}" .format(e))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'EndpointConnectionError':
print("[-] Cant connect to the {} endpoint [-]" .format(region))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'EndpointConnectionError':
print("[-] Cant connect to the {} endpoint [-]" .format(region))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

39
libs/pricing.py Normal file
View File

@@ -0,0 +1,39 @@
'''
Pricing Library
'''
import boto3
import botocore
import pprint
import sys
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'ap-south-1', ]
def pricing_describe_services(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
for region in regions:
client = boto3.client('pricing', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
response = client.describe_services()
print(response)
if response.get('Services') is None:
print("{} likely does not have Pricing permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Services']) <= 0:
print("[-] Describe Pricing Services allowed for {} but no results [-]" .format(region))
else:
print("### {} Services ###" .format(region))
for tables in response['ServiceCode']:
pp.pprint(tables)
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the Pricing DescribeServices' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

41
libs/rds.py
View File

@@ -9,22 +9,29 @@ regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', '
def describe_db_instances(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print("doing stuff")
try:
for region in regions:
client = boto3.client(
'rds',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
print("doing stuff")
try:
for region in regions:
client = boto3.client(
'rds',
aws_access_key_id = AWS_ACCESS_KEY_ID,
aws_secret_access_key = AWS_SECRET_ACCESS_KEY,
region_name=region
)
instances = client.describe_db_instances()
for r in instances['DBInstances']:
for i in r['Instances']:
pp.pprint(i)
instances = client.describe_db_instances()
for r in instances['DBInstances']:
for i in r['Instances']:
pp.pprint(i)
except botocore.exceptions.ClientError as e:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

4
libs/route53.py
View File

@@ -40,6 +40,10 @@ def list_geolocations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:

24
libs/s3.py
View File

@@ -54,8 +54,10 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
print("\n")
elif e.response['Error']['Code'] == 'AllAccessDisabled':
print('{} : cant list s3 bucket policy [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
print("Unexpected error: {}" .format(e))
try:
acl = client.get_bucket_acl(Bucket=bucket)
@@ -73,16 +75,20 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
print("\n")
elif e.response['Error']['Code'] == 'AllAccessDisabled':
print('{} : cant list s3 bucket acl [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
print("Unexpected error: {}" .format(e))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
@@ -107,8 +113,10 @@ def get_s3object_acl(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket, myfile):
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
@@ -133,8 +141,10 @@ def get_s3objects_for_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
print('{} : cant list s3 bucket policy [AccessDenied]' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
@@ -158,7 +168,9 @@ def get_s3objects_for_account_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print ("Unexpected error: {}" .format(e))
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

37
libs/sqs.py Normal file
View File

@@ -0,0 +1,37 @@
import boto3
import botocore
import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
# from https://docs.aws.amazon.com/general/latest/gr/rande.html#sqs_region
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'cn-north-1', 'cn-northwest-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-gov-west-1' ]
def sqs_list_queues(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
for region in regions:
client = boto3.client("sqs", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
response = client.list_queues()
if response.get('QueueUrls') is None:
print("[-] ListQueues allowed for {} but no results [-]" .format(region))
# THis isnt working need to test with one that works to get the QueueUrl attributes
elif len(response['QueueUrls']) <= 0:
print("[-] ListQueues allowed for {} but no results [-]" .format(region))
else:
print("[+] Listing queuesfor region: {} [+]" .format(region))
for r in response['QueueUrls']:
pp.pprint(r)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

61
libs/sts.py
View File

@@ -4,29 +4,50 @@ import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
#from http://docs.aws.amazon.com/general/latest/gr/rande.html
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ca-central-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-southeast-1', 'ap-southeast-2', ]
def get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
client = boto3.client("sts", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
account_id = client.get_caller_identity()["Account"]
print("Account Id: {}" .format(account_id))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
return account_id
def get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
client = boto3.client("sts", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
account_id = client.get_caller_identity()["Account"]
print("Account Id: {}" .format(account_id))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'EndpointConnectionError':
print("[-] Cant connect to the {} endpoint [-]" .format(region))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
return account_id
def get_accountid_all(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try:
client = boto3.client("sts", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
account_id = client.get_caller_identity()["Account"]
account_userid = client.get_caller_identity()["UserId"]
account_arn = client.get_caller_identity()["Arn"]
print("Account Id: {}" .format(account_id))
print("Account UserID: {}" .format(account_userid) )
print("Account ARN: {}" .format(account_arn) )
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
try:
client = boto3.client("sts", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
account_id = client.get_caller_identity()["Account"]
account_userid = client.get_caller_identity()["UserId"]
account_arn = client.get_caller_identity()["Arn"]
print("Account Id: {}" .format(account_id))
print("Account UserID: {}" .format(account_userid) )
print("Account ARN: {}" .format(account_arn) )
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'EndpointConnectionError':
print("[-] Cant connect to the {} endpoint [-]" .format(region))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
return account_id
return account_id

13
modules/aws_lambda.py Normal file
View File

@@ -0,0 +1,13 @@
'''
This file is used to list lambda functions and event mappings
'''
from libs.aws_lambda import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_lambda_list_functions():
list_functions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_lambda_list_event_source_mappings():
list_event_source_mappings(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

12
modules/ce.py Normal file
View File

@@ -0,0 +1,12 @@
'''
This file is used to perform various Cost Explorer operations
usually have to be root or be specifically assigned the
permission to get anything from this
'''
from libs.ce import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_cost_explorer_get_cost_and_usage():
ce_get_cost_and_usage(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

13
modules/cloudtrail.py Normal file
View File

@@ -0,0 +1,13 @@
'''
This file is used to perform cloudtrail actions
'''
from libs.cloudtrail import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_cloudtrail_describe_trails():
describe_trails(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_cloudtrail_list_public_keys():
list_public_keys(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

15
modules/cloudwatch.py Normal file
View File

@@ -0,0 +1,15 @@
'''
example calling cloudwatch functions
decribe alarms, describe alarm history, list metrics
'''
from libs.cloudwatch import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_cloudwatch_describe_alarms():
describe_alarms(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_cloudwatch_describe_alarm_history():
describe_alarm_history(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_cloudwatch_list_metrics():
list_metrics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

4
datapipeline_list_pipelines.py → modules/datapipeline.py
View File

@@ -1,8 +1,10 @@
'''
data pipeline example
'''
from libs.datapipeline import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_datapipeline_list_pipelines():
list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

27
modules/db.py Normal file
View File

@@ -0,0 +1,27 @@
'''
queries that interact with db can go here
'''
import sqlite3
from sqlite3 import Error
from libs.sql import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
# for a key, what services does it have listed in the DB
def step_show_services_by_key():
db_name = "weirdAAL.db"
results = search_recon_by_key(db_name,AWS_ACCESS_KEY_ID)
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
for result in results:
print("{}:{}".format(result[0],result[1]))
#same as show_sevices
def step_list_services_by_key():
db_name = "weirdAAL.db"
results = search_recon_by_key(db_name,AWS_ACCESS_KEY_ID)
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
for result in results:
print("{}:{}".format(result[0],result[1]))

11
modules/dynamodb.py Normal file
View File

@@ -0,0 +1,11 @@
'''
dynamoDB examples
'''
from libs.dynamodb import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_dynamodb_list_tables():
list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_dynamodb_list_tables_detailed():
list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

8
modules/dynamodbstreams.py Normal file
View File

@@ -0,0 +1,8 @@
'''
dynamoDBstreams examples
'''
from libs.dynamodbstreams import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_dynamodbstreams_list_streams():
list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

53
modules/ec2.py Normal file
View File

@@ -0,0 +1,53 @@
'''
This file is used to perform various EC2 operations
'''
from libs.ec2 import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
'''
Basic info about each EC2 instance
ex:
[+] Listing instances for region: us-west-2 [+]
InstanceID: i-XXXXXXXXXXXXXXX, InstanceType: t2.micro, State: {'Code': 80, 'Name': 'stopped'}, Launchtime: 2016-08-25 22:31:31+00:00
'''
def step_ec2_get_instances_basic():
get_instance_details_basic(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
'''
All info about each EC2 instance
'''
def step_ec2_get_instances_detailed():
get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
'''
show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2
'''
def step_ec2_get_instance_volume_details():
get_instance_volume_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
'''
show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
'''
def step_ec2_get_instance_volume_details2():
get_instance_volume_details2(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
'''
This function is used to list EBS volumes and whether or not they are encrypted. This is only for "in-use" (running) volumes.
'''
def step_ec2_review_encrypted_volumes():
review_encrypted_volumes(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

9
modules/ecr.py Normal file
View File

@@ -0,0 +1,9 @@
'''
ECR functions
'''
from libs.ecr import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_ecr_describe_repos():
describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

33
modules/elasticbeanstalk.py Normal file
View File

@@ -0,0 +1,33 @@
'''
This file is used to perform some ElasticBeanstalk actions
'''
from libs.elasticbeanstalk import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
'''
There is a weird issue that AWS says everyone has elasticbeanstalk permissions
despite not running any of these services - in other words it wont be abnormal
for recon to say it has elasticbeantalk permissions but nothing get returned
when you run these functions
'''
def step_elasticbeanstalk_describe_applications():
describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_elasticbeanstalk_describe_applications_versions():
describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# not working
# def step_elasticbeanstalk_describe_configuration_options():
# describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_elasticbeanstalk_describe_environments():
describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_elasticbeanstalk_describe_events():
describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

13
modules/emr.py Normal file
View File

@@ -0,0 +1,13 @@
'''
This file is used to perform some EMR actions
'''
from libs.emr import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_emr_list_clusters():
list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_emr_list_security_configurations():
list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

14
modules/firehose.py Normal file
View File

@@ -0,0 +1,14 @@
'''
Firehose functions
'''
from libs.firehose import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_firehose_list_delivery_streams():
firehose_list_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_firehose_describe_delivery_streams():
firehose_describe_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

22
modules/iam.py Normal file
View File

@@ -0,0 +1,22 @@
'''
IAM recon functions
'''
from libs.iam import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_iam_list_groups():
iam_list_groups(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_iam_get_user():
iam_get_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_iam_get_account_summary():
iam_get_account_summary(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_iam_list_users():
iam_list_users(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

10
modules/opsworks.py Normal file
View File

@@ -0,0 +1,10 @@
from libs.opsworks import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_opsworks_describe_stacks():
describe_stacks(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_opsworks_describe_user_profiles():
describe_user_profiles(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

12
modules/pricing.py Normal file
View File

@@ -0,0 +1,12 @@
'''
This file is used to perform various pricing operations
usually have to be root or be specifically assigned the
permission to get anything from this
'''
from libs.pricing import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_pricing_describe_services():
pricing_describe_services(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

143
modules/recon.py Normal file
View File

@@ -0,0 +1,143 @@
from __future__ import print_function
from libs.brute import *
from libs.s3 import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_recon_all():
check_root_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_acm_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# AlexaForBusiness
brute_apigateway_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# Application Auto Scaling
brute_appstream_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# AppSync no usable functions
brute_athena_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_autoscaling_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# AutoScalingPlans
brute_batch_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_budgets_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# CostExplorer
# brute_cloud9_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) Was working now its not
brute_clouddirectory_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cloudformation_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cloudfront_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cloudhsm_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# cloudhsmv2
brute_cloudsearch_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# CloudSearchDomain
brute_cloudtrail_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cloudwatch_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_codebuild_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_codecommit_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_codedeploy_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_codepipeline_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_codestar_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cognitoidentity_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cognitoidp_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cognitosync_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# Comprehend
brute_configservice_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# brute_costandusagereportservice_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) #Could not connect to the endpoint URL: "https://cur.us-west-2.amazonaws.com/"
brute_datapipeline_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# DAX
brute_devicefarm_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_directconnect_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_applicationdiscoveryservice_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_dms_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_directoryservice_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_dynamodb_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_dynamodbstreams_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_ec2_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_ecr_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_ecs_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_efs_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_elasticache_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_elasticbeanstalk_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_elastictranscoder_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_elasticloadbalancing_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_elasticloadbalancingv2_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_emr_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_es_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cloudwatchevents_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_firehose_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_gamelift_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_glacier_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# Glue
brute_greengrass_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# GuardDuty
brute_health_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_iam_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_importexport_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_inspector_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_iot_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# IoTDataPlane no functions
# IoTJobsDataPlane
brute_kinesis_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# KinesisVideoArchivedMedia
# KinesisVideoMedia
brute_kinesisanalytics_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# KinesisVideo
brute_kms_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_lambda_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_lexmodels_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# LexRuntimeService #no functions
brute_lightsail_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_cloudwatchlogs_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_machinelearning_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# marketplace-entitlement no functions
# marketplacecommerceanalytics no functions
# MediaConvert
# MediaLive
# MediaPackage
# MediaStore
# MediaStore-Data
# MarketplaceMetering no functions
# MigrationHub
# Mobile
# MQ
brute_mturk_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_opsworks_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_opsworkscm_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_organizations_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# PinPoint no functions
brute_polly_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# Pricing
brute_rds_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_redshift_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_rekognition_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# ResourceGroups
brute_resourcegroupstaggingapi_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_route53_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_route53domains_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_s3_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# SageMaker
# SageMakerRuntime
brute_sdb_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# ServerlessApplicationRepository
brute_servicecatalog_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# ServiceDiscovery
brute_ses_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_shield_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_sms_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_snowball_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_sns_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
brute_sqs_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# SSM
brute_stepfunctions_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# StorageGateway
brute_sts_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# Support
# SWF
# TranscribeService
# Translate
# WAF
# WAFRegional
# WorkDocs
# WorkMail
brute_workspaces_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
# XRay no functions
# S3 bucket's while we are here...
get_s3objects_for_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

10
modules/route53.py Normal file
View File

@@ -0,0 +1,10 @@
'''
route53 functions
'''
from libs.route53 import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_route53_list_geolocations():
list_geolocations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

9
modules/sqs.py Normal file
View File

@@ -0,0 +1,9 @@
'''
SQS
'''
from libs.sqs import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_sqs_list_queues():
sqs_list_queues(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

12
modules/sts.py Normal file
View File

@@ -0,0 +1,12 @@
'''
This file is used to perform some EMR actions
'''
from libs.sts import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
def step_sts_get_accountid():
get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
def step_sts_get_accountidall():
get_accountid_all(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

4
opsworks_describe_stacks.py
View File

@@ -1,4 +0,0 @@
from libs.opsworks import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
describe_stacks(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)

14
show_services_by_key.py
View File

@@ -1,14 +0,0 @@
import sqlite3
from sqlite3 import Error
from libs.sql import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
if __name__ == "__main__":
db_name = "weirdAAL.db"
results = search_recon_by_key(db_name,AWS_ACCESS_KEY_ID)
print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
for result in results:
print("{}:{}".format(result[0],result[1]))

8
sts_get_account_id.py
View File

@@ -1,8 +0,0 @@
'''
This file is used to perform some EMR actions
'''
from libs.sts import *
from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
get_accountid_all(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)