dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lambda update for get function and broken error handling in ec2

Browse Source
This commit is contained in:
carnal0wnage
2018-04-24 21:10:30 -04:00
parent 39b86b431d
commit a5adb1def9
3 changed files with 136 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
libs/aws_lambda.py
View File

@@ -85,3 +85,36 @@ def list_event_source_mappings():
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def lambda_get_function(functionname, region):
'''
Returns the configuration information of the Lambda function and a presigned URL link to the .zip file you uploaded with CreateFunction so you can download the .zip file. Note that the URL is valid for up to 10 minutes. The configuration information is the same information you provided as parameters when uploading the function.
'''
print("### Attempting to get function {} ###".format(functionname))
try:
client = boto3.client('lambda', region_name=region)
response = client.get_function(FunctionName=functionname)
#print(response)
if response.get('Configuration') is None:
print("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Configuration']) <= 0:
print("[-] GetFunction allowed for {} but no results [-]" .format(region))
else:
print(response['Configuration'])
print("\n")
# print(response['Code'])
print("Download link for {}:{}".format(functionname,response['Code']['Location']))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

133
libs/ec2.py
View File

@@ -7,6 +7,7 @@ import botocore
import datetime
import os
import pprint
import sys
import time
from libs.sql import *
@@ -14,7 +15,7 @@ from libs.sql import *
pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'cn-north-1', 'cn-northwest-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-gov-west-1' ]
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'cn-north-1', 'cn-northwest-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-gov-west-1']
'''
Code to get the AWS_ACCESS_KEY_ID from boto3
@@ -24,7 +25,6 @@ credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key
def review_encrypted_volumes():
print("Reviewing EC2 Volumes... This may take a few....")
not_encrypted = []
@@ -39,7 +39,11 @@ def review_encrypted_volumes():
'Values': ['in-use']
}])['Volumes']
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
for volume in response:
if volume['Encrypted']:
encrypted.append(volume['VolumeId'])
@@ -74,7 +78,11 @@ def describe_instances():
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
@@ -110,7 +118,11 @@ def describe_instances_basic():
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
@@ -157,14 +169,18 @@ def write_instances_to_file():
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
# print (response)
print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']:
file = open('{}/loot/{}-{}.txt'.format(os.getcwd(),AWS_ACCESS_KEY_ID,region), "a")
file = open('{}/loot/{}-{}.txt'.format(os.getcwd(), AWS_ACCESS_KEY_ID, region), "a")
for i in r['Instances']:
instanceid = i['InstanceId']
file.write("{}\n".format(instanceid))
@@ -194,12 +210,16 @@ def ec2_list_launchable_ami():
client = boto3.client('ec2', region_name=region)
response = client.describe_images(ExecutableUsers=['self'])
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeImages -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
# print(response)
if len(response['Images']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
# print (response)
# print(response)
print("[+] Listing AMIs for region: {} [+]" .format(region))
for r in response['Images']:
pp.pprint(r)
@@ -225,15 +245,19 @@ def ec2_list_owner_ami():
for region in regions:
try:
client = boto3.client('ec2', region_name=region)
#response = client.describe_images(Filters=[{'Name': 'is-public','Values': ['False',]},])
# response = client.describe_images(Filters=[{'Name': 'is-public','Values': ['False',]},])
response = client.describe_images(Owners=['self'])
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeImages -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
# print(response)
if len(response['Images']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
print("[-] DescribeImages allowed for {} but no results [-]" .format(region))
else:
# print (response)
# print(response)
print("[+] Listing AMIs for region: {} [+]" .format(region))
for r in response['Images']:
pp.pprint(r)
@@ -261,7 +285,11 @@ def get_instance_volume_details():
client = boto3.client('ec2', region_name=region)
instances = client.describe_instances()
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the Describeinstances -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
for r in instances['Reservations']:
for i in r['Instances']:
volumes = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='blockDeviceMapping')
@@ -292,7 +320,11 @@ def get_instance_volume_details2():
'Values': ['in-use']
}])['Volumes']
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have the required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
for volume in response:
print("InstandID:{} \n" .format(volume['Attachments'][0]['InstanceId']))
pp.pprint(volume)
@@ -316,7 +348,11 @@ def describe_addresses():
client = boto3.client('ec2', region_name=region)
response = client.describe_addresses()
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeAddresses -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if response.get('Addresses') is None:
print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Addresses']) <= 0:
@@ -345,7 +381,11 @@ def describe_network_interfaces():
response = client.describe_network_interfaces()
# print(response)
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if response.get('NetworkInterfaces') is None:
print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['NetworkInterfaces']) <= 0:
@@ -374,7 +414,11 @@ def describe_route_tables():
response = client.describe_route_tables()
# print(response)
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if response.get('RouteTables') is None:
print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['RouteTables']) <= 0:
@@ -394,18 +438,19 @@ def describe_route_tables():
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_screenshot(instanceid, region):
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True)
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid, WakeUp=True)
# print(response)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True)
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid, WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb")
file = open('{}/screenshots/{}.png'.format(os.getcwd(), instanceid), "wb")
file.write(base64.b64decode(response['ImageData']))
file.close
# print(response)
@@ -418,6 +463,7 @@ def get_console_screenshot(instanceid, region):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_screenshot_all():
try:
for region in regions:
@@ -425,7 +471,11 @@ def get_console_screenshot_all():
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling describe_instances -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
@@ -437,13 +487,13 @@ def get_console_screenshot_all():
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True)
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid, WakeUp=True)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True)
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid, WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb")
file = open('{}/screenshots/{}.png'.format(os.getcwd(), instanceid), "wb")
file.write(base64.b64decode(response['ImageData']))
file.close
# print(response)
@@ -467,6 +517,7 @@ def get_console_screenshot_all():
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_screenshot_all_region(region):
try:
client = boto3.client('ec2', region_name=region)
@@ -482,13 +533,13 @@ def get_console_screenshot_all_region(region):
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True)
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid, WakeUp=True)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True)
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid, WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb")
file = open('{}/screenshots/{}.png'.format(os.getcwd(), instanceid), "wb")
file.write(base64.b64decode(response['ImageData']))
file.close
# print(response)
@@ -513,7 +564,7 @@ def get_console_screenshot_all_region(region):
print("CTRL-C received, exiting...")
def get_console_screenshot_all_region_list(file,region):
def get_console_screenshot_all_region_list(file, region):
try:
client = boto3.client('ec2', region_name=region)
@@ -521,13 +572,13 @@ def get_console_screenshot_all_region_list(file,region):
for line in alist:
try:
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(line, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=line,WakeUp=True)
response = client.get_console_screenshot(DryRun=True, InstanceId=line, WakeUp=True)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=line,WakeUp=True)
response = client.get_console_screenshot(DryRun=False, InstanceId=line, WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(line))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),line), "wb")
file = open('{}/screenshots/{}.png'.format(os.getcwd(), line), "wb")
file.write(base64.b64decode(response['ImageData']))
file.close
# print(response)
@@ -551,6 +602,7 @@ def get_console_screenshot_all_region_list(file,region):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_output(instanceid, region):
try:
client = boto3.client('ec2', region_name=region)
@@ -562,7 +614,7 @@ def get_console_output(instanceid, region):
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w")
file = open('{}/loot/{}-console.txt'.format(os.getcwd(), instanceid), "w")
file.write(str(response['Output']))
file.close
# print(response)
@@ -575,6 +627,7 @@ def get_console_output(instanceid, region):
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_output_all():
try:
for region in regions:
@@ -582,7 +635,11 @@ def get_console_output_all():
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
except botocore.exceptions.ClientError as e:
print(e)
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
@@ -600,7 +657,7 @@ def get_console_output_all():
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w")
file = open('{}/loot/{}-console.txt'.format(os.getcwd(), instanceid), "w")
file.write(str(response['Output']))
file.close
# print(response)
@@ -646,7 +703,7 @@ def get_console_output_all_region(region):
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w")
file = open('{}/loot/{}-console.txt'.format(os.getcwd(), instanceid), "w")
file.write(str(response['Output']))
file.close
# print(response)
@@ -671,7 +728,7 @@ def get_console_output_all_region(region):
print("CTRL-C received, exiting...")
def get_console_output_all_region_list(file,region):
def get_console_output_all_region_list(file, region):
try:
client = boto3.client('ec2', region_name=region)
@@ -685,7 +742,7 @@ def get_console_output_all_region_list(file,region):
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=line)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(line))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),line), "w")
file = open('{}/loot/{}-console.txt'.format(os.getcwd(), line), "w")
file.write(str(response['Output']))
file.close
# print(response)