dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lambda update for get function and broken error handling in ec2

Browse Source
This commit is contained in:
carnal0wnage
2018-04-24 21:10:30 -04:00
parent 39b86b431d
commit a5adb1def9
3 changed files with 136 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
libs/aws_lambda.py
View File

@@ -85,3 +85,36 @@ def list_event_source_mappings():
print("Unexpected error: {}" .format(e)) print("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
def lambda_get_function(functionname, region):
'''
Returns the configuration information of the Lambda function and a presigned URL link to the .zip file you uploaded with CreateFunction so you can download the .zip file. Note that the URL is valid for up to 10 minutes. The configuration information is the same information you provided as parameters when uploading the function.
'''
print("### Attempting to get function {} ###".format(functionname))
try:
client = boto3.client('lambda', region_name=region)
response = client.get_function(FunctionName=functionname)
#print(response)
if response.get('Configuration') is None:
print("{} likely does not have Lambda permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Configuration']) <= 0:
print("[-] GetFunction allowed for {} but no results [-]" .format(region))
else:
print(response['Configuration'])
print("\n")
# print(response['Code'])
print("Download link for {}:{}".format(functionname,response['Code']['Location']))
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print("Unexpected error: {}" .format(e))
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

133
libs/ec2.py
View File

@@ -7,6 +7,7 @@ import botocore
import datetime import datetime
import os import os
import pprint import pprint
import sys
import time import time
from libs.sql import * from libs.sql import *
@@ -14,7 +15,7 @@ from libs.sql import *
pp = pprint.PrettyPrinter(indent=5, width=80) pp = pprint.PrettyPrinter(indent=5, width=80)
# from http://docs.aws.amazon.com/general/latest/gr/rande.html # from http://docs.aws.amazon.com/general/latest/gr/rande.html
regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'cn-north-1', 'cn-northwest-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-gov-west-1' ] regions = ['us-east-1', 'us-east-2', 'us-west-1', 'us-west-2', 'ap-northeast-1', 'ap-northeast-2', 'ap-northeast-3', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'cn-north-1', 'cn-northwest-1', 'eu-central-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'sa-east-1', 'us-gov-west-1']
''' '''
Code to get the AWS_ACCESS_KEY_ID from boto3 Code to get the AWS_ACCESS_KEY_ID from boto3
@@ -24,7 +25,6 @@ credentials = session.get_credentials()
AWS_ACCESS_KEY_ID = credentials.access_key AWS_ACCESS_KEY_ID = credentials.access_key
def review_encrypted_volumes(): def review_encrypted_volumes():
print("Reviewing EC2 Volumes... This may take a few....") print("Reviewing EC2 Volumes... This may take a few....")
not_encrypted = [] not_encrypted = []
@@ -39,7 +39,11 @@ def review_encrypted_volumes():
'Values': ['in-use'] 'Values': ['in-use']
}])['Volumes'] }])['Volumes']
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
for volume in response: for volume in response:
if volume['Encrypted']: if volume['Encrypted']:
encrypted.append(volume['VolumeId']) encrypted.append(volume['VolumeId'])
@@ -74,7 +78,11 @@ def describe_instances():
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
response = client.describe_instances() response = client.describe_instances()
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0: if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region)) print("[-] List instances allowed for {} but no results [-]" .format(region))
else: else:
@@ -110,7 +118,11 @@ def describe_instances_basic():
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
response = client.describe_instances() response = client.describe_instances()
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0: if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region)) print("[-] List instances allowed for {} but no results [-]" .format(region))
else: else:
@@ -157,14 +169,18 @@ def write_instances_to_file():
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
response = client.describe_instances() response = client.describe_instances()
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0: if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region)) print("[-] List instances allowed for {} but no results [-]" .format(region))
else: else:
# print (response) # print (response)
print("[+] Listing instances for region: {} [+]" .format(region)) print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']: for r in response['Reservations']:
file = open('{}/loot/{}-{}.txt'.format(os.getcwd(),AWS_ACCESS_KEY_ID,region), "a") file = open('{}/loot/{}-{}.txt'.format(os.getcwd(), AWS_ACCESS_KEY_ID, region), "a")
for i in r['Instances']: for i in r['Instances']:
instanceid = i['InstanceId'] instanceid = i['InstanceId']
file.write("{}\n".format(instanceid)) file.write("{}\n".format(instanceid))
@@ -194,12 +210,16 @@ def ec2_list_launchable_ami():
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
response = client.describe_images(ExecutableUsers=['self']) response = client.describe_images(ExecutableUsers=['self'])
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeImages -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
# print(response) # print(response)
if len(response['Images']) <= 0: if len(response['Images']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region)) print("[-] List instances allowed for {} but no results [-]" .format(region))
else: else:
# print (response) # print(response)
print("[+] Listing AMIs for region: {} [+]" .format(region)) print("[+] Listing AMIs for region: {} [+]" .format(region))
for r in response['Images']: for r in response['Images']:
pp.pprint(r) pp.pprint(r)
@@ -225,15 +245,19 @@ def ec2_list_owner_ami():
for region in regions: for region in regions:
try: try:
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
#response = client.describe_images(Filters=[{'Name': 'is-public','Values': ['False',]},]) # response = client.describe_images(Filters=[{'Name': 'is-public','Values': ['False',]},])
response = client.describe_images(Owners=['self']) response = client.describe_images(Owners=['self'])
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeImages -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
# print(response) # print(response)
if len(response['Images']) <= 0: if len(response['Images']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region)) print("[-] DescribeImages allowed for {} but no results [-]" .format(region))
else: else:
# print (response) # print(response)
print("[+] Listing AMIs for region: {} [+]" .format(region)) print("[+] Listing AMIs for region: {} [+]" .format(region))
for r in response['Images']: for r in response['Images']:
pp.pprint(r) pp.pprint(r)
@@ -261,7 +285,11 @@ def get_instance_volume_details():
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
instances = client.describe_instances() instances = client.describe_instances()
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the Describeinstances -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
for r in instances['Reservations']: for r in instances['Reservations']:
for i in r['Instances']: for i in r['Instances']:
volumes = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='blockDeviceMapping') volumes = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='blockDeviceMapping')
@@ -292,7 +320,11 @@ def get_instance_volume_details2():
'Values': ['in-use'] 'Values': ['in-use']
}])['Volumes'] }])['Volumes']
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have the required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
for volume in response: for volume in response:
print("InstandID:{} \n" .format(volume['Attachments'][0]['InstanceId'])) print("InstandID:{} \n" .format(volume['Attachments'][0]['InstanceId']))
pp.pprint(volume) pp.pprint(volume)
@@ -316,7 +348,11 @@ def describe_addresses():
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
response = client.describe_addresses() response = client.describe_addresses()
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeAddresses -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if response.get('Addresses') is None: if response.get('Addresses') is None:
print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID)) print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['Addresses']) <= 0: elif len(response['Addresses']) <= 0:
@@ -345,7 +381,11 @@ def describe_network_interfaces():
response = client.describe_network_interfaces() response = client.describe_network_interfaces()
# print(response) # print(response)
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if response.get('NetworkInterfaces') is None: if response.get('NetworkInterfaces') is None:
print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID)) print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['NetworkInterfaces']) <= 0: elif len(response['NetworkInterfaces']) <= 0:
@@ -374,7 +414,11 @@ def describe_route_tables():
response = client.describe_route_tables() response = client.describe_route_tables()
# print(response) # print(response)
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if response.get('RouteTables') is None: if response.get('RouteTables') is None:
print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID)) print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['RouteTables']) <= 0: elif len(response['RouteTables']) <= 0:
@@ -394,18 +438,19 @@ def describe_route_tables():
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
def get_console_screenshot(instanceid, region): def get_console_screenshot(instanceid, region):
try: try:
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region)) print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True) response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid, WakeUp=True)
# print(response) # print(response)
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation': if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID)) print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True) response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid, WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid)) print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb") file = open('{}/screenshots/{}.png'.format(os.getcwd(), instanceid), "wb")
file.write(base64.b64decode(response['ImageData'])) file.write(base64.b64decode(response['ImageData']))
file.close file.close
# print(response) # print(response)
@@ -418,6 +463,7 @@ def get_console_screenshot(instanceid, region):
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
def get_console_screenshot_all(): def get_console_screenshot_all():
try: try:
for region in regions: for region in regions:
@@ -425,7 +471,11 @@ def get_console_screenshot_all():
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
response = client.describe_instances() response = client.describe_instances()
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling describe_instances -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0: if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region)) print("[-] List instances allowed for {} but no results [-]" .format(region))
else: else:
@@ -437,13 +487,13 @@ def get_console_screenshot_all():
try: try:
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region)) print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True) response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid, WakeUp=True)
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation': if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID)) print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True) response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid, WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid)) print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb") file = open('{}/screenshots/{}.png'.format(os.getcwd(), instanceid), "wb")
file.write(base64.b64decode(response['ImageData'])) file.write(base64.b64decode(response['ImageData']))
file.close file.close
# print(response) # print(response)
@@ -467,6 +517,7 @@ def get_console_screenshot_all():
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
def get_console_screenshot_all_region(region): def get_console_screenshot_all_region(region):
try: try:
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
@@ -482,13 +533,13 @@ def get_console_screenshot_all_region(region):
try: try:
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region)) print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True) response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid, WakeUp=True)
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation': if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID)) print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True) response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid, WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid)) print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb") file = open('{}/screenshots/{}.png'.format(os.getcwd(), instanceid), "wb")
file.write(base64.b64decode(response['ImageData'])) file.write(base64.b64decode(response['ImageData']))
file.close file.close
# print(response) # print(response)
@@ -513,7 +564,7 @@ def get_console_screenshot_all_region(region):
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
def get_console_screenshot_all_region_list(file,region): def get_console_screenshot_all_region_list(file, region):
try: try:
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
@@ -521,13 +572,13 @@ def get_console_screenshot_all_region_list(file,region):
for line in alist: for line in alist:
try: try:
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(line, region)) print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(line, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=line,WakeUp=True) response = client.get_console_screenshot(DryRun=True, InstanceId=line, WakeUp=True)
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation': if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID)) print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=line,WakeUp=True) response = client.get_console_screenshot(DryRun=False, InstanceId=line, WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(line)) print('[+] Writing screenshot to screenshots/{}.png [+]'.format(line))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),line), "wb") file = open('{}/screenshots/{}.png'.format(os.getcwd(), line), "wb")
file.write(base64.b64decode(response['ImageData'])) file.write(base64.b64decode(response['ImageData']))
file.close file.close
# print(response) # print(response)
@@ -551,6 +602,7 @@ def get_console_screenshot_all_region_list(file,region):
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
def get_console_output(instanceid, region): def get_console_output(instanceid, region):
try: try:
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
@@ -562,7 +614,7 @@ def get_console_output(instanceid, region):
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID)) print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid) response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid)) print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w") file = open('{}/loot/{}-console.txt'.format(os.getcwd(), instanceid), "w")
file.write(str(response['Output'])) file.write(str(response['Output']))
file.close file.close
# print(response) # print(response)
@@ -575,6 +627,7 @@ def get_console_output(instanceid, region):
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
def get_console_output_all(): def get_console_output_all():
try: try:
for region in regions: for region in regions:
@@ -582,7 +635,11 @@ def get_console_output_all():
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
response = client.describe_instances() response = client.describe_instances()
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
print(e) if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if len(response['Reservations']) <= 0: if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region)) print("[-] List instances allowed for {} but no results [-]" .format(region))
else: else:
@@ -600,7 +657,7 @@ def get_console_output_all():
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID)) print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid) response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid)) print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w") file = open('{}/loot/{}-console.txt'.format(os.getcwd(), instanceid), "w")
file.write(str(response['Output'])) file.write(str(response['Output']))
file.close file.close
# print(response) # print(response)
@@ -646,7 +703,7 @@ def get_console_output_all_region(region):
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID)) print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid) response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid)) print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w") file = open('{}/loot/{}-console.txt'.format(os.getcwd(), instanceid), "w")
file.write(str(response['Output'])) file.write(str(response['Output']))
file.close file.close
# print(response) # print(response)
@@ -671,7 +728,7 @@ def get_console_output_all_region(region):
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
def get_console_output_all_region_list(file,region): def get_console_output_all_region_list(file, region):
try: try:
client = boto3.client('ec2', region_name=region) client = boto3.client('ec2', region_name=region)
@@ -685,7 +742,7 @@ def get_console_output_all_region_list(file,region):
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID)) print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=line) response = client.get_console_output(DryRun=False, InstanceId=line)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(line)) print('[+] Writing console output to loot/{}-console.txt [+]'.format(line))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),line), "w") file = open('{}/loot/{}-console.txt'.format(os.getcwd(), line), "w")
file.write(str(response['Output'])) file.write(str(response['Output']))
file.close file.close
# print(response) # print(response)

8
modules/aws_lambda.py
View File

@@ -10,3 +10,11 @@ def module_lambda_list_functions():
def module_lambda_list_event_source_mappings(): def module_lambda_list_event_source_mappings():
list_event_source_mappings() list_event_source_mappings()
def module_lambda_get_function(*text):
'''
get specfied function. Takes function name from list_functions and region the function exists in
'''
lambda_get_function(text[0][0], text[0][1])