handle ctrl-c
This commit is contained in:
carnal0wnage
@@ -36,6 +36,8 @@ def list_functions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print e
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def list_event_source_mappings(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print("### Listing Lambda Event Source Mappings ###")
|
||||
@@ -61,3 +63,5 @@ def list_event_source_mappings(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print e
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
@@ -30,6 +30,8 @@ def describe_alarms(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def describe_alarm_history(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print("### Printing Cloudwatch Alarm History Information ###")
|
||||
@@ -55,6 +57,8 @@ def describe_alarm_history(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def list_metrics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print("### Printing Cloudwatch List Metrics ###")
|
||||
@@ -80,3 +84,5 @@ def list_metrics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
@@ -32,7 +32,9 @@ def describe_configuration_recorders(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, r
|
||||
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
|
||||
pass
|
||||
else:
|
||||
print "Unexpected error: %s" % e
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
return response
|
||||
|
||||
@@ -55,6 +57,8 @@ def describe_configuration_rules(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, regio
|
||||
print('[-] {} : does not have config access. Did you check first?' .format(AWS_ACCESS_KEY_ID))
|
||||
pass
|
||||
else:
|
||||
print "Unexpected error: %s" % e
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
return response
|
||||
@@ -37,3 +37,5 @@ def list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
@@ -36,6 +36,8 @@ def list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print("### Printing DynamoDB Tables ###")
|
||||
@@ -62,6 +64,8 @@ def list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, table, region):
|
||||
print "### Describing DynamoDB Table: {} ###" .format(table)
|
||||
@@ -92,4 +96,6 @@ def describe_table(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, table, region):
|
||||
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
|
||||
@@ -37,3 +37,5 @@ def list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
@@ -50,6 +50,8 @@ def review_encrypted_volumes(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print e
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
|
||||
def get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
@@ -69,6 +71,8 @@ def get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print e
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
#show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2
|
||||
def get_instance_volume_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
@@ -90,6 +94,8 @@ def get_instance_volume_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print e
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
#show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
|
||||
def get_instance_volume_details2(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
@@ -112,4 +118,6 @@ def get_instance_volume_details2(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print e
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
|
||||
@@ -39,3 +39,5 @@ def describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Does not have the required permissions' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
20
libs/iam.py
20
libs/iam.py
@@ -53,6 +53,8 @@ def check_root_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def change_user_console_password(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, password):
|
||||
client = boto3.client('iam', aws_access_key_id = AWS_ACCESS_KEY_ID, aws_secret_access_key = AWS_SECRET_ACCESS_KEY, region_name=region)
|
||||
@@ -68,6 +70,8 @@ def change_user_console_password(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, usern
|
||||
print("[-]: User likely doesnt have console access")
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
|
||||
def create_user_console_password(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, password):
|
||||
@@ -84,6 +88,8 @@ def create_user_console_password(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, usern
|
||||
print("[-]: User likely doesnt have console access")
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
|
||||
def get_password_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
@@ -95,6 +101,8 @@ def get_password_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
pp.pprint(pass_policy['PasswordPolicy'])
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def create_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
|
||||
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
|
||||
@@ -110,6 +118,8 @@ def create_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
|
||||
print("ERROR: The provided user: {} already exists" .format(username))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def create_access_key(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
|
||||
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
|
||||
@@ -120,6 +130,8 @@ def create_access_key(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
|
||||
pp.pprint(create_access_key['AccessKey'])
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def delete_access_key(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, accesskey):
|
||||
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
|
||||
@@ -133,6 +145,8 @@ def delete_access_key(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, access
|
||||
print("ERROR: The provided AccessKey doesnt exist")
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
#untested :-/ but should work #TODO
|
||||
def delete_mfa_device(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, mfaserial):
|
||||
@@ -146,6 +160,8 @@ def delete_mfa_device(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, mfaser
|
||||
print("ERROR: The provided AccessKey doesnt exist")
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
|
||||
def make_admin(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
|
||||
@@ -161,6 +177,8 @@ def make_admin(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username):
|
||||
print("ERROR: Account does not have permissions to add the policy")
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
def make_backdoor_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, password):
|
||||
client = boto3.client('iam', aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY, region_name=region)
|
||||
@@ -174,3 +192,5 @@ def make_backdoor_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, username, pa
|
||||
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
@@ -40,3 +40,5 @@ def describe_stacks(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print "[-] Cant connect to the {} endpoint [-]" .format(region)
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
@@ -26,3 +26,5 @@ def describe_db_instances(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
|
||||
except botocore.exceptions.ClientError as e:
|
||||
print e
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
10
libs/s3.py
10
libs/s3.py
@@ -35,6 +35,8 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
|
||||
print('{} : cant list s3 bucket [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
try:
|
||||
policy = client.get_bucket_policy(Bucket=bucket)
|
||||
@@ -81,6 +83,8 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
|
||||
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
#specifically get the acl on a file in a buckeet
|
||||
def get_s3object_acl(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket, myfile):
|
||||
@@ -105,6 +109,8 @@ def get_s3object_acl(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket, myfile):
|
||||
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
#given an aws keypair what s3 assets does it have permission to
|
||||
def get_s3objects_for_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
@@ -129,6 +135,8 @@ def get_s3objects_for_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
|
||||
def get_s3objects_for_account_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
@@ -152,3 +160,5 @@ def get_s3objects_for_account_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
|
||||
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
|
||||
else:
|
||||
print "Unexpected error: {}" .format(e)
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
|
||||
@@ -13,6 +13,9 @@ AWS_SECRET_ACCESS_KEY = ''
|
||||
|
||||
|
||||
def get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
|
||||
client = boto3.client("sts", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
|
||||
account_id = client.get_caller_identity()["Account"]
|
||||
try:
|
||||
client = boto3.client("sts", aws_access_key_id=AWS_ACCESS_KEY_ID, aws_secret_access_key=AWS_SECRET_ACCESS_KEY)
|
||||
account_id = client.get_caller_identity()["Account"]
|
||||
except KeyboardInterrupt:
|
||||
print("CTRL-C received, exiting...")
|
||||
return account_id
|
||||
Reference in New Issue
Block a user