dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

get console output and get console screenshot functionality

Browse Source
This commit is contained in:
carnal0wnage
2018-04-20 22:14:20 -04:00
parent 6c6359476f
commit b725523de1
2 changed files with 447 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

352
libs/ec2.py
View File

@@ -1,11 +1,13 @@
'''
EC2 functions for WeirdAAL
'''
import base64
import boto3
import botocore
import datetime
import os
import pprint
import time
from libs.sql import *
@@ -137,6 +139,40 @@ def describe_instances_basic():
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def write_instances_to_file():
'''
For each region write the instance IDs to file - AWSKEY-region.txt
'''
try:
for region in regions:
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
# print (response)
print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']:
file = open('{}/loot/{}-{}.txt'.format(os.getcwd(),AWS_ACCESS_KEY_ID,region), "a")
for i in r['Instances']:
instanceid = i['InstanceId']
file.write("{}\n".format(instanceid))
file.close
print("\n")
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
# show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2
@@ -162,10 +198,11 @@ def get_instance_volume_details():
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
# show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
def get_instance_volume_details2():
'''
show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
'''
try:
for region in regions:
client = boto3.client('ec2', region_name=region)
@@ -266,3 +303,312 @@ def describe_route_tables():
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_screenshot(instanceid, region):
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True)
# print(response)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb")
file.write(base64.b64decode(response['ImageData']))
file.close
# print(response)
elif e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_screenshot_all():
try:
for region in regions:
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
# print (response)
print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']:
for i in r['Instances']:
instanceid = i['InstanceId']
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb")
file.write(base64.b64decode(response['ImageData']))
file.close
# print(response)
elif e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Message'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_screenshot_all_region(region):
try:
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
# print (response)
print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']:
for i in r['Instances']:
instanceid = i['InstanceId']
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=instanceid,WakeUp=True)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=instanceid,WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(instanceid))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),instanceid), "wb")
file.write(base64.b64decode(response['ImageData']))
file.close
# print(response)
elif e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Message'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_screenshot_all_region_list(file,region):
try:
client = boto3.client('ec2', region_name=region)
alist = [line.rstrip() for line in open(file)]
for line in alist:
try:
print("[INFO] Checking for required permissions to screenshot: {} on {} [INFO]" .format(line, region))
response = client.get_console_screenshot(DryRun=True, InstanceId=line,WakeUp=True)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the screenshot attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_screenshot(DryRun=False, InstanceId=line,WakeUp=True)
print('[+] Writing screenshot to screenshots/{}.png [+]'.format(line))
file = open('{}/screenshots/{}.png'.format(os.getcwd(),line), "wb")
file.write(base64.b64decode(response['ImageData']))
file.close
# print(response)
elif e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Message'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_output(instanceid, region):
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to get console output: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_output(DryRun=True, InstanceId=instanceid)
# print(response)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w")
file.write(str(response['Output']))
file.close
# print(response)
elif e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_output_all():
try:
for region in regions:
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
# print (response)
print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']:
for i in r['Instances']:
instanceid = i['InstanceId']
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to get console output: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_output(DryRun=True, InstanceId=instanceid)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w")
file.write(str(response['Output']))
file.close
# print(response)
elif e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Message'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_output_all_region(region):
try:
client = boto3.client('ec2', region_name=region)
response = client.describe_instances()
if len(response['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
# print (response)
print("[+] Listing instances for region: {} [+]" .format(region))
for r in response['Reservations']:
for i in r['Instances']:
instanceid = i['InstanceId']
try:
client = boto3.client('ec2', region_name=region)
print("[INFO] Checking for required permissions to get console output: {} on {} [INFO]" .format(instanceid, region))
response = client.get_console_output(DryRun=True, InstanceId=instanceid)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=instanceid)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(instanceid))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),instanceid), "w")
file.write(str(response['Output']))
file.close
# print(response)
elif e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Message'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_console_output_all_region_list(file,region):
try:
client = boto3.client('ec2', region_name=region)
alist = [line.rstrip() for line in open(file)]
for line in alist:
try:
print("[INFO] Checking for required permissions to get console output: {} on {} [INFO]" .format(line, region))
response = client.get_console_output(DryRun=True, InstanceId=line)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'DryRunOperation':
print('[+] {} : Has permissions...proceeding with the console output attempt [+]' .format(AWS_ACCESS_KEY_ID))
response = client.get_console_output(DryRun=False, InstanceId=line)
print('[+] Writing console output to loot/{}-console.txt [+]'.format(line))
file = open('{}/loot/{}-console.txt'.format(os.getcwd(),line), "w")
file.write(str(response['Output']))
file.close
# print(response)
elif e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Message'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'InternalError':
print('{} : Has permissions but an internal error occured - check manually' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")

110
modules/ec2.py
View File

@@ -4,76 +4,134 @@ This file is used to perform various EC2 operations
from libs.ec2 import *
def module_ec2_describe_instances_basic():
'''
Basic info about each EC2 instance
ex:
[+] Listing instances for region: us-west-2 [+]
InstanceID: i-XXXXXXXXXXXXXXX, InstanceType: t2.micro, State: {'Code': 80, 'Name': 'stopped'}, Launchtime: 2016-08-25 22:31:31+00:00
'''
def module_ec2_describe_instances_basic():
describe_instances_basic()
def module_ec2_describe_instances():
'''
All info about each EC2 instance
'''
def module_ec2_describe_instances():
describe_instances()
def module_ec2_write_instances_to_file():
'''
show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2
For each region write the instanceIDs to a file by region ex (AWSKEYID-region.txt)
'''
write_instances_to_file()
def module_ec2_get_instance_volume_details():
'''
Show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2
'''
get_instance_volume_details()
'''
show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
'''
def module_ec2_get_instance_volume_details2():
'''
Show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
'''
get_instance_volume_details2()
def module_ec2_review_encrypted_volumes():
'''
This function is used to list EBS volumes and whether or not they are encrypted. This is only for "in-use" (running) volumes.
'''
def module_ec2_review_encrypted_volumes():
review_encrypted_volumes()
def module_ec2_describe_addresses():
'''
This function is used to describe ec2 network addresses.
'''
def module_ec2_describe_addresses():
describe_addresses()
def module_ec2_describe_network_interfaces():
'''
This function is used to describe ec2 network interfaces.
'''
def module_ec2_describe_network_interfaces():
describe_network_interfaces()
'''
this function describes route tables for each ec2 instance
'''
def module_ec2_describe_route_tables():
'''
This function describes route tables for each ec2 instance
'''
describe_route_tables()
def module_ec2_get_console_screenshot(*text):
'''
This function gets a screenshot for the specified InstanceID and region
python3 weirdAAL.py -m ec2_get_console_screenshot -a i-0321f4EXAMPLE us-east-1 -t yolo
'''
get_console_screenshot(text[0][0], text[0][1])
def module_ec2_get_console_output(*text):
'''
This function gets the console output for the specified InstanceID and region
python3 weirdAAL.py -m ec2_get_console_output -a i-0321f4EXAMPLE us-east-1 -t yolo
'''
get_console_output(text[0][0], text[0][1])
def module_ec2_get_console_screenshot_all():
'''
This function will attempt to screenshot all EC2 instances (loops through all regions)
'''
get_console_screenshot_all()
def module_ec2_get_console_output_all():
'''
This function will attempt to get the console output all EC2 instances (loops through all regions)
'''
get_console_output_all()
def module_ec2_get_console_screenshot_all_region(*text):
'''
This function gets a screenshot for all EC2 instances in the specified region
python3 weirdAAL.py -m ec2_get_console_screenshot_all_region -a us-west-2 -t yolo
'''
get_console_screenshot_all_region(text[0][0])
def module_ec2_get_console_output_all_region(*text):
'''
This function gets the console output for all EC2 instances in the specified region
python3 weirdAAL.py -m ec2_get_console_output_all_region -a us-west-2 -t yolo
'''
get_console_output_all_region(text[0][0])
def module_ec2_get_console_screenshot_all_region_list(*text):
'''
This function gets a screenshot for all EC2 instances in the specified list & region
useful if for some reason one instance-id wont screenshot, pass it a list of instance-ids for a region
-See module_ec2_write_instances_to_file to create the list
python3 weirdAAL.py -m ec2_get_console_screenshot_all_region_list -a 'ASIAJEXAMPLEKEY-us-west-2.txt','us-west-2' -t yolo
'''
get_console_screenshot_all_region_list(text[0][0], text[0][1])
def module_ec2_get_console_output_all_region_list(*text):
'''
This function gets the console output for all EC2 instances in the specified list & region
useful if for some reason one instance-id wont screenshot, pass it a list of instance-ids for a region
-See module_ec2_write_instances_to_file to create the list
python3 weirdAAL.py -m ec2_get_console_output_all_region_list -a 'ASIAJEXAMPLEKEY-us-west-2.txt','us-west-2' -t yolo
'''
get_console_output_all_region_list(text[0][0], text[0][1])