dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix broken stuff when checking with python3

Browse Source
This commit is contained in:
carnal0wnage
2018-04-05 15:59:17 -04:00
parent 518c266059
commit e398484508
4 changed files with 22 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
libs/brute.py
View File

@@ -1,3 +1,5 @@
from __future__ import print_function
import boto3 import boto3
import botocore import botocore
import json import json
@@ -54,23 +56,23 @@ def check_root_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
try: try:
profile = client.get_login_profile(UserName=user['UserName']) profile = client.get_login_profile(UserName=user['UserName'])
if profile: if profile:
print('User {} likely has console access and the password can be reset :-)' .format(user['UserName'])) print ('User {} likely has console access and the password can be reset :-)' .format(user['UserName']))
print("Checking for MFA on account") print ("Checking for MFA on account")
mfa = client.list_mfa_devices(UserName=user['UserName']) mfa = client.list_mfa_devices(UserName=user['UserName'])
print mfa['MFADevices'] print (mfa['MFADevices'])
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'NoSuchEntity': if e.response['Error']['Code'] == 'NoSuchEntity':
print("[-]: user '{}' likely doesnt have console access" .format(user['UserName'])) print("[-]: user '{}' likely doesnt have console access" .format(user['UserName']))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID)) sys.exit("{} : The AWS KEY IS INVALID. Exiting" .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'AccessDenied': elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID)) print('{} : Is NOT a root key' .format(AWS_ACCESS_KEY_ID))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
@@ -120,7 +122,7 @@ def generic_method_bruteforcer(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, service
method(*args, **kwargs) method(*args, **kwargs)
#print method --wont return anything on dryrun #print method --wont return anything on dryrun
except botocore.exceptions.EndpointConnectionError as e: except botocore.exceptions.EndpointConnectionError as e:
print e print (e)
continue continue
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
@@ -133,7 +135,7 @@ def generic_method_bruteforcer(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, service
actions.append(api_action) actions.append(api_action)
else: else:
print e print (e)
continue continue
else: else:
print('{} IS allowed' .format(api_action)) print('{} IS allowed' .format(api_action))

18
libs/s3.py
View File

@@ -25,7 +25,7 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
print('[+] '+ key['Key'].encode('utf-8').strip()) print('[+] '+ key['Key'].encode('utf-8').strip())
#print(key['Key']) #first 100 results #print(key['Key']) #first 100 results
except KeyError as e: except KeyError as e:
print "KeyError havent tracked down reason yet" print ("KeyError havent tracked down reason yet")
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'AccessDenied': if e.response['Error']['Code'] == 'AccessDenied':
print('{} : cant list s3 bucket [AccessDenied]' .format(AWS_ACCESS_KEY_ID)) print('{} : cant list s3 bucket [AccessDenied]' .format(AWS_ACCESS_KEY_ID))
@@ -34,7 +34,7 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
elif e.response['Error']['Code'] == 'AllAccessDisabled': elif e.response['Error']['Code'] == 'AllAccessDisabled':
print('{} : cant list s3 bucket [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID)) print('{} : cant list s3 bucket [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
@@ -55,7 +55,7 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
elif e.response['Error']['Code'] == 'AllAccessDisabled': elif e.response['Error']['Code'] == 'AllAccessDisabled':
print('{} : cant list s3 bucket policy [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID)) print('{} : cant list s3 bucket policy [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
try: try:
acl = client.get_bucket_acl(Bucket=bucket) acl = client.get_bucket_acl(Bucket=bucket)
@@ -74,7 +74,7 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
elif e.response['Error']['Code'] == 'AllAccessDisabled': elif e.response['Error']['Code'] == 'AllAccessDisabled':
print('{} : cant list s3 bucket acl [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID)) print('{} : cant list s3 bucket acl [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
@@ -82,7 +82,7 @@ def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
elif e.response['Error']['Code'] == 'NotSignedUp': elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID)) print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
@@ -100,7 +100,7 @@ def get_s3object_acl(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket, myfile):
myobject = myfile myobject = myfile
print('#### Trying to enumate s3 ACL for {}:{} ####\n '.format(bucket, myfile)) print('#### Trying to enumate s3 ACL for {}:{} ####\n '.format(bucket, myfile))
acl = client.get_object_acl(Bucket=bucket,Key=myfile) acl = client.get_object_acl(Bucket=bucket,Key=myfile)
print acl print (acl)
except botocore.exceptions.ClientError as e: except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId': if e.response['Error']['Code'] == 'InvalidClientTokenId':
@@ -108,7 +108,7 @@ def get_s3object_acl(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket, myfile):
elif e.response['Error']['Code'] == 'NotSignedUp': elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID)) print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
@@ -134,7 +134,7 @@ def get_s3objects_for_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
elif e.response['Error']['Code'] == 'NotSignedUp': elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID)) print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")
@@ -159,6 +159,6 @@ def get_s3objects_for_account_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
elif e.response['Error']['Code'] == 'NotSignedUp': elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID)) print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
else: else:
print "Unexpected error: {}" .format(e) print ("Unexpected error: {}" .format(e))
except KeyboardInterrupt: except KeyboardInterrupt:
print("CTRL-C received, exiting...") print("CTRL-C received, exiting...")

4
libs/sql.py
View File

@@ -8,8 +8,8 @@ def create_table(db_name,table_name,sql):
result = cursor.fetchall() result = cursor.fetchall()
keep_table = True keep_table = True
if len(result) == 1: if len(result) == 1:
#python 2 #python 3
response = raw_input("The table {} already exists, do you wish to recreate it? (y/n): ".format(table_name)) response = input("The table {} already exists, do you wish to recreate it? (y/n): ".format(table_name))
if response == "y": if response == "y":
keep_table = False keep_table = False
print("The {} table will be recreated - all existing data will be lost".format(table_name)) print("The {} table will be recreated - all existing data will be lost".format(table_name))

2
recon_find_all_permissions.py
View File

@@ -1,3 +1,5 @@
from __future__ import print_function
from libs.brute import * from libs.brute import *
from libs.s3 import * from libs.s3 import *