dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

remove s3 folder

Browse Source
This commit is contained in:
carnal0wnage
2017-06-27 22:11:01 -04:00
parent a7b29c6e10
commit e643f85abb
2 changed files with 0 additions and 155 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
s3/__init__.py
View File

@@ -1 +0,0 @@

154
s3/s3.py
View File

@@ -1,154 +0,0 @@
'''
S3 Library
'''
import boto3
import botocore
import pprint
pp = pprint.PrettyPrinter(indent=5, width=80)
def get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket):
client = boto3.client(
's3',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name='us-east-1'
)
try:
bucket = bucket
print('\n#### Trying to enumate s3 buckets and bucket policy & ACL for {} ####' .format(bucket))
try:
for key in client.list_objects(Bucket=bucket,MaxKeys=100)['Contents']:
print('[+] '+ key['Key'].encode('utf-8').strip())
#print(key['Key']) #first 100 results
except KeyError as e:
print "KeyError havent tracked down reason yet"
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'AccessDenied':
print('{} : cant list s3 bucket [AccessDenied]' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'NoSuchBucketPolicy':
print('%s: Has No S3 Policy!' % bucket['Name'])
elif e.response['Error']['Code'] == 'AllAccessDisabled':
print('{} : cant list s3 bucket [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
else:
print "Unexpected error: {}" .format(e)
try:
policy = client.get_bucket_policy(Bucket=bucket)
if policy:
print(bucket + " Policy: ")
pp.pprint(policy['Policy'])
print("\n")
else:
pass
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'AccessDenied':
print('{} : cant list s3 bucket policy [AccessDenied]' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'NoSuchBucketPolicy':
print('{}: Has No S3 Policy!' .format(bucket))
print("\n")
elif e.response['Error']['Code'] == 'AllAccessDisabled':
print('{} : cant list s3 bucket policy [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
else:
print "Unexpected error: {}" .format(e)
try:
acl = client.get_bucket_acl(Bucket=bucket)
if acl:
print(bucket + " Grants: ")
pp.pprint(acl['Grants'])
print("\n")
else:
pass
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'AccessDenied':
print('{} : cant list s3 bucket acl [AccessDenied]' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'NoSuchBucketPolicy':
print('{}: Has No S3 Policy!' .format(bucket))
print("\n")
elif e.response['Error']['Code'] == 'AllAccessDisabled':
print('{} : cant list s3 bucket acl [AllAccessDisabled]' .format(AWS_ACCESS_KEY_ID))
else:
print "Unexpected error: {}" .format(e)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
else:
print "Unexpected error: {}" .format(e)
#specifically get the acl on a file in a buckeet
def get_s3object_acl(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, bucket, myfile):
client = boto3.client(
's3',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name='us-east-1'
)
try:
bucket = bucket
myobject = myfile
print('#### Trying to enumate s3 ACL for {}:{} ####\n '.format(bucket, myfile))
acl = client.get_object_acl(Bucket=bucket,Key=myfile)
print acl
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
else:
print "Unexpected error: {}" .format(e)
#given an aws keypair what s3 assets does it have permission to
def get_s3objects_for_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
client = boto3.resource(
's3',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name='us-east-1'
)
try:
print('#### Trying to list s3 bucketsfor {} ####\n '.format(AWS_ACCESS_KEY_ID))
for bucket in client.buckets.all():
print(bucket.name)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'AccessDenied':
print('{} : cant list s3 bucket policy [AccessDenied]' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
else:
print "Unexpected error: {}" .format(e)
def get_s3objects_for_account_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY):
client = boto3.resource(
's3',
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
region_name='us-east-1'
)
try:
print('#### Trying to list s3 bucketsfor {} ####\n '.format(AWS_ACCESS_KEY_ID))
for bucket in client.buckets.all():
print(bucket.name)
get_s3bucket_policy(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY,bucket.name)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'InvalidClientTokenId':
sys.exit("The AWS KEY IS INVALID. Exiting")
elif e.response['Error']['Code'] == 'NotSignedUp':
print('{} : doesnt have s3 access' .format(AWS_ACCESS_KEY_ID))
else:
print "Unexpected error: {}" .format(e)