db updates and an iam function

libs/brute.py

@@ -126,7 +126,7 @@ def generic_permission_bruteforcer(service, tests):
 
         db_logger = []
         for action in actions:
-            db_logger.append([service, action, AWS_ACCESS_KEY_ID, datetime.datetime.now()])
+            db_logger.append([service, action, AWS_ACCESS_KEY_ID, target, datetime.datetime.now()])
         # print (db_logger)
 
         # scrapped the json logging idea but keeping it here just in case
@@ -164,7 +164,7 @@ def generic_permission_bruteforcer_region(service, tests, region_passed):
 
         db_logger = []
         for action in actions:
-            db_logger.append([service, action, AWS_ACCESS_KEY_ID, datetime.datetime.now()])
+            db_logger.append([service, action, AWS_ACCESS_KEY_ID, target, datetime.datetime.now()])
         # print (db_logger)
 
         # scrapped the json logging idea but keeping it here just in case

libs/ec2.py

@@ -90,7 +90,7 @@ def describe_instances():
                 print("[+] Listing instances for region: {} [+]" .format(region))
                 db_logger = []
                 for r in response['Reservations']:
-                    db_logger.append(['ec2', 'DescribeInstances', str(r), AWS_ACCESS_KEY_ID, datetime.datetime.now()])
+                    db_logger.append(['ec2', 'DescribeInstances', str(r), AWS_ACCESS_KEY_ID, target, datetime.datetime.now()])
                     for i in r['Instances']:
                         pp.pprint(i)
                 # logging to db here
@@ -132,7 +132,7 @@ def describe_instances_basic():
                 db_logger = []
                 for r in response['Reservations']:
                     # logging the full blob
-                    db_logger.append(['ec2', 'DescribeInstances', str(r), AWS_ACCESS_KEY_ID, datetime.datetime.now()])
+                    db_logger.append(['ec2', 'DescribeInstances', str(r), AWS_ACCESS_KEY_ID, target, datetime.datetime.now()])
                     for i in r['Instances']:
                         launchtime = i['LaunchTime']
                         instanceid = i['InstanceId']

libs/iam.py

@@ -129,6 +129,21 @@ def get_password_policy():
     except KeyboardInterrupt:
         print("CTRL-C received, exiting...")
 
+def get_account_authorization_details():
+    '''
+    Get the account authoirzation details
+    '''
+    client = boto3.client('iam', region_name=region)
+
+    try:
+        deets = client.get_account_authorization_details()
+        print("Account Authorization Details:")
+        pp.pprint(deets['UserDetailList'])
+    except botocore.exceptions.ClientError as e:
+        print("Unexpected error: {}" .format(e))
+    except KeyboardInterrupt:
+        print("CTRL-C received, exiting...")
+
 
 def iam_create_user(username):
     '''

libs/sql.py

@@ -40,6 +40,7 @@ def create_recon_table(db_name, table_name):
              service text,
              sub_service text,
              AWSKeyID text,
+             target text,
              checked_at timestamp,
              PRIMARY KEY (ID))"""
              #FOREIGN KEY (AWSKeyID) references AWSKey(ID))"""
@@ -53,8 +54,9 @@ def create_awskey_table(db_name, table_name):
     '''
     sql = """CREATE TABLE AWSKey
              (ID integer,
-             AWSKeyID Text,
-             Description text,
+             AWSKeyID text,
+             description text,
+             target text,
              PRIMARY KEY(ID))"""
     create_table(db_name,table_name,sql)
     print ("created table: {}".format(table_name))
@@ -71,6 +73,7 @@ def create_services_table(db_name, table_name):
              sub_service text,
              sub_service_data text,
              checked_at timestamp,
+             target text,
              PRIMARY KEY(ID))"""
     create_table(db_name,table_name,sql)
     print ("created table: {}".format(table_name))
@@ -80,7 +83,7 @@ def insert_awskey_data(db_name, records):
     '''
     Insert AWS Key and a description to the AWSKey table (unused)
     '''
-    sql = """INSERT INTO AWSKey(AWSKeyID, Description) VALUES (?,?)"""
+    sql = """INSERT INTO AWSKey(AWSKeyID, description, target) VALUES (?,?,?)"""
     for record in records:
         query(db_name, sql,record)
 
@@ -89,7 +92,7 @@ def insert_reconservice_data(db_name, records):
     '''
     Insert data into the recon table
     '''
-    sql = """INSERT INTO recon(service, sub_service, AWSKeyID, checked_at) VALUES (?,?,?,?)"""
+    sql = """INSERT INTO recon(service, sub_service, AWSKeyID, target, checked_at) VALUES (?,?,?,?,?)"""
     for record in records:
         query(db_name,sql,record)
 
@@ -98,7 +101,7 @@ def insert_sub_service_data(db_name, records):
     '''
     Insert service, sub_service & sub_service data into the DB
     '''
-    sql = """INSERT INTO services(service, sub_service, sub_service_data, AWSKeyID, checked_at) VALUES (?,?,?,?,?)"""
+    sql = """INSERT INTO services(service, sub_service, sub_service_data, AWSKeyID, target, checked_at) VALUES (?,?,?,?,?,?)"""
     for record in records:
         query(db_name,sql,record)
 
@@ -109,7 +112,7 @@ def search_recon_by_key(db_name,AWSKeyID):
     '''
     with sqlite3.connect(db_name) as db:
         cursor = db.cursor()
-        cursor.execute("""SELECT DISTINCT service,sub_service,checked_at FROM recon WHERE AWSKeyID=? ORDER BY datetime(checked_at)""",(AWSKeyID,))
+        cursor.execute("""SELECT DISTINCT service, sub_service, checked_at FROM recon WHERE AWSKeyID=? ORDER BY datetime(checked_at)""",(AWSKeyID,))
         results = cursor.fetchall()
         return results