dash/weirdAAL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: dash:dcc62019bcac37c06f111ff4e2b655b4fd2ebf4f
Branches Tags
dash:master dash:gcp_testing dash:change_credential_check
..
compare: dash:c8c58d6b63fce1e9288a7da0bede447acc62464b
Branches Tags
dash:master dash:gcp_testing dash:change_credential_check

6 Commits
dcc62019bc ... c8c58d6b63

Author SHA1 Message Date
c0decave
c8c58d6b63 simple change, for correct interpreter and additional cred check, as lambda aws excepts otherwise 2019-12-12 16:20:27 +01:00
carnal0wnage
d9d25fa442 module to list ec2 public ips 2019-05-30 13:44:05 -04:00
carnal0wnage
1a712a8299 update a module to say Elastic as it doesnt the ec2 public ip, but the elastic ip 2019-05-30 10:10:43 -04:00
Ken Johnson
2ea16cc882 Merge pull request #67 from arikalfus/patch-1 
Let users choose AWS_SHARED_CREDENTIALS_FILE
 2019-02-08 11:54:58 -05:00
Ari Kalfus
a60b7a8676 Let users choose AWS_SHARED_CREDENTIALS_FILE 
Use the .env in the repo by default, or use a separate file, by the user's choice.
 2019-02-08 11:16:37 -05:00
carnal0wnage
8dec167c7a add userdata check for ec2 2018-11-29 19:46:36 -05:00
3 changed files with 132 additions and 9 deletions
Expand all files Collapse all files

101
libs/aws/ec2.py
View File

@@ -143,8 +143,8 @@ def describe_instances_basic():
print('{} : (AuthFailure) when calling the DescribeInstances in ({}) -- key is invalid or no permissions.' .format(AWS_ACCESS_KEY_ID, region))
continue
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : (OptInRequired) Has permissions but isnt signed up for service in ({})- ' .format(AWS_ACCESS_KEY_ID, region))
continue
print('{} : (OptInRequired) Has permissions but isnt signed up for service in ({})- ' .format(AWS_ACCESS_KEY_ID, region))
continue
else:
print(e)
continue
@@ -354,6 +354,56 @@ def get_instance_volume_details():
print("CTRL-C received, exiting...")
def get_instance_userdata():
'''
show volumes sorted by instanceId ex: instanceID-->multiple volumes less detail than get_instance_volume_details2
'''
try:
for region in regions:
try:
client = boto3.client('ec2', region_name=region)
instances = client.describe_instances()
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances in ({}) -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID, region))
continue
elif e.response['Error']['Code'] == 'AuthFailure':
print('{} : (AuthFailure) when calling the DescribeInstances in ({}) -- key is invalid or no permissions.' .format(AWS_ACCESS_KEY_ID, region))
continue
elif e.response['Error']['Code'] == 'OptInRequired':
print('{} : (OptInRequired) Has permissions but isnt signed up for service in ({})- ' .format(AWS_ACCESS_KEY_ID, region))
continue
else:
print(e)
continue
if len(instances['Reservations']) <= 0:
print("[-] List instances allowed for {} but no results [-]" .format(region))
else:
for r in instances['Reservations']:
for i in r['Instances']:
try:
userData = client.describe_instance_attribute(InstanceId=i['InstanceId'], Attribute='userData')
print("Instance ID: {} \n" .format(i['InstanceId']))
if len(userData['UserData']['Value']) >= 0:
print("Decoded Userdata values:")
pp.pprint(base64.b64decode(userData['UserData']['Value']).decode("utf-8"))
print("\n")
else:
print("no Userdata for: {}\n".format(i['InstanceId']))
except KeyError:
next
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeVolumes -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def get_instance_volume_details2():
'''
show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
@@ -388,9 +438,9 @@ def get_instance_volume_details2():
print("CTRL-C received, exiting...")
def describe_addresses():
def describe_elastic_addresses():
'''
Describe EC2 addresses (loop through all regions)
Describe EC2 elastic addresses (loop through all regions)
'''
try:
for region in regions:
@@ -422,6 +472,45 @@ def describe_addresses():
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_publicips():
'''
Describe EC2 Public IPs (loop through all regions)
'''
try:
for region in regions:
try:
client = boto3.client('ec2', region_name=region)
response = client.describe_network_interfaces()
# print(response)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling describe_network_interfaces -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
if response.get('NetworkInterfaces') is None:
print("{} likely does not have EC2 permissions\n" .format(AWS_ACCESS_KEY_ID))
elif len(response['NetworkInterfaces']) <= 0:
print("[-] DescribeNetworkInterfaces allowed for {} but no results [-]" .format(region))
else:
# print(response)
print("[+] Listing Public IPs for region: {} [+]" .format(region))
for r in response['NetworkInterfaces']:
if 'Association' in r:
pp.pprint(r['Association']['PublicIp'])
else:
#pp.pprint(r)
next
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the describe_network_interfaces-- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:
print(e)
except KeyboardInterrupt:
print("CTRL-C received, exiting...")
def describe_network_interfaces():
'''
@@ -435,7 +524,7 @@ def describe_network_interfaces():
# print(response)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling get_console_screenshot -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
print('{} : (UnauthorizedOperation) when calling describe_network_interfaces -- sure you have required ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
sys.exit()
else:
print(e)
@@ -450,7 +539,7 @@ def describe_network_interfaces():
pp.pprint(r)
except botocore.exceptions.ClientError as e:
if e.response['Error']['Code'] == 'UnauthorizedOperation':
print('{} : (UnauthorizedOperation) when calling the DescribeInstances-- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
print('{} : (UnauthorizedOperation) when calling the describe_network_interfaces -- sure you have ec2 permissions?' .format(AWS_ACCESS_KEY_ID))
elif e.response['Error']['Code'] == 'SubscriptionRequiredException':
print('{} : Has permissions but isnt signed up for service - usually means you have a root account' .format(AWS_ACCESS_KEY_ID))
else:

18
modules/aws/ec2.py
View File

@@ -40,6 +40,14 @@ def module_ec2_get_instance_volume_details():
get_instance_volume_details()
def module_ec2_get_instance_userdata():
'''
Show userData sorted by instanceId
python3 weirdAAL.py -m ec2_get_instance_userdata -t demo
'''
get_instance_userdata()
def module_ec2_get_instance_volume_details2():
'''
Show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
@@ -56,12 +64,12 @@ def module_ec2_review_encrypted_volumes():
review_encrypted_volumes()
def module_ec2_describe_addresses():
def module_ec2_describe_elastic_addresses():
'''
This function is used to describe ec2 network addresses.
python3 weirdAAL.py -m ec2_describe_addresses -t demo
'''
describe_addresses()
describe_elastic_addresses()
def module_ec2_describe_network_interfaces():
@@ -71,6 +79,12 @@ def module_ec2_describe_network_interfaces():
'''
describe_network_interfaces()
def module_ec2_describe_publicips():
'''
This function is used to describe ec2 network interfaces.
python3 weirdAAL.py -m ec2_describe_publicips -t demo
'''
describe_publicips()
def module_ec2_describe_route_tables():
'''

22
weirdAAL.py
View File

@@ -1,3 +1,5 @@
#!/usr/bin/env python3
# This file will help to serve as a starting point for using the rest of the tools
# Things we want to figure out
# 1) Is your key active?
@@ -9,6 +11,7 @@
import boto3
import argparse
import os
import sys
from botocore.exceptions import ClientError
from modules import *
import sys
@@ -17,7 +20,24 @@ import re
from tabulate import tabulate
import textwrap
os.environ['AWS_SHARED_CREDENTIALS_FILE'] = '.env'
# Let a user set .aws/credentials or another file as the credentials source
# If user-defined, must be an absolute path
AWS_SHARED_CREDS_PATH='.env'
if 'AWS_SHARED_CREDENTIALS_FILE' not in os.environ and os.path.exists(AWS_SHARED_CREDS_PATH):
os.environ['AWS_SHARED_CREDENTIALS_FILE'] = AWS_SHARED_CREDS_PATH
else:
print('No Key Information available. Place creds in .env file or export variables.')
print('Shared Creds Example File:')
print('[default]\n\
aws_access_key_id = YOUR_AWS_ACCESS_KEY_ID\n\
aws_secret_access_key = YOUR_AWS_SECRET_ACCESS_KEY')
print()
print('Or to export them in running shell:')
print('export AWS_ACCESS_KEY_ID=<hereyourkeyid>')
print('export AWS_SECRET_ACCESS_KEY=<hereyoursecretaccesskey>')
print()
sys.exit(1)
# If you want to use a transparent + supports SSL proxy you can put it here
# os.environ['HTTPS_PROXY'] = 'https://127.0.0.1:3128'