90 lines
3.0 KiB
Python
90 lines
3.0 KiB
Python
'''
|
|
This module handles the core GCP recon functionality by asking all the services
|
|
that have functions that done have arguments if we can access them :-)
|
|
'''
|
|
|
|
|
|
|
|
from libs.gcp.gcp_iam import *
|
|
from libs.gcp.gcp_storage import *
|
|
from libs.gcp.gcp_bigquery import *
|
|
|
|
credentials = service_account.Credentials.from_service_account_file(
|
|
filename=os.environ['GOOGLE_APPLICATION_CREDENTIALS'],
|
|
scopes=['https://www.googleapis.com/auth/cloud-platform'])
|
|
|
|
service = googleapiclient.discovery.build(
|
|
'iam', 'v1', credentials=credentials)
|
|
|
|
def module_gcp_recon_all():
|
|
'''
|
|
Main gcp_recon_all module - attempt to connect to each of the services to see if we have some privs
|
|
python3 weirdAAL.py -m gcp_recon_all -t demo
|
|
'''
|
|
try:
|
|
print("GCP IAM List Keys check")
|
|
# print(credentials)
|
|
gcp_iam_list_keys(credentials.service_account_email, service)
|
|
except HttpError as e:
|
|
# print(e)
|
|
if e.resp.status in [403, 500, 503]:
|
|
print("\tGCP IAM access denied for {}\n".format(credentials.service_account_email))
|
|
else:
|
|
print('{}\n'.format(e))
|
|
except google.auth.exceptions.RefreshError as f:
|
|
print(f)
|
|
print("Service key is invalid exiting")
|
|
sys.exit()
|
|
|
|
try:
|
|
print("GCP IAM list service accounts for the current project: {}.".format(credentials.project_id))
|
|
# print(credentials)
|
|
gcp_iam_list_service_accounts(credentials.project_id, service)
|
|
except HttpError as e:
|
|
# print(e)
|
|
if e.resp.status in [403, 500, 503]:
|
|
print("\tIAM access denied for {}\n".format(credentials.service_account_email))
|
|
else:
|
|
print('{}\n'.format(e))
|
|
except google.auth.exceptions.RefreshError as f:
|
|
print(f)
|
|
print("Service key is invalid exiting")
|
|
sys.exit()
|
|
|
|
'''
|
|
Storage bucket access checks
|
|
'''
|
|
try:
|
|
print("GCP Storage check")
|
|
buckets = gcp_storage_list_buckets(credentials)
|
|
if buckets:
|
|
print("\nAttempting to list bucket contents:")
|
|
for a in buckets:
|
|
print('Bucket: {}'.format(a))
|
|
gcp_storage_list_blobs(credentials, a)
|
|
except googleapiclient.errors.HttpError as e:
|
|
print('{}\n'.format(e))
|
|
except exceptions.Forbidden as e:
|
|
print("\t Forbidden")
|
|
print('{}\n'.format(e))
|
|
except exceptions.PermissionDenied as e:
|
|
print("\t PermissionDenied")
|
|
except google.auth.exceptions.RefreshError as f:
|
|
print(f)
|
|
|
|
'''
|
|
BigQuery access checks
|
|
'''
|
|
try:
|
|
print("GCP BigQuery check")
|
|
gcp_bigquery_list_datasets(credentials.project_id, credentials)
|
|
except googleapiclient.errors.HttpError as e:
|
|
print('{}\n'.format(e))
|
|
except exceptions.Forbidden as e:
|
|
print("\t Forbidden")
|
|
print('{}\n'.format(e))
|
|
except exceptions.PermissionDenied as e:
|
|
print("\t PermissionDenied")
|
|
except google.auth.exceptions.RefreshError as f:
|
|
print(f)
|