| 1 | + | import argparse |
| 2 | + | |
| 3 | + | def main(): |
| 4 | + | """Main function""" |
| 5 | + | parser = argparse.ArgumentParser(description='Attack modules of cloud AWS') |
| 6 | + | parser.add_argument('-ce', '--cognito_endpoint', help='to verify if cognito endpoint is vulnerable ' |
| 7 | + | 'and to extract credentials') |
| 8 | + | parser.add_argument('-sso', '--sso_url', help='AWS SSO URL to phish for AWS credentials') |
| 9 | + | parser.add_argument('-enum-roles', '--enumerate_roles', help='To enumerate account roles in victim AWS roles') |
| 10 | + | parser.add_argument('-s3', '--s3_bucket_name', help='Execute 7 attacks on S3 bucket') |
| 11 | + | parser.add_argument('-asum_role', '--assume_role', help='Privilege escalation for assuming roles') |
| 12 | + | parser.add_argument('-conn_string', '--connection_string', help='Azure Shared Access key for reading' |
| 13 | + | 'servicebus/queues/blobs etc') |
| 14 | + | parser.add_argument('-blob', '--blob', help='Azure blob enumeration') |
| 15 | + | parser.add_argument() |
| 16 | + | args = parser.parse_args() |
| 17 | + | if args.cognito_endpoint: |
| 18 | + | from clouds.aws.cognito import Cognito |
| 19 | + | attack_cognito = Cognito() |
| 20 | + | attack_cognito.attack() |
| 21 | + | elif args.sso_url: |
| 22 | + | from clouds.aws.sso import AWSSSO |
| 23 | + | attack_sso = AWSSSO() |
| 24 | + | attack_sso.attack() |
| 25 | + | elif args.enumerate_roles: |
| 26 | + | from clouds.aws.enum import EnumRoles |
| 27 | + | attack_roles = EnumRoles() |
| 28 | + | attack_roles.attack() |
| 29 | + | elif args.s3_bucket_name: |
| 30 | + | from clouds.aws.s3 import S3 |
| 31 | + | attack_s3 = S3() |
| 32 | + | attack_s3.attack() |
| 33 | + | elif args.assume_role: |
| 34 | + | from clouds.aws.assume import AsumRole |
| 35 | + | attack_roles = AsumRole() |
| 36 | + | attack_roles.attack() |
| 37 | + | elif args.shared_access_key: |
| 38 | + | from clouds.azure.keys import ConnectionString |
| 39 | + | attack_keys = ConnectionString() |
| 40 | + | attack_keys.attack() |
| 41 | + | elif args.blob: |
| 42 | + | from clouds.azure.blob import Blob |
| 43 | + | attack_blob = Blob() |
| 44 | + | attack_blob.attack() |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | if __name__ == '__main__': |
| 49 | + | main() |