-
Notifications
You must be signed in to change notification settings - Fork 0
/
enumAWS.py
74 lines (60 loc) · 2.44 KB
/
enumAWS.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
#!/usr/bin/env python3
# Script to enumerate EC2 and S3
# Import needed libraries
import boto3
import json
# Add directories to store files
from pathlib import Path
Path("./00-EC2enum").mkdir(parents=True, exist_ok=True)
Path("./01-S3enum").mkdir(parents=True, exist_ok=True)
# Set up creds
session = boto3.session.Session(profile_name='USER', region_name='REGION')
client = session.client('ec2')
# Create a list to store enumerated instances
instances = []
# Make initial API call w MaxResults=1000 (max available) to reduce number of calls
response = client.describe_instances(MaxResults=1000)
# Top level of results is "Reservations" - iterate through those
# Check if any instances are present
for reservation in response['Reservations']:
if reservation.get('Instances'):
# Merge into list
instances.extend(reservation['Instances'])
# Check response['NextToken'] for a value to determine if all results have been returned
while response.get('NextToken'):
# Run API call again
response.client.describe_instances(MaxResults=1000, NextToken=response['NextToken'])
# Iterate reservations and add to instances
for reservation in response['Reservations']:
if reservation.get('Instances'):
instance.extend(reservation['Instances'])
# Save to file in current directory
with open('./00-EC2enum/ec2-instances.json', 'w+') as f:
# Use json library to dump
json.dump(instances, f, indent=4, default=str)
# S3 poriton
client = session.client('s3')
response = client.list_buckets()
bucket_names = []
bucket_objects = {}
# Iterate through response and pull bucket names
for bucket in response['Buckets']:
bucket_names.append(bucket['Name'])
# Loop through buckets
for bucket in bucket_names:
# First API call
response = client.list_objects_v2(Bucket=bucket, MaxKeys=1000)
# Check for objects returned
if response.get('Contents'):
bucket_objects[bucket] = response['Contents']
else:
bucket_objects[bucket] = []
continue
# Check if done, loop until done
while response['IsTruncated']:
response = client.list_objects_v2(Bucket=bucket, MaxKeys=1000, ContinuationTOken=response['NextContinuationToken'])
bucket_objects[bucket].extend(response['Contents'])
for bucket in bucket_names:
with open('./01-S3enum/{}.txt' .format(bucket), 'w+') as f:
for bucket_object in bucket_objects[bucket]:
f.write('{} ({} bytes)\n'.format(bucket_object['Key'], bucket_object['Size']))