Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

follow on action suggester module(s) #16

Open
carnal0wnage opened this issue Apr 5, 2018 · 3 comments
Open

follow on action suggester module(s) #16

carnal0wnage opened this issue Apr 5, 2018 · 3 comments
Assignees
@carnal0wnage

Comments

@carnal0wnage
Copy link
Owner

carnal0wnage commented Apr 5, 2018
edited
Loading

from lunch...

we will log the results of the recon module to the DB. we need some functions/modules that will check what services and sub-services the key has access to and either suggest or execute follow on activity. once the data is in the DB, this should be relatively easy to do

possible flow...

weirdaal.py --recon
--populates awskey, service, sub_service

weirdaal.py --show_services
EC2, DescribeInstances
EC2, DescribeVolumes

EMR, DescribeRepositories
...
weirdaal.py --suggest

EC2, DescribeInstances, list instances module / action
...
EMR, DescribeRepositories, list repositories module / action
@carnal0wnage carnal0wnage self-assigned this Apr 16, 2018
@carnal0wnage
Copy link
Owner Author

just thinking in text on this...the DB is there and works. looks like this:

Services enumerated for SNIPSNIPSNIP
autoscaling:DescribeAccountLimits
autoscaling:DescribeAdjustmentTypes
autoscaling:DescribeAutoScalingInstances
autoscaling:DescribeAutoScalingGroups
autoscaling:DescribeLaunchConfigurations
autoscaling:DescribeScheduledActions
autoscaling:DescribeTags
autoscaling:DescribeTerminationPolicyTypes
autoscaling:DescribePolicies
cloudwatch:ListMetrics
cloudwatch:DescribeAlarmHistory
cloudwatch:DescribeAlarms
datapipeline:ListPipelines
dynamodb:ListTables
dynamodb:DescribeLimits
dynamodb:ListBackups
dynamodb:ListGlobalTables
dynamodbstreams:ListStreams
ec2:DescribeInstances
ec2:DescribeInstanceStatus
ec2:DescribeImages
ec2:CreateImage

@carnal0wnage
Copy link
Owner Author

I'm reserving the right to make a design change to go from ec2:CreateImage to ec2:create_image to facilitate grabbing that column and automagically doing stuff

@carnal0wnage
Copy link
Owner Author

adding this as lots of checks are here and may be useful later
https://www.cloudconformity.com/conformity-rules/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carnal0wnage carnal0wnage

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@carnal0wnage