From 837145bb6a78532c43f0a6eb1b33cb475d943a8a Mon Sep 17 00:00:00 2001 From: ryan-sheldrake-lw <88725917+ryan-sheldrake-lw@users.noreply.github.com> Date: Mon, 2 Oct 2023 13:58:54 +0100 Subject: [PATCH] Update lw_aws_exploit.sh with profile Added --profile $PROFILE to CLI calls where it was omitted to run against the same AWS account --- util/scripts/lw_aws_exploit.sh | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/util/scripts/lw_aws_exploit.sh b/util/scripts/lw_aws_exploit.sh index c520332..ead7a58 100755 --- a/util/scripts/lw_aws_exploit.sh +++ b/util/scripts/lw_aws_exploit.sh @@ -19,11 +19,11 @@ PROFILE=lacework # Create a new IAM user echo "${grn}Creating a new IAM user called ${mag}$USERNAME${end}" echo "" -aws iam create-user --user-name $USERNAME | jq -aws iam create-access-key --user-name $USERNAME > creds.json +aws iam create-user --user-name $USERNAME --profile $PROFILE | jq +aws iam create-access-key --user-name $USERNAME --profile $PROFILE > creds.json echo "" echo "${grn}Granting PowerUser access to ${mag}$USERNAME${end}" -aws iam attach-user-policy --user-name $USERNAME --policy-arn arn:aws:iam::aws:policy/PowerUserAccess +aws iam attach-user-policy --user-name $USERNAME --profile $PROFILE --policy-arn arn:aws:iam::aws:policy/PowerUserAccess export KEY=$(cat creds.json | jq -r .AccessKey.AccessKeyId) export SECRET=$(cat creds.json | jq -r .AccessKey.SecretAccessKey) @@ -39,9 +39,10 @@ bucket=${bucket#/} aws s3api put-public-access-block \ --bucket $bucket \ - --public-access-block-configuration "BlockPublicAcls=false,IgnorePublicAcls=false,BlockPublicPolicy=false,RestrictPublicBuckets=false" + --public-access-block-configuration "BlockPublicAcls=false,IgnorePublicAcls=false,BlockPublicPolicy=false,RestrictPublicBuckets=false" \ + --profile $PROFILE -aws s3api put-bucket-acl --bucket $bucket --acl public-read +aws s3api put-bucket-acl --bucket $bucket --acl public-read --profile $PROFILE curl -H "Accept: application/json" https://icanhazdadjoke.com/ > badfile.json echo "" @@ -58,9 +59,9 @@ aws s3api delete-bucket --bucket $bucket --profile $PROFILE # Exit back out to our regular context echo "${grn}Cleaning up..." -aws iam detach-user-policy --user-name $USERNAME --policy-arn arn:aws:iam::aws:policy/PowerUserAccess -aws iam delete-access-key --access-key-id $KEY --user-name $USERNAME -aws iam delete-user --user-name $USERNAME +aws iam detach-user-policy --user-name $USERNAME --profile $PROFILE --policy-arn arn:aws:iam::aws:policy/PowerUserAccess +aws iam delete-access-key --access-key-id $KEY --user-name $USERNAME --profile $PROFILE +aws iam delete-user --user-name $USERNAME --profile $PROFILE rm creds.json echo ""