Enhanced a bit get-session-creds script and added kerbrute to prepare-linux

2025-09-02 10:08:34 +02:00 · 2019-05-16 10:37:11 +02:00
parent 6783a76594
commit 4f189a6fc7
2 changed files with 30 additions and 3 deletions
--- a/clouds/aws/get-session-creds-in-config-format.sh
+++ b/clouds/aws/get-session-creds-in-config-format.sh
@ -11,15 +11,33 @@
 # Configure below variables.
 #
 PROFILE_NAME=your-profile-name
-SERIAL_MFA=arn:aws:iam::<NUMBER>:mfa/<USER-NAME>
 ROLE_NAME=Your_Role_Name
 ROLE_ARN=arn:aws:iam::<NUMBER>:role/$ROLE_NAME
+
+# If you leave this field empty - one will be deduced from `aws sts get-caller-identity` output
+#SERIAL_MFA=arn:aws:iam::<NUMBER>:mfa/<USER-NAME>
+SERIAL_MFA=
+
+# Values possible range: 900-43200
 DURATION=42000

 #
 # ------------------------
 #

+# Some times assume-role may return with an Access-Denied if there were no account authenticated
+# regular commands sent first.
+out=$(aws sts get-caller-identity)
+if [ $? -ne 0 ]; then
+	echo "[!] Could not get caller's identity: "
+	echo $out
+	exit 1
+fi
+
+if [[ "$SERIAL_MFA" = "" ]]; then
+	SERIAL_MFA=$(echo "$out" | python -c "import sys,json; foo=json.loads(sys.stdin.read()); print('arn:aws:iam::{}:mfa/{}'.format(foo['Account'], foo['Arn'].split('/')[1]))" )
+fi
+
 read -p "Type your AWS MFA Code: " code
 echo

@ -30,5 +48,7 @@ if [ $? -eq 0 ]; then
 	echo "$out" | python3 -c 'import sys,json; foo=json.loads(sys.stdin.read()); print("aws_access_key_id={}\naws_secret_access_key={}\naws_session_token={}".format(foo["Credentials"]["AccessKeyId"],foo["Credentials"]["SecretAccessKey"],foo["Credentials"]["SessionToken"]))'
 	echo
 else
+	echo "[!] Could not obtain assume-role session credentials:"
 	echo $out
-fi
+	exit 1
+fi