神兵利器 - ThunderCloud云漏洞扫描
2023-3-31 10:4:51 Author: 黑白之道(查看原文) 阅读量:33 收藏

python3 tc.py -h
_______ _ _ _____ _ _ |__ __| | | | / ____| | | | | | | |__ _ _ _ __ __| | ___ _ __| | | | ___ _ _ __| | | | | '_ \| | | | '_ \ / _` |/ _ \ '__| | | |/ _ \| | | |/ _` | | | | | | | |_| | | | | (_| | __/ | | |____| | (_) | |_| | (_| | \_/ |_| |_|\__,_|_| |_|\__,_|\___|_| \_____|_|\___/ \__,_|\__,_|

usage: tc.py [-h] [-ce COGNITO_ENDPOINT] [-reg REGION] [-accid AWS_ACCOUNT_ID] [-aws_key AWS_ACCESS_KEY] [-aws_secret AWS_SECRET_KEY] [-bdrole BACKDOOR_ROLE] [-sso SSO_URL] [-enum_roles ENUMERATE_ROLES] [-s3 S3_BUCKET_NAME] [-conn_string CONNECTION_STRING] [-blob BLOB] [-shared_access_key SHARED_ACCESS_KEY]
Attack modules of cloud AWS
optional arguments: -h, --help show this help message and exit -ce COGNITO_ENDPOINT, --cognito_endpoint COGNITO_ENDPOINT to verify if cognito endpoint is vulnerable and to extract credentials -reg REGION, --region REGION AWS region of the resource -accid AWS_ACCOUNT_ID, --aws_account_id AWS_ACCOUNT_ID AWS account of the victim -aws_key AWS_ACCESS_KEY, --aws_access_key AWS_ACCESS_KEY AWS access keys of the victim account -aws_secret AWS_SECRET_KEY, --aws_secret_key AWS_SECRET_KEY AWS secret key of the victim account -bdrole BACKDOOR_ROLE, --backdoor_role BACKDOOR_ROLE Name of the backdoor role in victim role -sso SSO_URL, --sso_url SSO_URL AWS SSO URL to phish for AWS credentials -enum_roles ENUMERATE_ROLES, --enumerate_roles ENUMERATE_ROLES To enumerate and assume account roles in victim AWS roles -s3 S3_BUCKET_NAME, --s3_bucket_name S3_BUCKET_NAME Execute upload attack on S3 bucket -conn_string CONNECTION_STRING, --connection_string CONNECTION_STRING Azure Shared Access key for readingservicebus/queues/blobs etc -blob BLOB, --blob BLOB Azure blob enumeration -shared_access_key SHARED_ACCESS_KEY, --shared_access_key SHARED_ACCESS_KEY Azure shared key

- 获取项目 `git clone https://github.com/Rnalter/ThunderCloud.git && cd ThunderCloud/`    - 安装[virtualenv](https://virtualenv.pypa.io/en/latest/) `pip install virtualenv` - 创建一个Python 3.6本地环境 `virtualenv -p python3.6 venv` - 激活虚拟环境 `source venv/bin/activate` - 安装项目的依赖性 `pip install -r requirements.txt` - 通过`python tc.py --help`运行该工具

使用

python3 tc.py -sso <sso_url> --region <region>python3 tc.py -ce <cognito_endpoint> --region <region>

文章来源:Khan安全攻防实验室

黑白之道发布、转载的文章中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途及盈利等目的,否则后果自行承担!

如侵权请私聊我们删文

END

多一个点在看多一条小鱼干


文章来源: http://mp.weixin.qq.com/s?__biz=MzAxMjE3ODU3MQ==&mid=2650567000&idx=4&sn=e648641841b5effdf43a0868b7efb7b8&chksm=83bd14bcb4ca9daa06d6d1184700fcb4b27c7890e130112bc44449b404ae122a37a8bf59d36c#rd
如有侵权请联系:admin#unsafe.sh