aws_access_key_scan 0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/AWSAccessKeyScan.gemspec +25 -0
- data/Gemfile +3 -0
- data/Gemfile.lock +28 -0
- data/README.md +33 -0
- data/Rakefile +1 -0
- data/bin/access_key_scan +104 -0
- metadata +107 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: d94e2d7d1a1ed775f0e736eb673e3bd257b03216
|
4
|
+
data.tar.gz: e9e09c6129f51b3630205bcb43352b415c55fea1
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: bc5820ce74fc3cd0e957b487895f8e4c616687cecc31871775d9b9acd3dbb23d5753937e7405775f4e13921a85cabac0a57cc840d79f6944681e2845275324d3
|
7
|
+
data.tar.gz: ff2af0f8345db2aafa350870e8ee81f34f16427dc825d5cc266e3ac35d05587712f0ba5c17d4e95c78ea3f051bb4d8181464fce92509ef2c7a2e04721c36081c
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
#lib = File.expand_path('../lib', __FILE__)
|
3
|
+
#$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
|
5
|
+
Gem::Specification.new do |spec|
|
6
|
+
spec.name = "aws_access_key_scan"
|
7
|
+
spec.version = 0.1
|
8
|
+
spec.authors = ["Anthony Johnson"]
|
9
|
+
spec.email = ["ansoni@gmail.com"]
|
10
|
+
spec.description = %q{Scans your computer for easy to find AWS Access Keys}
|
11
|
+
spec.summary = %q{Scans your computer for easy to find AWS Access Keys}
|
12
|
+
spec.homepage = ""
|
13
|
+
spec.license = "Proprietary"
|
14
|
+
|
15
|
+
spec.files = `git ls-files`.split($/)
|
16
|
+
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
17
|
+
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
18
|
+
spec.require_paths = ["lib"]
|
19
|
+
|
20
|
+
spec.add_development_dependency "rake"
|
21
|
+
spec.add_development_dependency "bundler", "~> 1.3"
|
22
|
+
spec.add_runtime_dependency "nokogiri"
|
23
|
+
spec.add_runtime_dependency "aws-sdk"
|
24
|
+
|
25
|
+
end
|
data/Gemfile
ADDED
data/Gemfile.lock
ADDED
@@ -0,0 +1,28 @@
|
|
1
|
+
PATH
|
2
|
+
remote: .
|
3
|
+
specs:
|
4
|
+
AWSAccessKeyScan (0.1)
|
5
|
+
aws-sdk
|
6
|
+
nokogiri
|
7
|
+
|
8
|
+
GEM
|
9
|
+
remote: https://rubygems.org/
|
10
|
+
specs:
|
11
|
+
aws-sdk (1.34.0)
|
12
|
+
json (~> 1.4)
|
13
|
+
nokogiri (>= 1.4.4)
|
14
|
+
uuidtools (~> 2.1)
|
15
|
+
json (1.8.1)
|
16
|
+
mini_portile (0.5.2)
|
17
|
+
nokogiri (1.6.1)
|
18
|
+
mini_portile (~> 0.5.0)
|
19
|
+
rake (10.1.1)
|
20
|
+
uuidtools (2.1.4)
|
21
|
+
|
22
|
+
PLATFORMS
|
23
|
+
ruby
|
24
|
+
|
25
|
+
DEPENDENCIES
|
26
|
+
AWSAccessKeyScan!
|
27
|
+
bundler (~> 1.3)
|
28
|
+
rake
|
data/README.md
ADDED
@@ -0,0 +1,33 @@
|
|
1
|
+
# AWSAccessKeyScan
|
2
|
+
===================
|
3
|
+
|
4
|
+
Scans your computer for easy to find AWS Access Keys
|
5
|
+
|
6
|
+
## Usage
|
7
|
+
|
8
|
+
bundle
|
9
|
+
./bin/aws_access_scan -h
|
10
|
+
|
11
|
+
$ ./bin/access_key_scan -h
|
12
|
+
Usage: example.rb [options]
|
13
|
+
-d, --directory [DIRECTORY] Directory to Scan - Defaults to /
|
14
|
+
-o, --output_file [FILE_NAME] File to Output Results to
|
15
|
+
|
16
|
+
If you run with no arguments it will scan from your entire computer
|
17
|
+
|
18
|
+
## Output
|
19
|
+
|
20
|
+
$ ./bin/access_key_scan -d ~/Downloads
|
21
|
+
Processed 0 Files
|
22
|
+
Found file /Users/someuser/Downloads/credentials.csv-2.txt, usable: false
|
23
|
+
Found file /Users/someuser/Downloads/credentials.csv-3.txt, usable: false
|
24
|
+
Found file /Users/someuser/Downloads/credentials.csv-4.txt, usable: false
|
25
|
+
Found file /Users/someuser/Downloads/credentials.csv-5.txt, usable: true
|
26
|
+
Found file /Users/someuser/Downloads/credentials.csv.txt, usable: false
|
27
|
+
|
28
|
+
## Todo/Help
|
29
|
+
|
30
|
+
Fork and send me a Pull Request
|
31
|
+
|
32
|
+
|
33
|
+
|
data/Rakefile
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require "bundler/gem_tasks"
|
data/bin/access_key_scan
ADDED
@@ -0,0 +1,104 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require 'rubygems'
|
3
|
+
require 'bundler/setup'
|
4
|
+
require 'aws-sdk'
|
5
|
+
require 'optparse'
|
6
|
+
|
7
|
+
options = {}
|
8
|
+
OptionParser.new do |opts|
|
9
|
+
opts.banner = "Usage: example.rb [options]"
|
10
|
+
|
11
|
+
opts.on("-d", "--directory [DIRECTORY]", String, "Directory to Scan - Defaults to /") do |v|
|
12
|
+
options[:start_dir] = v
|
13
|
+
end
|
14
|
+
opts.on("-o", "--output_file [FILE_NAME]", String, "File to Output Results to") do |v|
|
15
|
+
options[:output_file] = v
|
16
|
+
end
|
17
|
+
opts.on("--output_type [TYPE]", [:yaml],
|
18
|
+
"Select output type (yaml)") do |t|
|
19
|
+
options[:output_type] = t
|
20
|
+
end
|
21
|
+
end.parse!
|
22
|
+
options[:start_dir] ||= '/'
|
23
|
+
$str = "User Name,Access Key Id"
|
24
|
+
$files_processed = 0
|
25
|
+
$results=[]
|
26
|
+
|
27
|
+
# Iterate a Directory
|
28
|
+
def process_dir(dir)
|
29
|
+
Dir.foreach(dir) do |item|
|
30
|
+
next if item == '.' or item == '..'
|
31
|
+
file_item = File.join(dir,item)
|
32
|
+
begin
|
33
|
+
process_dir(file_item) if File.directory?(file_item) and not FileTest.symlink?(file_item)
|
34
|
+
rescue StandardError => e
|
35
|
+
#ignore
|
36
|
+
end
|
37
|
+
begin
|
38
|
+
process_file(file_item) if File.file?(file_item)
|
39
|
+
rescue StandardError => e
|
40
|
+
#ignore
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
# Peer inside of a file for AWS Creds
|
46
|
+
def process_file(file)
|
47
|
+
contents = File.read(file,$str.length)
|
48
|
+
if contents == $str
|
49
|
+
test_creds(file)
|
50
|
+
end
|
51
|
+
$files_processed += 1
|
52
|
+
end
|
53
|
+
|
54
|
+
# Test the Creds to see if they work
|
55
|
+
def test_creds(file)
|
56
|
+
usable = false
|
57
|
+
begin
|
58
|
+
lines = File.readlines(file)
|
59
|
+
items = lines[1].split(',')
|
60
|
+
#puts "|#{items[1]}| : |#{items[2]}|"
|
61
|
+
ec2 = AWS::EC2.new(
|
62
|
+
:access_key_id =>items[1],
|
63
|
+
:secret_access_key => items[2])
|
64
|
+
begin
|
65
|
+
ec2.regions.each do |region|
|
66
|
+
end
|
67
|
+
usable = true
|
68
|
+
rescue AWS::Errors::ClientError => ce
|
69
|
+
# ignore, usable is already false
|
70
|
+
end
|
71
|
+
rescue StandardError => e
|
72
|
+
puts "An Unknown Error #{e.to_s}"
|
73
|
+
usable = nil
|
74
|
+
end
|
75
|
+
puts "Found file #{file}, usable: #{usable}"
|
76
|
+
$results << { :filename => file, :usable => usable }
|
77
|
+
end
|
78
|
+
|
79
|
+
# Simple way for us to see that this thing is doing something
|
80
|
+
def show_process
|
81
|
+
while true
|
82
|
+
before_sleep = $files_processed
|
83
|
+
sleep(5)
|
84
|
+
after_sleep = $files_processed
|
85
|
+
puts "Processed #{after_sleep} Files - #{(after_sleep-before_sleep)/5} per second"
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
89
|
+
|
90
|
+
Thread.new do |thread|
|
91
|
+
show_process
|
92
|
+
end
|
93
|
+
|
94
|
+
process_dir options[:start_dir]
|
95
|
+
if options[:output_file]
|
96
|
+
File.open(options[:output_file],'w') do |f|
|
97
|
+
#we only support one format so don't even see what was passed in:-/
|
98
|
+
f.write $results.to_yaml
|
99
|
+
end
|
100
|
+
end
|
101
|
+
# exit status is the number of found creds + 1 which will allow you to use
|
102
|
+
# normal shell return status codes for errors
|
103
|
+
exit! $results.length + 1
|
104
|
+
|
metadata
ADDED
@@ -0,0 +1,107 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: aws_access_key_scan
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: '0.1'
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Anthony Johnson
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2014-02-13 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: rake
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - '>='
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - '>='
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: bundler
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - ~>
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '1.3'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - ~>
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '1.3'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: nokogiri
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - '>='
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
type: :runtime
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: aws-sdk
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :runtime
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - '>='
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
description: Scans your computer for easy to find AWS Access Keys
|
70
|
+
email:
|
71
|
+
- ansoni@gmail.com
|
72
|
+
executables:
|
73
|
+
- access_key_scan
|
74
|
+
extensions: []
|
75
|
+
extra_rdoc_files: []
|
76
|
+
files:
|
77
|
+
- AWSAccessKeyScan.gemspec
|
78
|
+
- Gemfile
|
79
|
+
- Gemfile.lock
|
80
|
+
- README.md
|
81
|
+
- Rakefile
|
82
|
+
- bin/access_key_scan
|
83
|
+
homepage: ''
|
84
|
+
licenses:
|
85
|
+
- Proprietary
|
86
|
+
metadata: {}
|
87
|
+
post_install_message:
|
88
|
+
rdoc_options: []
|
89
|
+
require_paths:
|
90
|
+
- lib
|
91
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
92
|
+
requirements:
|
93
|
+
- - '>='
|
94
|
+
- !ruby/object:Gem::Version
|
95
|
+
version: '0'
|
96
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
97
|
+
requirements:
|
98
|
+
- - '>='
|
99
|
+
- !ruby/object:Gem::Version
|
100
|
+
version: '0'
|
101
|
+
requirements: []
|
102
|
+
rubyforge_project:
|
103
|
+
rubygems_version: 2.2.1
|
104
|
+
signing_key:
|
105
|
+
specification_version: 4
|
106
|
+
summary: Scans your computer for easy to find AWS Access Keys
|
107
|
+
test_files: []
|