aws_access_key_scan 0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +7 -0
  2. data/AWSAccessKeyScan.gemspec +25 -0
  3. data/Gemfile +3 -0
  4. data/Gemfile.lock +28 -0
  5. data/README.md +33 -0
  6. data/Rakefile +1 -0
  7. data/bin/access_key_scan +104 -0
  8. metadata +107 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: d94e2d7d1a1ed775f0e736eb673e3bd257b03216
4
+ data.tar.gz: e9e09c6129f51b3630205bcb43352b415c55fea1
5
+ SHA512:
6
+ metadata.gz: bc5820ce74fc3cd0e957b487895f8e4c616687cecc31871775d9b9acd3dbb23d5753937e7405775f4e13921a85cabac0a57cc840d79f6944681e2845275324d3
7
+ data.tar.gz: ff2af0f8345db2aafa350870e8ee81f34f16427dc825d5cc266e3ac35d05587712f0ba5c17d4e95c78ea3f051bb4d8181464fce92509ef2c7a2e04721c36081c
data/AWSAccessKeyScan.gemspec ADDED
@@ -0,0 +1,25 @@
1
+ # coding: utf-8
2
+ #lib = File.expand_path('../lib', __FILE__)
3
+ #$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+
5
+ Gem::Specification.new do |spec|
6
+ spec.name = "aws_access_key_scan"
7
+ spec.version = 0.1
8
+ spec.authors = ["Anthony Johnson"]
9
+ spec.email = ["ansoni@gmail.com"]
10
+ spec.description = %q{Scans your computer for easy to find AWS Access Keys}
11
+ spec.summary = %q{Scans your computer for easy to find AWS Access Keys}
12
+ spec.homepage = ""
13
+ spec.license = "Proprietary"
14
+
15
+ spec.files = `git ls-files`.split($/)
16
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
17
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
18
+ spec.require_paths = ["lib"]
19
+
20
+ spec.add_development_dependency "rake"
21
+ spec.add_development_dependency "bundler", "~> 1.3"
22
+ spec.add_runtime_dependency "nokogiri"
23
+ spec.add_runtime_dependency "aws-sdk"
24
+
25
+ end
data/Gemfile ADDED
@@ -0,0 +1,3 @@
1
+ source 'https://rubygems.org'
2
+
3
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,28 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ AWSAccessKeyScan (0.1)
5
+ aws-sdk
6
+ nokogiri
7
+
8
+ GEM
9
+ remote: https://rubygems.org/
10
+ specs:
11
+ aws-sdk (1.34.0)
12
+ json (~> 1.4)
13
+ nokogiri (>= 1.4.4)
14
+ uuidtools (~> 2.1)
15
+ json (1.8.1)
16
+ mini_portile (0.5.2)
17
+ nokogiri (1.6.1)
18
+ mini_portile (~> 0.5.0)
19
+ rake (10.1.1)
20
+ uuidtools (2.1.4)
21
+
22
+ PLATFORMS
23
+ ruby
24
+
25
+ DEPENDENCIES
26
+ AWSAccessKeyScan!
27
+ bundler (~> 1.3)
28
+ rake
data/README.md ADDED
@@ -0,0 +1,33 @@
1
+ # AWSAccessKeyScan
2
+ ===================
3
+
4
+ Scans your computer for easy to find AWS Access Keys
5
+
6
+ ## Usage
7
+
8
+ bundle
9
+ ./bin/aws_access_scan -h
10
+
11
+ $ ./bin/access_key_scan -h
12
+ Usage: example.rb [options]
13
+ -d, --directory [DIRECTORY] Directory to Scan - Defaults to /
14
+ -o, --output_file [FILE_NAME] File to Output Results to
15
+
16
+ If you run with no arguments it will scan from your entire computer
17
+
18
+ ## Output
19
+
20
+ $ ./bin/access_key_scan -d ~/Downloads
21
+ Processed 0 Files
22
+ Found file /Users/someuser/Downloads/credentials.csv-2.txt, usable: false
23
+ Found file /Users/someuser/Downloads/credentials.csv-3.txt, usable: false
24
+ Found file /Users/someuser/Downloads/credentials.csv-4.txt, usable: false
25
+ Found file /Users/someuser/Downloads/credentials.csv-5.txt, usable: true
26
+ Found file /Users/someuser/Downloads/credentials.csv.txt, usable: false
27
+
28
+ ## Todo/Help
29
+
30
+ Fork and send me a Pull Request
31
+
32
+
33
+
data/Rakefile ADDED
@@ -0,0 +1 @@
1
+ require "bundler/gem_tasks"
data/bin/access_key_scan ADDED
@@ -0,0 +1,104 @@
1
+ #!/usr/bin/env ruby
2
+ require 'rubygems'
3
+ require 'bundler/setup'
4
+ require 'aws-sdk'
5
+ require 'optparse'
6
+
7
+ options = {}
8
+ OptionParser.new do |opts|
9
+ opts.banner = "Usage: example.rb [options]"
10
+
11
+ opts.on("-d", "--directory [DIRECTORY]", String, "Directory to Scan - Defaults to /") do |v|
12
+ options[:start_dir] = v
13
+ end
14
+ opts.on("-o", "--output_file [FILE_NAME]", String, "File to Output Results to") do |v|
15
+ options[:output_file] = v
16
+ end
17
+ opts.on("--output_type [TYPE]", [:yaml],
18
+ "Select output type (yaml)") do |t|
19
+ options[:output_type] = t
20
+ end
21
+ end.parse!
22
+ options[:start_dir] ||= '/'
23
+ $str = "User Name,Access Key Id"
24
+ $files_processed = 0
25
+ $results=[]
26
+
27
+ # Iterate a Directory
28
+ def process_dir(dir)
29
+ Dir.foreach(dir) do |item|
30
+ next if item == '.' or item == '..'
31
+ file_item = File.join(dir,item)
32
+ begin
33
+ process_dir(file_item) if File.directory?(file_item) and not FileTest.symlink?(file_item)
34
+ rescue StandardError => e
35
+ #ignore
36
+ end
37
+ begin
38
+ process_file(file_item) if File.file?(file_item)
39
+ rescue StandardError => e
40
+ #ignore
41
+ end
42
+ end
43
+ end
44
+
45
+ # Peer inside of a file for AWS Creds
46
+ def process_file(file)
47
+ contents = File.read(file,$str.length)
48
+ if contents == $str
49
+ test_creds(file)
50
+ end
51
+ $files_processed += 1
52
+ end
53
+
54
+ # Test the Creds to see if they work
55
+ def test_creds(file)
56
+ usable = false
57
+ begin
58
+ lines = File.readlines(file)
59
+ items = lines[1].split(',')
60
+ #puts "|#{items[1]}| : |#{items[2]}|"
61
+ ec2 = AWS::EC2.new(
62
+ :access_key_id =>items[1],
63
+ :secret_access_key => items[2])
64
+ begin
65
+ ec2.regions.each do |region|
66
+ end
67
+ usable = true
68
+ rescue AWS::Errors::ClientError => ce
69
+ # ignore, usable is already false
70
+ end
71
+ rescue StandardError => e
72
+ puts "An Unknown Error #{e.to_s}"
73
+ usable = nil
74
+ end
75
+ puts "Found file #{file}, usable: #{usable}"
76
+ $results << { :filename => file, :usable => usable }
77
+ end
78
+
79
+ # Simple way for us to see that this thing is doing something
80
+ def show_process
81
+ while true
82
+ before_sleep = $files_processed
83
+ sleep(5)
84
+ after_sleep = $files_processed
85
+ puts "Processed #{after_sleep} Files - #{(after_sleep-before_sleep)/5} per second"
86
+ end
87
+ end
88
+
89
+
90
+ Thread.new do |thread|
91
+ show_process
92
+ end
93
+
94
+ process_dir options[:start_dir]
95
+ if options[:output_file]
96
+ File.open(options[:output_file],'w') do |f|
97
+ #we only support one format so don't even see what was passed in:-/
98
+ f.write $results.to_yaml
99
+ end
100
+ end
101
+ # exit status is the number of found creds + 1 which will allow you to use
102
+ # normal shell return status codes for errors
103
+ exit! $results.length + 1
104
+
metadata ADDED
@@ -0,0 +1,107 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: aws_access_key_scan
3
+ version: !ruby/object:Gem::Version
4
+ version: '0.1'
5
+ platform: ruby
6
+ authors:
7
+ - Anthony Johnson
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2014-02-13 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: rake
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '>='
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :development
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '>='
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: bundler
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ~>
32
+ - !ruby/object:Gem::Version
33
+ version: '1.3'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ~>
39
+ - !ruby/object:Gem::Version
40
+ version: '1.3'
41
+ - !ruby/object:Gem::Dependency
42
+ name: nokogiri
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - '>='
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - '>='
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: aws-sdk
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - '>='
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ description: Scans your computer for easy to find AWS Access Keys
70
+ email:
71
+ - ansoni@gmail.com
72
+ executables:
73
+ - access_key_scan
74
+ extensions: []
75
+ extra_rdoc_files: []
76
+ files:
77
+ - AWSAccessKeyScan.gemspec
78
+ - Gemfile
79
+ - Gemfile.lock
80
+ - README.md
81
+ - Rakefile
82
+ - bin/access_key_scan
83
+ homepage: ''
84
+ licenses:
85
+ - Proprietary
86
+ metadata: {}
87
+ post_install_message:
88
+ rdoc_options: []
89
+ require_paths:
90
+ - lib
91
+ required_ruby_version: !ruby/object:Gem::Requirement
92
+ requirements:
93
+ - - '>='
94
+ - !ruby/object:Gem::Version
95
+ version: '0'
96
+ required_rubygems_version: !ruby/object:Gem::Requirement
97
+ requirements:
98
+ - - '>='
99
+ - !ruby/object:Gem::Version
100
+ version: '0'
101
+ requirements: []
102
+ rubyforge_project:
103
+ rubygems_version: 2.2.1
104
+ signing_key:
105
+ specification_version: 4
106
+ summary: Scans your computer for easy to find AWS Access Keys
107
+ test_files: []