shivankar-madaan
commented
6 years ago @florin2528 are you getting this for AWS audit?
Closed florin2528 closed 6 years ago
shivankar-madaan
commented
6 years ago @florin2528 are you getting this for AWS audit?
florin2528
commented
6 years ago by running: python cs.py -env aws
shivankar-madaan
commented
6 years ago Ok I have just ran the cs-suite for aws,with the latest master branch, I couldn't reproduce the error.
Also the curl calls are being made from prowler https://github.com/SecurityFTW/cs-suite/tree/e39adfc6d518ccdfc086e4d89e2bb3ea348c10cb/tools/prowler
could it be possible, if could run prowler separately in cd tools/prowler and then ./prowler
or if I could share more of the error's which you are getting on the console.
florin2528
commented
6 years ago root@ip-10-xx-yy-45:~/cs-suite/tools/prowler# ./prowler curl: option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information curl: option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information curl: option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information _| | | '_ | '/ \ \ /\ / / |/ \ '| | |) | | | () \ V V /| | / | | ./|_| _/ _/_/ ||\|| || CIS based AWS Account Hardening Tool
florin2528
commented
6 years ago running the curl commands separately from prowler don't give any error:
root@ip-10-xx-yy-45:~/cs-suite/tools/prowler# curl -s -m 1 http://169.254.169.254/latest/meta-data/iam/security-credentials/ "<?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
shivankar-madaan
commented
6 years ago I guess you are running this from a AWS instance? I think prowler is trying to authenticate, which can be done in 2 ways
1) Either run aws configure and add the read-only key and secret
2) Or the instance which you are running prowler or cs-suite, should be attached to IAM profile
florin2528
commented
6 years ago yes, that's correct, i'm running from an AWS instance. The keys are already configured.
but I don't see the connection between curl command syntax error and IAM profile.
shivankar-madaan
commented
6 years ago So here is the code which is doing trying to get the keys https://github.com/SecurityFTW/cs-suite/blob/master/tools/prowler/prowler#L259
florin2528
commented
6 years ago I solved the issue by adding an IAM role to that instance. You can close this issue.
thanks for helping out!
shivankar-madaan
commented
6 years ago Thats great I think this was a genuine issue, you could possibly report it here https://github.com/toniblyx/prowler
Start testing on ubuntu: Linux ip-10-48-0-245 4.4.0-1022-aws #31-Ubuntu SMP Tue Jun 27 11:27:55 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
NAME="Ubuntu" VERSION="16.04.2 LTS (Xenial Xerus)" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu 16.04.2 LTS" VERSION_ID="16.04" HOME_URL="http://www.ubuntu.com/" SUPPORT_URL="http://help.ubuntu.com/" BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/" VERSION_CODENAME=xenial UBUNTU_CODENAME=xenial
Python 2.7.12
and i'm getting a lot of errors like this:
curl: option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information curl: curl: option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information curl: curl: curl: curl: option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information option -: is unknown curl: try 'curl --help' or 'curl --manual' for more information
any help?