Error: Unable to load AWS Credentials

[mbb5546]

Hello,

Recently came across a problem with this tool all of a sudden. Upon trying to run a spray I receive an error:

The simple command I've tried running is the command given in the usage example:

python3 credmaster.py --plugin <pluginname> -u users.txt -p passwords.txt --access_key <Key1> --secret_access_key <key2>

I've confirmed that my access keys are valid, I've tried running this tools via virtualenv and with docker but to no avail. Trying to follow the simple example is proving oddly difficult, any idea why I am receiving "Unable to load AWS Credentials". Would this be fireprox related?

[knavesec]

Unfortunately I can't replicate this, this appears to work fine for me. Troubleshooting wise, I would try to use the original FireProx tool and see if you can generate an API with your credentials (https://github.com/ustayready/fireprox). If you can't create an API, then it's a credential problem of some kind outside of CredMaster. If not please let me know, I'll plan to close this issue in roughly two weeks if I haven't heard back.

[puzzlepeaches]

In fire.py, modify the file to print the error you are receiving on exception like this:

        # Maybe had profile, maybe didn't
        if self.access_key and self.secret_access_key:
            try:
                self.client = boto3.client(
                    'apigateway',
                    aws_access_key_id=self.access_key,
                    aws_secret_access_key=self.secret_access_key,
                    aws_session_token=self.session_token,
                    region_name=self.region
                )
                self.client.get_account()
                self.region = self.client._client_config.region_name
                # Save/overwrite config if profile specified
                if self.profile_name:
                    if config_profile_section not in config:
                        config.add_section(config_profile_section)
                    config[config_profile_section]['region'] = self.region
                    with open(os.path.expanduser('~/.aws/config'), 'w') as file:
                        config.write(file)
                    if self.profile_name not in credentials:
                        credentials.add_section(self.profile_name)
                    credentials[self.profile_name]['aws_access_key_id'] = self.access_key
                    credentials[self.profile_name]['aws_secret_access_key'] = self.secret_access_key
                    if self.session_token:
                        credentials[self.profile_name]['aws_session_token'] = self.session_token
                    else:
                        credentials.remove_option(self.profile_name, 'aws_session_token')
                    with open(os.path.expanduser('~/.aws/credentials'), 'w') as file:
                        credentials.write(file)
                return True
            except Exception as a:
                print(a)
                return False
        else:
            return False

Should give you an idea of what is going wrong here. Going to guess that your API keys are invalid or don't have the permissions to create the gateway.

[mbb5546]

Thank you for the replies, I will look into making this modification. As far as my keys, I did check my AWS account which indicated my keys were active and valid. Additionally I created a new user/group via AWS IAM in order to get a fresh set of keys which gave the same original issue. I do think it is an issue with my fire.py

[mbb5546]

Just following up here, tried making that modification to my fire.py but kept receiving an "Inconsistent use of tabs and spaces error". Going to just try and close out my aws account and start all over with a fresh account, fresh user etc etc. Really lost as to why all of a sudden my AWS keys are failing to be loaded. Ty for being responsive to this!

[knavesec]

@mbb5546 Any updates on this?

[mbb5546]

@knavesec Thanks for checking in, unfortunately not. In an attempt to just use the tool successfully I ran a spray from a fresh Kali VM environment and didn't mess with any configs so everything was stock, provided my fresh, unused IAM AWS keys and it worked fine, but only once.

Days later I attempted to perform another spray thru the same separate VM environment and got the exact same Unable to Load AWS credentials that has been troubling me. Seems like possibly an issue with my AWS keys but I haven't been able to find a solid explanation. Very weird

[kpomeroy1979]

I've had this exact issue before. The fix for me was to restart the docker services # service docker restart. Also make sure you are already logged into AWS and perhaps destroy any previous API Gateways just in case before you begin your password spraying attempt.

Hope this helps.

On Thu, Jun 16, 2022 at 12:15 PM Gonski @.***> wrote:

@knavesec https://github.com/knavesec Thanks for checking in, unfortunately not. In an attempt to just use the tool successfully I ran a spray from a fresh Kali VM environment and didn't mess with any configs so everything was stock, provided my fresh, unused IAM AWS keys and it worked fine, but only once.

Days later I attempted to perform another spray thru the same separate VM environment and got the exact same Unable to Load AWS credentials so I am really not sure. Seems like possibly an issue with my AWS keys but I haven't been able to find a solid explanation. Very weird

— Reply to this email directly, view it on GitHub https://github.com/knavesec/CredMaster/issues/13#issuecomment-1157991847, or unsubscribe https://github.com/notifications/unsubscribe-auth/AH5LZHWYHS24VXZRDIIVPALVPNVK7ANCNFSM5SQ7LIWA . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[D4rkz3rO]

Had a similar issue. Worked for over 5 days, had nothing changed and then unable to load AWS credentials. Made numerous new AWS IAM users with new programmatic access/secret keys and same problem. Reinstalled the tool, same issue. Some sort of limit with AWS, needs more investigation.

[knavesec]

Going to close this issue. Anyone involved please reopen if you believe the issue is with CredMaster rather than AWS/key sessions/docker/etc. Unfortunately I simply can't validate where the issue may lie