knavesec
commented
6 months ago Hi @m4xx101
I would agree this is an issue, however, the current iteration of CM addresses this as best it can. In the main file, CTRL+C error handling already exists for this exact issue, see the screenshot below or here: https://github.com/knavesec/CredMaster/blob/master/credmaster.py#L362
Additionally, I have provided helper functions to help clean up stray APIs since sometimes there are issues. This is all documented here: https://github.com/knavesec/CredMaster/wiki/Fireprox-Utilities
I appreciate you submitting an issue, but this is as complete as I can make it. Closing
Best, knavesec
Description:
When performing operations using CredMaster, particularly with plugins that interact with AWS services, I've encountered a significant issue where AWS API sessions persist beyond the intended lifecycle of the tool's execution. Specifically, when the operation is manually interrupted by the user (e.g., using CTRL+C for a keyboard interruption), it appears that the AWS API sessions initiated by CredMaster do not terminate as expected.
This behavior can lead to unintended API sessions remaining active, potentially accruing unnecessary charges or consuming API rate limits. The expected behavior would be for all external service sessions, including those to AWS APIs, to gracefully terminate, ensuring no lingering resources or sessions remain active beyond the tool's operation.
Steps to Reproduce:
Expected Behavior:
Upon a keyboard interruption (CTRL+C), CredMaster should catch the interruption signal and gracefully terminate any active sessions with external services, including AWS APIs, before exiting. This ensures that no unintended resources or sessions remain active, aligning with best practices for resource management and operational hygiene.