search

shabarkin / aws-enumerator

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.
GNU General Public License v3.0
172 stars 25 forks source link

Feature: how to pass a endpoint_url ? #1

Open bestrocker221 opened 2 years ago

bestrocker221 commented 2 years ago

it is possible to set in i.e. boto3 the endpoint_url for private environments. Is this allowed with some simple modifications here? I am not a go developer

Thanks for the tool!

daniele-mucci-form3 commented 2 years ago

@bestrocker221 I had to do this just to get the tool working on Hackthebox, so the solution is not clean. However, what I did was changing servicemaster/servicemaster.go function CheckAWSCredentials to:

        customResolver := aws.EndpointResolverWithOptionsFunc(func(service, region string, options ...interface{}) (aws.Endpoint, error) {
                return aws.Endpoint{
                        PartitionID:   "aws",
                        URL:           "http://my-endpoint.com",
                        SigningRegion: "eu-east-1",
                }, nil
                return aws.Endpoint{}, fmt.Errorf("unknown endpoint requested")
        })
        if utils.CheckEnvFileExistance() {
                cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithEndpointResolverWithOptions(customResolver))

And the same change in servicestructs/servicestructs.go at GetServices() function.

In order for it to compile, I bumped the aws-sdk-go-v2/aws version to latest and go to 1.18.