Last active
March 21, 2024 13:58
-
-
Save filipeandre/e245c81e10530dcaeee71d50af20d2ad to your computer and use it in GitHub Desktop.
Simple request to whitelist waf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
try: | |
import requests | |
import boto3 | |
except ImportError: | |
import subprocess | |
subprocess.run(['pip3', 'install', 'boto3', 'requests'], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL) | |
finally: | |
import json | |
import requests | |
import boto3 | |
import argparse | |
from botocore.exceptions import ClientError | |
def get_secret(): | |
session = boto3.session.Session() | |
client = session.client( | |
service_name='secretsmanager', | |
region_name="us-east-1" | |
) | |
try: | |
get_secret_value_response = client.get_secret_value( | |
SecretId="qa-framework-main" | |
) | |
except ClientError as e: | |
raise e | |
return json.loads(get_secret_value_response['SecretString']) | |
def parse_args(): | |
parser = argparse.ArgumentParser() | |
parser.add_argument('--env', '-e', required=True, help="example: dev") | |
parser.add_argument('--ip', '-i', required=False, help="1.2.3.4") | |
parser.add_argument('--qualifier', '-q', required=False, help="usually the lower case org code") | |
parser.add_argument('--filter', '-f', required=False, help="optionnal waf list regex filter pattern") | |
return parser.parse_args() | |
def main(): | |
secret_value = get_secret() | |
args = parse_args() | |
url = f'{secret_value["QA_RCP_SERVICE_URL"]}/IPSetV2Service' | |
api_key = secret_value['QA_RCP_SERVICE_AUTH'][1:-1] | |
method_params = { | |
"env": args.env | |
} | |
if args.ip: | |
method_params['_ip'] = args.ip | |
if args.qualifier: | |
method_params['qualifier'] = args.qualifier | |
if args.filter: | |
method_params['regex'] = args.filter | |
payload = json.dumps({ | |
"jsonrpc": "2.1", | |
"id": "single_request", | |
"method": "ip", | |
"params": [method_params] | |
}) | |
headers = { | |
'Content-Type': 'application/json', | |
'X-Api-Key': api_key | |
} | |
response = requests.request("POST", url, headers=headers, data=payload) | |
print(json.dumps(response.json(), indent=1)) | |
if __name__ == '__main__': | |
main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment