Bucket Flaws: A Simple Lightweight Script that can take a list of bucket names and check for Common S3 Bucket Misconfigurations
This is a very small and light bash script that can take both a list of buckets as well a single bucket and perform some basic security checks.
- Checks for Directory Listing
- Tries to upload a file (upload.png)
- Checks for Directory Listing
- Checks for some interesting files/folders based on the keywords provided in the sensitive.txt
- Tries to fetch the Bucket ACL
- Tries to upload a file (bucket.png)
- Tries to dump the whole bucket (optional -d flag)
- Tries to modify the Bucket ACL (optional -p flag)
- Tries to fetch object ACL
- Tries to fetch object metadata
- Tries to dump the object (optional)
- Tries to modify the object ACL
pip install -r requirements.txt
Usage: -u for single bucket -f for file containing the list of all the buckets -o for performing object level analysis -p for changing the bucket ACL if allowed -d for dumping the whole bucket if allowed -h for help
Eg:
./bucketflaws.sh -u bucketname
./bucketflaws.sh -f filepath
For performing object level checks as well:
./bucketflaws.sh -u bucketname -o
For modifying Bucket ACL if possible:
./bucketflaws.sh -u bucketname -o -p
Performs all the checks as well as tries to dump the whole bucket(Recommended way):
./bucketflaws.sh -u bucketname -o -p -d
Same as above but for a list of buckets:
./bucketflaws.sh -f filepath -o -p -d
For storing the output to a txt file:
./bucketflaws.sh -f filepath -o -p -d | tee output.txt && sed -i 's/\x1B[[0-9;]+[A-Za-z]//g' output.txt
NOTE: For Authenticated Check you need to make sure you have configured your aws cli.
Refer this link for configuring AWS CLI: https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html