From ae9338e9865e2ca167b5b6ed71c6cab5a80ff75b Mon Sep 17 00:00:00 2001 From: 6a6f656c Date: Tue, 28 May 2024 09:52:19 -0400 Subject: [PATCH] saving to database --- pacu/core/models.py | 4 +++ pacu/modules/mq__enum/main.py | 59 ++++++++++++++++++++++------------- 2 files changed, 42 insertions(+), 21 deletions(-) diff --git a/pacu/core/models.py b/pacu/core/models.py index 5d29cd48..a02da939 100644 --- a/pacu/core/models.py +++ b/pacu/core/models.py @@ -36,6 +36,7 @@ class AWSKey(Base, ModelUpdateMixin): permissions_confirmed = Column(JSONType) allow_permissions = Column(JSONType, nullable=False, default=dict) deny_permissions = Column(JSONType, nullable=False, default=dict) + mq = Column(JSONType) def __repr__(self): return ''.format(self.id, self.key_alias) @@ -60,6 +61,7 @@ def get_fields_as_camel_case_dictionary(self) -> dict: 'Allow': remove_empty_from_dict(self.allow_permissions), 'Deny': remove_empty_from_dict(self.deny_permissions), }, + 'MQ':self.mq }) @@ -84,6 +86,7 @@ class PacuSession(Base, ModelUpdateMixin): 'Inspector', 'Lambda', 'Lightsail', + 'MQ', 'S3', 'SecretsManager', 'Shield', @@ -129,6 +132,7 @@ class PacuSession(Base, ModelUpdateMixin): Inspector = Column(JSONType, nullable=False, default=dict) Lambda = Column(JSONType, nullable=False, default=dict) Lightsail = Column(JSONType, nullable=False, default=dict) + MQ = Column(JSONType, nullable=False, default=dict) RDS = Column(JSONType, nullable=False, default=dict) S3 = Column(JSONType, nullable=False, default=dict) SecretsManager = Column(JSONType, nullable=False, default=dict) diff --git a/pacu/modules/mq__enum/main.py b/pacu/modules/mq__enum/main.py index 75f043b5..0e659323 100755 --- a/pacu/modules/mq__enum/main.py +++ b/pacu/modules/mq__enum/main.py @@ -6,12 +6,13 @@ from pacu.core.lib import downloads_dir from pacu.core.lib import strip_lines from pacu import Main +from copy import deepcopy module_info = { "name": "mq__enum", "author": "6a6f656c & h00die of nDepth Security", - "category": "ENUM", # or maybe persistence? kind of depends what may come over the topic, like creds - "one_liner": "List and describer brokers", + "category": "ENUM", + "one_liner": "Listo and describe brokers", "description": strip_lines( """ This module will attempt to list and gather information from available brokers. @@ -24,9 +25,17 @@ parser = argparse.ArgumentParser(add_help=False, description=module_info["description"]) -parser.add_argument('--regions', required=False, default=None, help=strip_lines(''' +parser.add_argument( + "--regions", + required=False, + default=None, + help=strip_lines( + """ One or more (comma separated) AWS regions in the format "us-east-1". Defaults to all session regions. -''')) +""" + ), +) + def main(args, pacu_main: "Main"): session = pacu_main.get_active_session() @@ -41,15 +50,15 @@ def main(args, pacu_main: "Main"): # End don't modify get_regions = pacu_main.get_regions if not args.regions: - regions = get_regions('mq') + regions = get_regions("mq") else: - regions = args.regions.split(',') + regions = args.regions.split(",") summary_data = {} summary_data["mq"] = {} for region in regions: - print('Starting region {}...'.format(region)) + print("Starting region {}...".format(region)) summary_data["mq"][region] = {} try: @@ -58,7 +67,7 @@ def main(args, pacu_main: "Main"): print("Unable to connect to MQ service. Error: {}".format(error)) continue - # Prepare output file to store ECR data + # Prepare output file to store MQ data now = time.time() outfile_path = str(downloads_dir() / f"mq_enum_{now}.json") @@ -81,19 +90,21 @@ def main(args, pacu_main: "Main"): summary_data["mq"][region][broker["BrokerId"]]["AuthenticationStrategy"] = ( broker_details["AuthenticationStrategy"] ) - summary_data["mq"][region][broker["BrokerId"]]["PubliclyAccessible"] = broker_details[ - "PubliclyAccessible" - ] - summary_data["mq"][region][broker["BrokerId"]]["BrokerName"] = broker_details[ - "BrokerName" - ] - summary_data["mq"][region][broker["BrokerId"]]["BrokerState"] = broker_details[ - "BrokerState" - ] - summary_data["mq"][region][broker["BrokerId"]]["Users"] = broker_details["Users"] - summary_data["mq"][region][broker["BrokerId"]]["EngineType"] = broker_details[ - "EngineType" + summary_data["mq"][region][broker["BrokerId"]]["PubliclyAccessible"] = ( + broker_details["PubliclyAccessible"] + ) + summary_data["mq"][region][broker["BrokerId"]]["BrokerName"] = ( + broker_details["BrokerName"] + ) + summary_data["mq"][region][broker["BrokerId"]]["BrokerState"] = ( + broker_details["BrokerState"] + ) + summary_data["mq"][region][broker["BrokerId"]]["Users"] = broker_details[ + "Users" ] + summary_data["mq"][region][broker["BrokerId"]]["EngineType"] = ( + broker_details["EngineType"] + ) summary_data["mq"][region][broker["BrokerId"]]["ConsoleURL"] = [ url["ConsoleURL"] for url in broker_details["BrokerInstances"] ] @@ -103,11 +114,17 @@ def main(args, pacu_main: "Main"): with open(outfile_path, "w+") as f: f.write(json.dumps(summary_data, indent=4, default=str)) + mq_data = deepcopy(session.MQ) + for key, value in summary_data.items(): + mq_data[key] = value + session.update(pacu_main.database, MQ=mq_data) + return summary_data + def summary(data, pacu_main): out = "" - + total_users = 0 total_brokers = 0 for region in data["mq"]: