Logging, breakout, and azure region change

* implemented logging
* limited to 1 region for azure VMs (by default, can change)
* Added Ctrl-C breakout

Author: initstring

README.md

@@ -77,6 +77,8 @@ optional arguments:
                         Threads for HTTP brute-force. Default = 5
   -ns NAMESERVER, --nameserver NAMESERVER
                         DNS server to use in brute-force.
+  -l LOGFILE, --logfile LOGFILE
+                        Will APPEND found items to specified file.
   --disable-aws         Disable Amazon checks.
   --disable-azure       Disable Azure checks.
   --disable-gcp         Disable Google checks.

cloud_enum.py

@@ -16,6 +16,7 @@
 from enum_tools import aws_checks
 from enum_tools import azure_checks
 from enum_tools import gcp_checks
+from enum_tools import utils
 
 BANNER = '''
 ##########################
@@ -25,6 +26,8 @@
 
 '''
 
+LOGFILE = False
+
 def parse_arguments():
     """
     Handles user-passed parameters
@@ -64,6 +67,9 @@ def parse_arguments():
                         default='8.8.8.8',
                         help='DNS server to use in brute-force.')
 
+    parser.add_argument('-l', '--logfile', type=str, action='store',
+                        help='Will APPEND found items to specified file.')
+
     parser.add_argument('--disable-aws', action='store_true',
                         help='Disable Amazon checks.')
 
@@ -96,6 +102,25 @@ def parse_arguments():
         with open(args.keyfile) as infile:
             args.keyword = [keyword.strip() for keyword in infile]
 
+    # Ensure log file is writeable
+    if args.logfile:
+        if os.path.isdir(args.logfile):
+            print("[!] Can't specify a directory as the logfile, exiting.")
+            sys.exit()
+        if os.path.isfile(args.logfile):
+            target = args.logfile
+        else:
+            target = os.path.dirname(args.logfile)
+            if target == '':
+                target = '.'
+
+        if not os.access(target, os.W_OK):
+            print("[!] Cannot write to log file, exiting")
+            sys.exit()
+
+        # Set the global in the utils file, where logging needs to happen
+        utils.init_logfile(args.logfile)
+
     return args
 
 def print_status(args):
@@ -163,9 +188,6 @@ def main():
     Main program function.
     """
     args = parse_arguments()
-
-    
-
     print(BANNER)
 
     # Generate a basic status on targets and parameters
@@ -176,12 +198,16 @@ def main():
     names = build_names(args.keyword, mutations)
 
     # All the work is done in the individual modules
-    if not args.disable_aws:
-        aws_checks.run_all(names, args.threads)
-    if not args.disable_azure:
-        azure_checks.run_all(names, args.brute, args.threads, args.nameserver)
-    if not args.disable_gcp:
-        gcp_checks.run_all(names, args.threads)
+    try:
+        if not args.disable_aws:
+            aws_checks.run_all(names, args)
+        if not args.disable_azure:
+            azure_checks.run_all(names, args)
+        if not args.disable_gcp:
+            gcp_checks.run_all(names, args)
+    except KeyboardInterrupt:
+        print("Thanks for playing!")
+        sys.exit()
 
     # Best of luck to you!
     print("\n[+] All done, happy hacking!\n")

enum_tools/aws_checks.py

@@ -3,7 +3,6 @@
 github.com/initstring/cloud_enum
 """
 
-import sys
 from enum_tools import utils
 
 BANNER = '''
@@ -86,7 +85,7 @@ def check_s3_buckets(names, threads):
     # Stop the time
     utils.stop_timer(start_time)
 
-def run_all(names, threads):
+def run_all(names, args):
     """
     Function is called by main program
     """
@@ -95,5 +94,5 @@ def run_all(names, threads):
     # Use user-supplied AWS region if provided
     #if not regions:
     #    regions = AWS_REGIONS
-    check_s3_buckets(names, threads)
+    check_s3_buckets(names, args.threads)
     return ''

enum_tools/azure_checks.py

@@ -276,16 +276,17 @@ def check_azure_vms(names, nameserver):
     # Stop the timer
     utils.stop_timer(start_time)
 
-def run_all(names, brute_list, threads, nameserver):
+def run_all(names, args):
     """
     Function is called by main program
     """
     print(BANNER)
 
-    valid_accounts = check_storage_accounts(names, threads, nameserver)
+    valid_accounts = check_storage_accounts(names, args.threads,
+                                            args.nameserver)
     if valid_accounts:
-        brute_force_containers(valid_accounts, brute_list, threads)
+        brute_force_containers(valid_accounts, args.brute, args.threads)
 
-    check_azure_websites(names, nameserver)
-    check_azure_databases(names, nameserver)
-    check_azure_vms(names, nameserver)
+    check_azure_websites(names, args.nameserver)
+    check_azure_databases(names, args.nameserver)
+    check_azure_vms(names, args.nameserver)

enum_tools/azure_regions.py

@@ -23,4 +23,4 @@
 
 
 # And here I am limiting the search by overwriting this variable:
-REGIONS = ['eastus', 'australiaeast']
+REGIONS = ['eastus',]

enum_tools/gcp_checks.py

@@ -107,12 +107,12 @@ def check_appspot(names, threads):
     # Stop the time
     utils.stop_timer(start_time)
 
-def run_all(names, threads):
+def run_all(names, args):
     """
     Function is called by main program
     """
     print(BANNER)
 
-    check_gcp_buckets(names, threads)
-    check_appspot(names, threads)
+    check_gcp_buckets(names, args.threads)
+    check_appspot(names, args.threads)
     return ''

enum_tools/utils.py

@@ -5,6 +5,7 @@
 import time
 import sys
 import subprocess
+import datetime
 import re
 import requests
 try:
@@ -15,6 +16,20 @@
     print("[!] You'll need to pip install requests_futures for this tool.")
     sys.exit()
 
+LOGFILE = False
+
+def init_logfile(logfile):
+    """
+    Initialize the global logfile if specified as a user-supplied argument
+    """
+    if logfile:
+        global LOGFILE
+        LOGFILE = logfile
+
+        now = datetime.datetime.now().strftime("%d/%m/%Y %H:%M:%S")
+        with open(logfile, 'a') as log_writer:
+            log_writer.write("\n\n#### CLOUD_ENUM {} ####\n"
+                             .format(now))
 
 def get_url_batch(url_list, use_ssl=False, callback='', threads=5):
     """
@@ -156,12 +171,12 @@ def list_bucket_contents(bucket):
 
     # Format them to full URLs and print to console
     if keys:
-        print("      FILES:")
+        printc("      FILES:\n", 'none')
         for key in keys:
             url = bucket + key
-            print("      {}".format(url))
+            printc("      ->{}\n".format(url), 'none')
     else:
-        print("      ...empty bucket, so sad. :(")
+        printc("      ...empty bucket, so sad. :(\n", 'none')
 
 def printc(text, color):
     """
@@ -182,6 +197,12 @@ def printc(text, color):
         sys.stdout.write(bold + red + text + end)
     if color == 'black':
         sys.stdout.write(bold + text + end)
+    if color == 'none':
+        sys.stdout.write(text)
+
+    if LOGFILE:
+        with open(LOGFILE, 'a')  as log_writer:
+            log_writer.write(text.lstrip())
 
 def start_timer():
     """
@@ -201,6 +222,5 @@ def stop_timer(start_time):
 
     # Print some statistics
     print("")
-    printc("    DONE", 'black')
     print(" Elapsed time: {}".format(formatted_time))
     print("")