enumerate-iam
enumerate-iam copied to clipboard
just hangs on random check
Hi,
Thanks for the wonderful tool.
Maybe I'm doing something wrong, because it "hangs" on random checks every time. I tried to wait, but after an hour there is nothing - no errors, no timeouts.
I already tried to use DEBUG
flag, but it does not saying much.
Yes I updated the check definitions with :
cd enumerate_iam/
git clone https://github.com/aws/aws-sdk-js.git
python generate_bruteforce_tests.py
rm -rf aws-sdk-js
Kind regards, PY
I too am having a similar problem. Running enumerate-iam.py
hangs consistently after identifying the first few permissions:
...
2021-01-13 13:44:42,136 - 2152 - [INFO] Attempting common-service describe / list brute force.
2021-01-13 13:44:44,222 - 2152 - [INFO] -- sts.get_caller_identity() worked!
2021-01-13 13:44:44,530 - 2152 - [INFO] -- xray.get_sampling_statistic_summaries() worked!
2021-01-13 13:44:44,683 - 2152 - [INFO] -- xray.get_sampling_rules() worked!
2021-01-13 13:44:45,620 - 2152 - [INFO] -- dynamodb.describe_endpoints() worked!
...hangs
I've not yet traced where the code is hanging, but I wonder if this is a defense mechanism AWS has introduced to mitigate this type of permission enumeration. I've tried running on different hosts, macOS and Linux, and it always hangs after the dynamodb.describe_endpoints() worked!
message.
I also have this issue, even after decreasing the max connections.
Same thing here
I think reducing max_attempts
to 5 for example in main.py
should fix the hanging issue:
retries={'max_attempts': 10}
enumerate-iam.py
hangs consistently after identifying the first few permissions:
... 2021-01-13 13:44:42,136 - 2152 - [INFO] Attempting common-service describe / list brute force. 2021-01-13 13:44:44,222 - 2152 - [INFO] -- sts.get_caller_identity() worked! 2021-01-13 13:44:44,530 - 2152 - [INFO] -- xray.get_sampling_statistic_summaries() worked! 2021-01-13 13:44:44,683 - 2152 - [INFO] -- xray.get_sampling_rules() worked! 2021-01-13 13:44:45,620 - 2152 - [INFO] -- dynamodb.describe_endpoints() worked! ...hangs
I've not yet traced where the code is hanging, but I wonder if this is a defense mechanism AWS has introduced to mitigate this type of permission enumeration. I've tried running on different hosts, macOS and Linux, and it always hangs after the
dynamodb.describe_endpoints() worked!
message.
facing same issue. I can confirm reducing max_attempts to 5 resolves hanging issue