enumerate-iam icon indicating copy to clipboard operation
enumerate-iam copied to clipboard

Published 20 hours ago verified publisher icon andresriancho

just hangs on random check

Open presianbg opened this issue 3 years ago • 5 comments

Hi,

Thanks for the wonderful tool.

Maybe I'm doing something wrong, because it "hangs" on random checks every time. I tried to wait, but after an hour there is nothing - no errors, no timeouts.

I already tried to use DEBUG flag, but it does not saying much.

Yes I updated the check definitions with :

cd enumerate_iam/
git clone https://github.com/aws/aws-sdk-js.git
python generate_bruteforce_tests.py
rm -rf aws-sdk-js

Kind regards, PY

presianbg avatar Nov 07 '20 07:11 presianbg

I too am having a similar problem. Running enumerate-iam.py hangs consistently after identifying the first few permissions:

...
2021-01-13 13:44:42,136 - 2152 - [INFO] Attempting common-service describe / list brute force.
2021-01-13 13:44:44,222 - 2152 - [INFO] -- sts.get_caller_identity() worked!
2021-01-13 13:44:44,530 - 2152 - [INFO] -- xray.get_sampling_statistic_summaries() worked!
2021-01-13 13:44:44,683 - 2152 - [INFO] -- xray.get_sampling_rules() worked!
2021-01-13 13:44:45,620 - 2152 - [INFO] -- dynamodb.describe_endpoints() worked!
...hangs

I've not yet traced where the code is hanging, but I wonder if this is a defense mechanism AWS has introduced to mitigate this type of permission enumeration. I've tried running on different hosts, macOS and Linux, and it always hangs after the dynamodb.describe_endpoints() worked! message.

joswr1ght avatar Jan 13 '21 13:01 joswr1ght

I also have this issue, even after decreasing the max connections.

bensh avatar Sep 13 '21 15:09 bensh

Same thing here

eschultze avatar Oct 19 '21 14:10 eschultze

I think reducing max_attempts to 5 for example in main.py should fix the hanging issue:

retries={'max_attempts': 10}

enumerate-iam.py hangs consistently after identifying the first few permissions:

...
2021-01-13 13:44:42,136 - 2152 - [INFO] Attempting common-service describe / list brute force.
2021-01-13 13:44:44,222 - 2152 - [INFO] -- sts.get_caller_identity() worked!
2021-01-13 13:44:44,530 - 2152 - [INFO] -- xray.get_sampling_statistic_summaries() worked!
2021-01-13 13:44:44,683 - 2152 - [INFO] -- xray.get_sampling_rules() worked!
2021-01-13 13:44:45,620 - 2152 - [INFO] -- dynamodb.describe_endpoints() worked!
...hangs

I've not yet traced where the code is hanging, but I wonder if this is a defense mechanism AWS has introduced to mitigate this type of permission enumeration. I've tried running on different hosts, macOS and Linux, and it always hangs after the dynamodb.describe_endpoints() worked! message.

yassineaboukir avatar Mar 26 '22 15:03 yassineaboukir

facing same issue. I can confirm reducing max_attempts to 5 resolves hanging issue

pswalia2u avatar Oct 16 '22 21:10 pswalia2u