Comments (9)
knavesec
commented on May 28, 2024
Unfortunately I can't replicate this, this appears to work fine for me. Troubleshooting wise, I would try to use the original FireProx tool and see if you can generate an API with your credentials (https://github.com/ustayready/fireprox). If you can't create an API, then it's a credential problem of some kind outside of CredMaster. If not please let me know, I'll plan to close this issue in roughly two weeks if I haven't heard back.
from credmaster.
puzzlepeaches
commented on May 28, 2024
In fire.py, modify the file to print the error you are receiving on exception like this:
# Maybe had profile, maybe didn't
if self.access_key and self.secret_access_key:
try:
self.client = boto3.client(
'apigateway',
aws_access_key_id=self.access_key,
aws_secret_access_key=self.secret_access_key,
aws_session_token=self.session_token,
region_name=self.region
)
self.client.get_account()
self.region = self.client._client_config.region_name
# Save/overwrite config if profile specified
if self.profile_name:
if config_profile_section not in config:
config.add_section(config_profile_section)
config[config_profile_section]['region'] = self.region
with open(os.path.expanduser('~/.aws/config'), 'w') as file:
config.write(file)
if self.profile_name not in credentials:
credentials.add_section(self.profile_name)
credentials[self.profile_name]['aws_access_key_id'] = self.access_key
credentials[self.profile_name]['aws_secret_access_key'] = self.secret_access_key
if self.session_token:
credentials[self.profile_name]['aws_session_token'] = self.session_token
else:
credentials.remove_option(self.profile_name, 'aws_session_token')
with open(os.path.expanduser('~/.aws/credentials'), 'w') as file:
credentials.write(file)
return True
except Exception as a:
print(a)
return False
else:
return FalseShould give you an idea of what is going wrong here. Going to guess that your API keys are invalid or don't have the permissions to create the gateway.
from credmaster.
mbb5546
commented on May 28, 2024
Thank you for the replies, I will look into making this modification. As far as my keys, I did check my AWS account which indicated my keys were active and valid. Additionally I created a new user/group via AWS IAM in order to get a fresh set of keys which gave the same original issue. I do think it is an issue with my fire.py
from credmaster.
mbb5546
commented on May 28, 2024
Just following up here, tried making that modification to my fire.py but kept receiving an "Inconsistent use of tabs and spaces error". Going to just try and close out my aws account and start all over with a fresh account, fresh user etc etc. Really lost as to why all of a sudden my AWS keys are failing to be loaded. Ty for being responsive to this!
from credmaster.
knavesec
commented on May 28, 2024
@mbb5546 Any updates on this?
from credmaster.
mbb5546
commented on May 28, 2024
@knavesec Thanks for checking in, unfortunately not. In an attempt to just use the tool successfully I ran a spray from a fresh Kali VM environment and didn't mess with any configs so everything was stock, provided my fresh, unused IAM AWS keys and it worked fine, but only once.
Days later I attempted to perform another spray thru the same separate VM environment and got the exact same Unable to Load AWS credentials that has been troubling me. Seems like possibly an issue with my AWS keys but I haven't been able to find a solid explanation. Very weird
from credmaster.
kpomeroy1979
commented on May 28, 2024
I've had this exact issue before. The fix for me was to restart the docker
services* # service docker restart*. Also make sure you are already logged
into AWS and perhaps destroy any previous API Gateways just in case before
you begin your password spraying attempt.
Hope this helps.
…On Thu, Jun 16, 2022 at 12:15 PM Gonski ***@***.***> wrote:
@knavesec <https://github.com/knavesec> Thanks for checking in,
unfortunately not. In an attempt to just use the tool successfully I ran a
spray from a fresh Kali VM environment and didn't mess with any configs so
everything was stock, provided my fresh, unused IAM AWS keys and it worked
fine, but only once.
Days later I attempted to perform another spray thru the same separate VM
environment and got the exact same Unable to Load AWS credentials so I am
really not sure. Seems like possibly an issue with my AWS keys but I
haven't been able to find a solid explanation. Very weird
—
Reply to this email directly, view it on GitHub
<#13 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AH5LZHWYHS24VXZRDIIVPALVPNVK7ANCNFSM5SQ7LIWA>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
from credmaster.
D4rkz3rO
commented on May 28, 2024
Had a similar issue. Worked for over 5 days, had nothing changed and then unable to load AWS credentials. Made numerous new AWS IAM users with new programmatic access/secret keys and same problem. Reinstalled the tool, same issue. Some sort of limit with AWS, needs more investigation.
from credmaster.
knavesec
commented on May 28, 2024
Going to close this issue. Anyone involved please reopen if you believe the issue is with CredMaster rather than AWS/key sessions/docker/etc. Unfortunately I simply can't validate where the issue may lie
from credmaster.
Related Issues (20)
- Okta module won't run with more than one thread, won't run with zero threads
- Flawed logic in EWS results improper detection HOT 1
- Clean command can cause a `Too Many Requests` error thrown by boto3 `DeleteRestApi` HOT 1
- [Feature request] Remove found creds from future sprays
- Wiki Permissions HOT 2
- Add ability to spray user = password HOT 1
- TooManyRequestsException on thread creation HOT 1
- MSOL Plugin: Handle BlockedByConditionalAccess (AADSTS53003) HOT 1
- Fortinet Plugin : 500 internal error HOT 1
- Delay problems HOT 1
- TypeError: '>' not supported between instances of 'NoneType' and 'int' HOT 1
- [O365Enum] Users with passwordless auth return not found HOT 8
- [azuresso] error when using plugin azuresso HOT 3
- Office 365 Showing Failure for Valid Credentials
- AADSTS53003 error related to Conditional Access Policy(CAP) isn't registred as a successful spray HOT 3
- o365 plugin does not work anymore HOT 8
- [Fireprox] SSO profiles fail
- Lockout Potential: Delay Skipped For Unknown Reasons HOT 4
- ADFS module always reports success despite invalid credentials HOT 3
- Issue with AWS API Sessions Not Terminating on Keyboard Interruption HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from credmaster.