WeirdAAL update – get EC2 snapshots

AA20-133A: Top 10 Routinely Exploited Vulnerabilities
May 12, 2020
双枪团伙新动向,借云服务管理数十万僵尸网络
May 23, 2020

WeirdAAL update – get EC2 snapshots

I watched a good DEF CON video on abusing public AWS Snapshots

I, of course, wanted to check this out. There are tens of thousands of public snapshots in the various regions.  The talk outlines what you can do with these and Bishop Fox released a tool to do it https://github.com/BishopFox/dufflebag. I wanted to script up a few weirdAAL modules to 1) for an AWS keypair you are testing check and see what snapshots you have available 2) for an AWS accountid list public snapshots.  Useful for bug bounty or for monitoring your org for public snapshots.  The account you are using will need at least AmazonEC2ReadOnlyAccess privileges.
Screenshot of the 2nd function below
listing snapshots for a random AWS accountid
You can git clone or git pull to get the updated code from https://github.com/carnal0wnage/weirdAAL
If you just want to do it with the AWS CLI you can use the following shell script:
News Reporter
News Reporter
Head of Operations (Banking), Director IT Governance, Teamlead Microsoft, Service Delivery Manager. Interested in Office 365, LAMP, IT Security and much more!