Quantcast
Channel: KitPloit - PenTest Tools!
Viewing all articles
Browse latest Browse all 5816

Aws_Public_Ips - Fetch All Public IP Addresses Tied To Your AWS Account

$
0
0

aws_public_ips is a tool to fetch all public IP addresses (both IPv4/IPv6) associated with an AWS account.
It can be used as a library and as a CLI, and supports the following AWS services (all with both Classic & VPC flavors):
  • APIGateway
  • CloudFront
  • EC2 (and as a result: ECS, EKS, Beanstalk, Fargate, Batch, & NAT Instances)
  • ElasticSearch
  • ELB (Classic ELB)
  • ELBv2 (ALB/NLB)
  • Lightsail
  • RDS
  • Redshift

If a service isn't listed (S3, ElastiCache, etc) it's most likely because it doesn't have anything to support (i.e. it might not be deployable publicly, it might have all ip addresses resolve to global AWS infrastructure, etc).

Quick start
Install the gem and run it:
$ gem install aws_public_ips

# Uses default ~/.aws/credentials
$ aws_public_ips
52.84.11.13
52.84.11.83
2600:9000:2039:ba00:1a:cd27:1440:93a1
2600:9000:2039:6e00:1a:cd27:1440:93a1

# With a custom profile
$ AWS_PROFILE=production aws_public_ips
52.84.11.159

CLI reference
$ aws_public_ips --help
Usage: aws_public_ips [options]
-s, --services <s1>,<s2>,<s3> List of AWS services to check. Available services: apigateway,cloudfront,ec2,elasticsearch,elb,elbv2,lightsail,rds,redshift. Defaults to all.
-f, --format <format> Set output format. Available formats: json,prettyjson,text. Defaults to text.
-v, --[no-]verbose Enable debug/trace output
--version Print version
-h, --help Show this help message

Configuration
For authentication aws_public_ips uses the default aws-sdk-ruby configuration, meaning that the following are checked in order:
  1. Environment variables:
  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_REGION
  • AWS_PROFILE
  1. Shared credentials files:
  • ~/.aws/credentials
  • ~/.aws/config
  1. Instance profile via metadata endpoint (if running on EC2, ECS, EKS, or Fargate)
For more information see the AWS SDK documentation on configuration.

IAM permissions
To find the public IPs from all AWS services, the minimal policy needed by your IAM user is:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"apigateway:GET",
"cloudfront:ListDistributions",
"ec2:DescribeInstances",
"elasticloadbalancing:DescribeLoadBalancers",
"lightsail:GetInstances",
"lightsail:GetLoadBalancers",
"rds:DescribeDBInstances",
"redshift:DescribeClusters"
],
"Resource": "*"
}
]
}

Contact
Feel free to tweet or direct message: @arkadiyt



Viewing all articles
Browse latest Browse all 5816

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>