S3 bucket finder from html,js and bucket misconfiguration testing tool.
Currently this tool check five testcases
-
Object listing for Unauthenticated users
-
Object listing for Authenticated users
-
Public writable for all aws users
-
Bucket Acl public read
-
Put Bucket Policy
pip install awscli
aws configure
pip install kick-s3
git clone https://github.com/abuvanth/kicks3.git
cd kicks3
python setup.py install
kicks3.py -u http://target
this will looking for s3 buckets in html and javascript files.
kicks3.py -b bucketname
test single bucket name
kicks3.py -bl bucketnamelist.txt
kicks3.py -u http://target -l sitelist.txt
kicks3.py -u http://target -c 'cookievalues'
kicks3.py -u target.com -s 1
import kicks3
bucketurllist=kicks3.finds3('target.com')
bucketlist=kicks3.get_bucket_name(bucketurllist)
scan_result=kicks3.scan_s3(bucketlist)
for result in scan_result:
print(result)#bucketname(testname),listable_for_unauth_users(true or false),listable_auth_users(true or false),writable(true or false)
import kicks3
blist=open('s3.buckets.txt','r').readlines()
result=kicks3.scan_s3(blist)
bucketurllist=kicks3.finds3(['target.com'],sub=1,cookies='valueofyoursitescookie') #cookies for authenticated pages,
bucketlist=kicks3.get_bucket_name(bucketurllist)
scan_result=kicks3.scan_s3(bucketlist)
for result in scan_result:
print(result)#bucketname(testname),listable_for_unauth_users(true or false),listable_auth_users(true or false),writable(true or false)
Note: sub and cookies are optional parameters of finds3 function