日韩无码专区无码一级三级片|91人人爱网站中日韩无码电影|厨房大战丰满熟妇|AV高清无码在线免费观看|另类AV日韩少妇熟女|中文日本大黄一级黄色片|色情在线视频免费|亚洲成人特黄a片|黄片wwwav色图欧美|欧亚乱色一区二区三区

RELATEED CONSULTING
相關(guān)咨詢
選擇下列產(chǎn)品馬上在線溝通
服務(wù)時(shí)間:8:30-17:00
你可能遇到了下面的問(wèn)題
關(guān)閉右側(cè)工具欄

新聞中心

這里有您想知道的互聯(lián)網(wǎng)營(yíng)銷解決方案
如何使用Ghostbuster消除Elastic懸空IP

關(guān)于幽靈破壞者

Ghostbuster是一款功能強(qiáng)大的Elastic安全審計(jì)工具,該工具可以通過(guò)對(duì)目標(biāo)AWS賬號(hào)中的資源進(jìn)行分析,從而消除Elastic懸空IP。

高臺(tái)ssl適用于網(wǎng)站、小程序/APP、API接口等需要進(jìn)行數(shù)據(jù)傳輸應(yīng)用場(chǎng)景,ssl證書(shū)未來(lái)市場(chǎng)廣闊!成為創(chuàng)新互聯(lián)的ssl證書(shū)銷售渠道,可以享受市場(chǎng)價(jià)格4-6折優(yōu)惠!如果有意向歡迎電話聯(lián)系或者加微信:18980820575(備注:SSL證書(shū)合作)期待與您的合作!

Ghostbuster可以幫助廣大研究人員獲取目標(biāo)AWS賬號(hào)(Route53)中所有的DNS記錄,并能夠選擇通過(guò)CSV輸入或Cloudflare來(lái)接收搜索到的記錄。

收集到這些記錄和數(shù)據(jù)之后,捉鬼敢死隊(duì)將會(huì)遍歷所有AWS Elastic IP和網(wǎng)絡(luò)接口公共IP,并收集這些數(shù)據(jù)。

在拿到所有DNS記錄(來(lái)自route53、文件輸入或cloudflare)的完整信息,以及目標(biāo)組織擁有的AWS IP的完整信息之后,該工具將能夠檢測(cè)出指向懸空Elastic IP(已失效)的子域名了。

功能介紹

  • 動(dòng)態(tài)枚舉".aws/config"中的每一個(gè)AWS賬號(hào);
  • 從AWS Route53中提取記錄;
  • 從Cloudflare中提取記錄(可選);
  • 從CSV輸入中提取記錄(可選);
  • 遍歷所有區(qū)域、單個(gè)區(qū)域或以逗號(hào)分隔的區(qū)域列表;
  • 獲取與所有AWS帳戶關(guān)聯(lián)的所有Elastic IP;
  • 獲取與所有AWS帳戶關(guān)聯(lián)的所有公共IP;
  • 交叉檢查DNS記錄,以及組織擁有的IP,以檢測(cè)潛在的接管風(fēng)險(xiǎn);
  • Slack Webhook支持發(fā)送接管通知;

工具下載&安裝

該工具基于Python開(kāi)發(fā),因此我們首先需要在本地設(shè)備上安裝并配置好Python 3.x環(huán)境。

捉鬼敢死隊(duì)的下載和安裝都非常簡(jiǎn)單,廣大研究人員可以使用下列命令將該項(xiàng)目源碼克隆至本地:

git clone https://github.com/assetnote/ghostbuster.git

或者直接使用下列命令進(jìn)行安裝:

pip install ghostbuster

然后通過(guò)"捉鬼敢死隊(duì)"命令來(lái)使用Ghostbuster即可。

工具使用

 ghostbuster scan aws --help                                                                                                                                                                     

Usage: ghostbuster scan aws [OPTIONS]

 

  Scan for dangling elastic IPs inside your AWS accounts.

 

Options:

  --profile TEXT           指定Ghostbuster需要掃描的AWS賬號(hào)信息

 

  --skipascii              Ghostbuster啟動(dòng)之后,不打印ASCII字符

 

  --slackwebhook TEXT    指定一個(gè)Slack Webhook URL以發(fā)送潛在接管的通知信息 

 

  --records PATH          手動(dòng)指定要檢查的DNS記錄。Ghostbuster將在檢查檢索到的DNS記錄后檢查這些IP

 

  --cloudflaretoken TEXT   從Cloudflare中提取DNS記錄,需提供CF API令牌

 

  --allregions              掃描全范圍

  --exclude TEXT          要排除的配置文件名稱列表,用逗號(hào)分隔

  --regions TEXT           要掃描的區(qū)域列表,用逗號(hào)分隔

  --help                  顯示幫助信息和退出

配置Cloudflare

配置AWS賬號(hào)

.aws/credentials:

[default]

aws_access_key_id = AKIAIII...

aws_secret_access_key = faAaAaA...

.aws/config:

[default]

output = table

region = us-east-1

 

[profile account-one]

role_arn = arn:aws:iam::911111111113:role/Ec2Route53Access

source_profile = default

region = us-east-1

 

[profile account-two]

role_arn = arn:aws:iam::911111111112:role/Ec2Route53Access

source_profile = default

region = us-east-1

 

[profile account-three]

region = us-east-1

role_arn = arn:aws:iam::911111111111:role/Ec2Route53Access

source_profile = default

工具使用樣例

運(yùn)行Ghostbuster,提供Cloudflare DNS記錄的訪問(wèn)令牌,向Slack Webhook發(fā)送通知,遍歷的所有AWS區(qū)域中".aws/config or .aws/credentials"內(nèi)配置的每一個(gè)AWS賬號(hào):

 ghostbuster scan aws --cloudflaretoken APIKEY --slackwebhook https://hooks.slack.com/services/KEY --allregions

使用手動(dòng)輸入的子域名A記錄列表(具體可參考records.csv格式)運(yùn)行Ghostbuster:

 ghostbuster scan aws --records records.csv

工具輸出樣例

 ghostbuster scan aws --cloudflaretoken whougonnacall

Obtaining all zone names from Cloudflare.

Obtaining DNS A records for all zones from Cloudflare.

Obtained 33 DNS A records so far.

Obtaining Route53 hosted zones for AWS profile: default.

Obtaining Route53 hosted zones for AWS profile: account-five.

Obtaining Route53 hosted zones for AWS profile: account-four.

Obtaining Route53 hosted zones for AWS profile: account-four-deploy.

Obtaining Route53 hosted zones for AWS profile: account-two-deploy.

Obtaining Route53 hosted zones for AWS profile: account-one-deploy.

Obtaining Route53 hosted zones for AWS profile: account-three-deploy.

Obtaining Route53 hosted zones for AWS profile: account-six.

Obtaining Route53 hosted zones for AWS profile: account-seven.

Obtaining Route53 hosted zones for AWS profile: account-one.

Obtained 124 DNS A records so far.

Obtaining EIPs for region: us-east-1, profile: default

Obtaining IPs for network interfaces for region: us-east-1, profile: default

Obtaining EIPs for region: us-east-1, profile: account-five

Obtaining IPs for network interfaces for region: us-east-1, profile: account-five

Obtaining EIPs for region: us-east-1, profile: account-four

Obtaining IPs for network interfaces for region: us-east-1, profile: account-four

Obtaining EIPs for region: us-east-1, profile: account-four-deploy

Obtaining IPs for network interfaces for region: us-east-1, profile: account-four-deploy

Obtaining EIPs for region: us-east-1, profile: account-two-deploy

Obtaining IPs for network interfaces for region: us-east-1, profile: account-two-deploy

Obtaining EIPs for region: us-east-1, profile: account-one-deploy

Obtaining IPs for network interfaces for region: us-east-1, profile: account-one-deploy

Obtaining EIPs for region: us-east-1, profile: account-three-deploy

Obtaining IPs for network interfaces for region: us-east-1, profile: account-three-deploy

Obtaining EIPs for region: us-east-1, profile: account-six

Obtaining IPs for network interfaces for region: us-east-1, profile: account-six

Obtaining EIPs for region: us-east-1, profile: account-seven

Obtaining IPs for network interfaces for region: us-east-1, profile: account-seven

Obtaining EIPs for region: us-east-1, profile: account-one

Obtaining IPs for network interfaces for region: us-east-1, profile: account-one

Obtained 415 unique elastic IPs from AWS.

 

 

Takeover possible: {'name': 'takeover.assetnotecloud.com', 'records': ['52.54.24.193']}

許可證協(xié)議

本項(xiàng)目的開(kāi)發(fā)與發(fā)布遵循??AGPL-3.0??開(kāi)源許可證協(xié)議。

項(xiàng)目地址

捉鬼敢死隊(duì):【??GitHub傳送門??】


當(dāng)前名稱:如何使用Ghostbuster消除Elastic懸空IP
當(dāng)前鏈接:http://www.5511xx.com/article/cdhcscc.html