awspx
awspx copied to clipboard
WithSecureLabs
AssumeRole Check leads to "KeyError: ARN"
Hi,
I am assessing an AWS account with the following command sudo awspx ingest --services IAM
INFO Searching for attack (03/21): AssumeRole (iteration: 1 of max: 5)
DEBUG [REDACTED]
DEBUG Added: (arn:aws:iam::<ID>:root)-->(arn:aws:iam::<ID>:role/CompanyAccountAccessRole)
╭─────────────────────────────── Traceback (most recent call last) ────────────────────────────────╮
│ /opt/awspx/cli.py:398 in main │
│ │
│ 395 │ │ console.start() │
│ 396 │ │
│ 397 │ try: │
│ ❱ 398 │ │ args.func(args) │
│ 399 │ │
│ 400 │ except (KeyboardInterrupt, SystemExit): │
│ 401 │ │ console.stop() │
│ │
│ /opt/awspx/cli.py:157 in handle_ingest │
│ │
│ 154 │ handle_db(args, console=console.item("Creating Database")) │
│ 155 │ │
│ 156 │ if not (args.skip_attacks_all or args.skip_actions_all): │
│ ❱ 157 │ │ handle_attacks(args, console=console.item("Updating Attack paths")) │
│ 158 │
│ 159 │
│ 160 def handle_attacks(args, console=console): │
│ │
│ /opt/awspx/cli.py:172 in handle_attacks │
│ │
│ 169 │ │ │ │ │ │ │ │ │ │ else ""), │
│ 170 │ │ │ │ │ console=console) │
│ 171 │ │
│ ❱ 172 │ attacks.compute(max_iterations=args.max_attack_iterations) │
│ 173 │
│ 174 │
│ 175 def handle_db(args, console=console): │
│ │
│ /opt/awspx/lib/aws/attacks.py:1285 in compute │
│ │
│ 1282 │ │ │ results = db.run(self.queries[pattern]) │
│ 1283 │ │ │ │
│ 1284 │ │ │ for r in results: │
│ ❱ 1285 │ │ │ │ self.console.debug(f"Added: ({r['source']['Arn']})-->" │
│ 1286 │ │ │ │ │ │ │ │ f"({r['grant']['Arn']})") │
│ 1287 │ │ │ │
│ 1288 │ │ │ self.stats.append({ │
╰──────────────────────────────────────────────────────────────────────────────────────────────────╯
KeyError: 'Arn'
If I skip the check AssumeRole with --skip-checks AssumeRole awspx is running without errors.
Any idea how I could further debug this?
╭─────────────────────────────── Traceback (most recent call last) ────────────────────────────────╮
│ /opt/awspx/cli.py:398 in main │
│ │
│ 395 │ │ console.start() │
│ 396 │ │
│ 397 │ try: │
│ ❱ 398 │ │ args.func(args) │
│ 399 │ │
│ 400 │ except (KeyboardInterrupt, SystemExit): │
│ 401 │ │ console.stop() │
│ │
│ /opt/awspx/cli.py:172 in handle_attacks │
│ │
│ 169 │ │ │ │ │ │ │ │ │ │ else ""), │
│ 170 │ │ │ │ │ console=console) │
│ 171 │ │
│ ❱ 172 │ attacks.compute(max_iterations=args.max_attack_iterations) │
│ 173 │
│ 174 │
│ 175 def handle_db(args, console=console): │
│ │
│ /opt/awspx/lib/aws/attacks.py:1285 in compute │
│ │
│ 1282 │ │ │ results = db.run(self.queries[pattern]) │
│ 1283 │ │ │ │
│ 1284 │ │ │ for r in results: │
│ ❱ 1285 │ │ │ │ self.console.debug(f"Added: ({r['source']['Arn']})-->" │
│ 1286 │ │ │ │ │ │ │ │ f"({r['grant']['Arn']})") │
│ 1287 │ │ │ │
│ 1288 │ │ │ self.stats.append({ │
╰──────────────────────────────────────────────────────────────────────────────────────────────────╯
KeyError: 'Arn'
Running into the same issue.
@hmussana you can patch that one so it keeps going (attaching yourself to the container running awspx). After patching it, I got more results afterwards. However, not sure if I'm just silencing the root cause of the problem.
self.console.debug(f"Added: ({r['source'].get('Arn')})-->"
f"({r['grant'].get('Arn')})")
