CredMaster icon indicating copy to clipboard operation
CredMaster copied to clipboard
verified publisher icon knavesec

[Fireprox] SSO profiles fail

Open TheToddLuci0 opened this issue 2 years ago • 0 comments 

──(venv)─(kali㉿kali)-[~/git/CredMaster]
└─$ aws sso login --profile redteam-pwr
Attempting to automatically open the SSO authorization page in your default browser.
If the browser does not open or you wish to use a different device to authorize this request, open the following URL:

https://device.sso.us-east-1.amazonaws.com/

Then enter the code:

XXXX-XXXX
Successfully logged into Start URL: https://XXXXXXXX.awsapps.com/start#
                                                                                                                                                                                                                                            
┌──(venv)─(kali㉿kali)-[~/git/CredMaster]
└─$ python3 credmaster.py --profile redteam-pwr --clean                                                                                                            
[2023-10-17 14:59:24.325] Clearing APIs for all regions
Error, inputs cause error.
Unable to load AWS credentials

Looks like the issue is here: https://github.com/knavesec/CredMaster/blob/2d8092d7fae6cc9bdfba47957f2153a3c50d2c98/utils/fire.py#L75-L98

The code assumes that you have a hard-coded cred somewhere, which isn't the case if you're using SSO profiles.

TheToddLuci0 avatar Oct 17 '23 15:10 TheToddLuci0