def print_container_response(reply):
"""
Parses the HTTP reply of a brute-force attempt
This function is passed into the class object so we can view results
in real-time.
"""
# Stop brute forcing disabled accounts
if 'The specified account is disabled' in reply.reason:
return 'breakout'
# Stop brute forcing accounts without permission
if 'not authorized to perform this operation' in reply.reason:
return 'breakout'
# Handle other responses
if reply.status_code == 404:
pass
elif reply.status_code == 200:
utils.printc(" OPEN AZURE CONTAINER: {}\n".format(reply.url),
'green')
elif 'One of the request inputs is out of range' in reply.reason:
pass
else:
print(" Unknown status codes being received:\n"
" {}: {}".format(reply.status_code, reply.reason))
def print_vm_response(hostname):
"""
This function is passed into the DNS brute force as a callback,
so we can get real-time results.
"""
utils.printc(
" Registered Azure Virtual Machine DNS Name: {}\n".format(hostname),
'green')
def print_bucket_response(reply):
"""
Parses the HTTP reply of a brute-force attempt
This function is passed into the class object so we can view results
in real-time.
"""
if reply.status_code == 404:
pass
elif reply.status_code == 200:
utils.printc(" OPEN GOOGLE BUCKET: {}\n"
.format(reply.url), 'green')
elif reply.status_code == 403:
utils.printc(" Protected Google Bucket: {}\n"
.format(reply.url), 'orange')
else: print(" Unknown status codes being received:\n"
" {}: {}"
.format(reply.status_code, reply.reason))
def print_s3_response(reply):
"""
Parses the HTTP reply of a brute-force attempt
This function is passed into the class object so we can view results
in real-time.
"""
if reply.status_code == 404:
pass
elif reply.status_code == 200:
utils.printc(" OPEN S3 BUCKET: {}\n"
.format(reply.url), 'green')
elif reply.status_code == 403:
utils.printc(" Protected S3 Bucket: {}\n"
.format(reply.url), 'orange')
elif 'Slow Down' in reply.reason:
print("[!] You've been rate limited, exiting.")
sys.exit()
else: print(" Unknown status codes being received:\n"
" {}: {}"
.format(reply.status_code, reply.reason))
def print_account_response(reply):
"""
Parses the HTTP reply of a brute-force attempt
This function is passed into the class object so we can view results
in real-time.
"""
if reply.status_code == 404:
pass
elif 'The specified account is disabled' in reply.reason:
utils.printc(" Disabled Storage Account: {}\n".format(reply.url),
'red')
elif 'Value for one of the query' in reply.reason:
utils.printc(" HTTP-OK Storage Account: {}\n".format(reply.url),
'orange')
elif 'The account being accessed' in reply.reason:
utils.printc(" HTTPS-Only Storage Account: {}\n".format(reply.url),
'orange')
else:
print(" Unknown status codes being received:\n"
" {}: {}".format(reply.status_code, reply.reason))