onsdag den 26. august 2020

CloudFrunt - A Tool For Identifying Misconfigured CloudFront Domains


CloudFrunt is a tool for identifying misconfigured CloudFront domains.

Background
CloudFront is a Content Delivery Network (CDN) provided by Amazon Web Services (AWS). CloudFront users create "distributions" that serve content from specific sources (an S3 bucket, for example).
Each CloudFront distribution has a unique endpoint for users to point their DNS records to (ex. d111111abcdef8.cloudfront.net). All of the domains using a specific distribution need to be listed in the "Alternate Domain Names (CNAMEs)" field in the options for that distribution.
When a CloudFront endpoint receives a request, it does NOT automatically serve content from the corresponding distribution. Instead, CloudFront uses the HOST header of the request to determine which distribution to use. This means two things:

  1. If the HOST header does not match an entry in the "Alternate Domain Names (CNAMEs)" field of the intended distribution, the request will fail.
  2. Any other distribution that contains the specific domain in the HOST header will receive the request and respond to it normally.
This is what allows the domains to be hijacked. There are many cases where a CloudFront user fails to list all the necessary domains that might be received in the HOST header. For example:
  • The domain "test.disloops.com" is a CNAME record that points to "disloops.com".
  • The "disloops.com" domain is set up to use a CloudFront distribution.
  • Because "test.disloops.com" was not added to the "Alternate Domain Names (CNAMEs)" field for the distribution, requests to "test.disloops.com" will fail.
  • Another user can create a CloudFront distribution and add "test.disloops.com" to the "Alternate Domain Names (CNAMEs)" field to hijack the domain.
This means that the unique endpoint that CloudFront binds to a single distribution is effectively meaningless. A request to one specific CloudFront subdomain is not limited to the distribution it is associated with.

Installation
$ pip install boto3
$ pip install netaddr
$ pip install dnspython
$ git clone https://github.com/disloops/cloudfrunt.git
$ cd cloudfrunt
$ git clone https://github.com/darkoperator/dnsrecon.git
CloudFrunt expects the dnsrecon script to be cloned into a subdirectory called dnsrecon.

Usage
cloudfrunt.py [-h] [-l TARGET_FILE] [-d DOMAINS] [-o ORIGIN] [-i ORIGIN_ID] [-s] [-N]

-h, --help                      Show this message and exit
-s, --save                      Save the results to results.txt
-N, --no-dns                    Do not use dnsrecon to expand scope
-l, --target-file TARGET_FILE   File containing a list of domains (one per line)
-d, --domains DOMAINS           Comma-separated list of domains to scan
-o, --origin ORIGIN             Add vulnerable domains to new distributions with this origin
-i, --origin-id ORIGIN_ID       The origin ID to use with new distributions

Example
$ python cloudfrunt.py -o cloudfrunt.com.s3-website-us-east-1.amazonaws.com -i S3-cloudfrunt -l list.txt

 CloudFrunt v1.0.3

 [+] Enumerating DNS entries for google.com
 [-] No issues found for google.com

 [+] Enumerating DNS entries for disloops.com
 [+] Found CloudFront domain --> cdn.disloops.com
 [+] Found CloudFront domain --> test.disloops.com
 [-] Potentially misconfigured CloudFront domains:
 [#] --> test.disloops.com
 [+] Created new CloudFront distribution EXBC12DE3F45G
 [+] Added test.disloops.com to CloudFront distribution EXBC12DE3F45G


More info

  1. Hack Tools Download
  2. Hacking Tools For Games
  3. Pentest Tools Apk
  4. Hacker
  5. Pentest Tools Github
  6. Underground Hacker Sites
  7. Pentest Reporting Tools
  8. Hack Tools For Mac
  9. Hack Apps
  10. Black Hat Hacker Tools
  11. New Hack Tools
  12. Hack Tools For Mac
  13. Hack Tools 2019
  14. Best Hacking Tools 2019
  15. Hacker Tools Apk
  16. Game Hacking
  17. Kik Hack Tools
  18. Wifi Hacker Tools For Windows
  19. Pentest Tools Open Source
  20. Pentest Tools Url Fuzzer
  21. Hacker Techniques Tools And Incident Handling
  22. Hack Tool Apk No Root
  23. Hack Tools For Mac
  24. Hacking Tools Windows 10
  25. Hacking Tools 2019
  26. Hacker Tool Kit
  27. Hacking Tools For Windows 7
  28. Pentest Tools For Windows
  29. Hacking Tools Mac
  30. Hacker
  31. Bluetooth Hacking Tools Kali
  32. Pentest Tools List
  33. Pentest Tools Tcp Port Scanner
  34. Hacking Tools For Mac
  35. How To Hack
  36. Hacking Tools Software
  37. Hacker Techniques Tools And Incident Handling
  38. Hacker Tools Free Download
  39. Game Hacking
  40. Hack Tools
  41. Android Hack Tools Github
  42. Nsa Hack Tools
  43. Kik Hack Tools
  44. Game Hacking
  45. Pentest Tools Android
  46. Pentest Tools Subdomain
  47. Beginner Hacker Tools
  48. What Are Hacking Tools
  49. World No 1 Hacker Software
  50. Tools Used For Hacking
  51. Usb Pentest Tools
  52. Growth Hacker Tools
  53. Usb Pentest Tools
  54. Growth Hacker Tools
  55. Hack Tools Pc
  56. Hacker
  57. Hack Tools For Windows
  58. Game Hacking
  59. Hacking Apps
  60. Underground Hacker Sites
  61. Hacker Tools Github
  62. Hacker Tools For Windows
  63. Pentest Tools Windows
  64. Pentest Tools
  65. Hacker Tools List
  66. Hacker Tools Online
  67. Pentest Tools Bluekeep
  68. Hacking Tools Hardware
  69. Ethical Hacker Tools
  70. Pentest Recon Tools
  71. Hacking Tools Usb
  72. Wifi Hacker Tools For Windows
  73. Hacking Tools For Windows
  74. Hak5 Tools
  75. Nsa Hack Tools
  76. New Hacker Tools
  77. Hackrf Tools
  78. Hack Tools Github
  79. Hack Tools For Games
  80. Hacker Hardware Tools
  81. Github Hacking Tools
  82. Hacker Tools Apk
  83. Hack Tools For Pc
  84. Hacker Hardware Tools
  85. Hack Tools For Games
  86. Pentest Tools Subdomain
  87. Hacking Tools For Mac
  88. Hack Tools For Mac
  89. Hacking Tools For Mac
  90. Physical Pentest Tools
  91. Bluetooth Hacking Tools Kali
  92. Hacking Tools Mac
  93. Pentest Tools Windows
  94. Physical Pentest Tools
  95. Hack Apps
  96. Nsa Hack Tools
  97. Hack Tools
  98. Pentest Tools Open Source
  99. Pentest Tools Port Scanner
  100. Pentest Tools For Android
  101. Hacking Tools Online
  102. How To Hack
  103. Pentest Tools Tcp Port Scanner
  104. Hacking Tools Online
  105. Pentest Tools Url Fuzzer
  106. Pentest Tools Github
  107. How To Install Pentest Tools In Ubuntu
  108. Pentest Tools Website
  109. Hack Tools Github
  110. Hacking Tools For Pc
  111. Hacker Techniques Tools And Incident Handling
  112. What Are Hacking Tools
  113. Hack Tools 2019
  114. Hacking Tools 2019
  115. Pentest Tools Free
  116. Pentest Tools For Windows
  117. Hacking Tools Software
  118. Hacking Tools Download
Indsendt af kl.

Ingen kommentarer:

Send en kommentar

Abonner på: Kommentarer til indlægget (Atom)