moisestapia / hackswlabs Goto Github PK

View Code? Open in Web Editor NEW

2.0 2.0 2.0 328 KB

Deploy your VM Kali Linux in AWS you need AWS account subscription or free tier

Home Page: https://github.com/MoisesTapia

Python 97.64% Dockerfile 2.36%

hacking-tool hacking-tools python3 pentesting-tools pentesting aws aws-ec2 aws-s3 hacking-code python-script

hackswlabs's Introduction

ıllıllı hAcksWlbaS ıllıllı

Deploy your kali linux machine in aws

Tools and packages do you need

awscli
boto3
argparse
art

python3 pip3 -r install requeriments.txt

Help

SSH KEYS example

How to use

After installing boto3

Next, set up credentials (in e.g. ~/.aws/credentials):

[default]
aws_access_key_id = YOUR_KEY
aws_secret_access_key = YOUR_SECRET

Then, set up a default region (in e.g. ~/.aws/config):

[default]
region=us-east-1

➜  hAckWsLabS git:(main) ✗ python3 hackslabs.py -h      
usage: hackslabs [-h] [-l {aws,gcp,azure}] [-z SIZE] [-mx MAXVM] [-mn MINVM]
                 [-k KEYS] [--stop STOP] [-s START] [-t TERMINATE]
                 [-in GETINFO] [-kg SSHKEYGEN] [-ds AWSDESCRIBE] [-v]

Example

python3 hackslabs.py -l aws -z t2.micro -mx 1 -mn 1 -k KaliLinux

Commands to use this script

short	large	help
-z	--awstype	type of the instance
-mx	--maxvm	Max number of VM
-mn	--minvm	Min number
-k	--keypair	SSH Keys Pairs in AWS
-l	--launch	Launch instance
	--stop	Stop instances
-s	--start	Start instances
-t	--terminate	Terminate instances
-in	--getinfo	all information of vm
-v	--version	get version of script
-ds	--describe	get info of sshkeys
-ds	--intances-types	get info instances and types

Amazon EC2 Instance Types

Instance	vCPU*	CPU Credits / hour	Mem GiB	Storage	Network Performance
t2.nano	1	3	0.5	EBS-Only	Low
t2.micro	1	6	1	EBS-Only	Low to Moderate
t2.small	1	12	2	EBS-Only	Low to Moderate
t2.medium	2	24	4	EBS-Only	Low to Moderate
t2.large	2	36	8	EBS-Only	Low to Moderate
t2.xlarge	4	54	16	EBS-Only	Moderate
t2.2xlarge	8	81	32	EBS-Only	Moderate

Use docker to deploy this tool

docker build -t hackslabs:0.1.0 .

Run the docker container

docker run -d -ti --name hackslabs <image_id>

verify that container is running

docker ps

Execute commands inside of container

docker exec -ti <conatiner_name> /bin/bash

hackswlabs's People

Contributors

Stargazers

Watchers

Forkers

sts0mrg0 jrsk23

hackswlabs's Issues

CVE-2021-33503 (High) detected in urllib3-1.26.4-py2.py3-none-any.whl

CVE-2021-33503 - High Severity Vulnerability

Vulnerable Library - urllib3-1.26.4-py2.py3-none-any.whl

HTTP library with thread-safe connection pooling, file post, and more.

Library home page: https://files.pythonhosted.org/packages/09/c6/d3e3abe5b4f4f16cf0dfc9240ab7ce10c2baa0e268989a4e3ec19e90c84e/urllib3-1.26.4-py2.py3-none-any.whl

Path to dependency file: /requirements.txt

Path to vulnerable library: /requirements.txt

Dependency Hierarchy:

boto3-1.17.25-py2.py3-none-any.whl (Root Library)
- botocore-1.20.27-py2.py3-none-any.whl
  - ❌ urllib3-1.26.4-py2.py3-none-any.whl (Vulnerable Library)

Found in base branch: main

Vulnerability Details

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.

Publish Date: 2021-06-29

URL: CVE-2021-33503

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-q2q7-5pp4-w6pg

Release Date: 2021-06-29

Fix Resolution: urllib3 - 1.26.5

Step up your Open Source Security Game with Mend here

CVE-2020-25658 (Medium) detected in rsa-4.5-py2.py3-none-any.whl

CVE-2020-25658 - Medium Severity Vulnerability

Vulnerable Library - rsa-4.5-py2.py3-none-any.whl

Pure-Python RSA implementation

Library home page: https://files.pythonhosted.org/packages/26/f8/8127fdda0294f044121d20aac7785feb810e159098447967a6103dedfb96/rsa-4.5-py2.py3-none-any.whl