This Bash script allows you to interact with AWS Identity and Access Management (IAM) and EC2 services to check AWS credentials and permissions related to EC2 instances. It provides the following functionalities:
- Use AWS Credentials: Set up your AWS credentials using
aws configure
. - Check EC2 Permission: Determine whether you have permission to create EC2 instances.
- List Roles for EC2 Instances: View a list of IAM roles associated with EC2 instances.
- List Attached Policies: Retrieve attached IAM policies for a specified IAM role.
Before using this script, make sure you have the following prerequisites installed:
- AWS CLI : Ensure you have the AWS Command Line Interface installed and configured with your AWS credentials.
- jq : This script utilizes
jq
to parse JSON output from AWS CLI commands. Please install it before running the script. Install jq on gitbashcurl -L -o /usr/bin/jq.exe https://github.com/stedolan/jq/releases/latest/download/jq-win64.exe
To use the script, follow these steps:
- Clone this repository to your local machine:
- Navigate to the script's directory:
- Make the script executable:
- Run the script:
git clone https://github.com/im-hanzou/awskey-iam-privescheck.git
cd awskey-iam-privescheck
chmod +x awskey-privesc.sh
./awskey-privesc.sh
Here is the reference and the next steps for exploitation.
This script interacts with AWS services, and improper use can result in unintended consequences. Use it responsibly, and ensure that your AWS credentials have appropriate permissions for the actions you perform.