dafthack · June 2, 2023 16:42
diff --git a/AzPublicStorageEnum.ps1 b/AzPublicStorageEnum.ps1
 function Invoke-AzPublicStorageEnum{


 # First create a list of storage accounts and containers from ScoutSuite results

 # tail scoutsuite_results*.js -n +2 | jq -r '.services.storageaccounts.subscriptions[].storage_accounts[] | .blob_containers_count,.name,.blob_containers[].id' > /root/Desktop/storage-array.txt

 [string[]]$arrayFromFile = Get-Content -Path '.\storage-array.txt'
 $FullList = @()
 $PossiblePublicContainers = @()
 $defpublic = @()

 # $linenumber = [array]::IndexOf($arrayFromFile, $line)
 $linenumber = 0
    ForEach($line in $arrayFromFile){
    
        If ($arrayFromFile[$linenumber] -In 1..10000){
            
            # Get the name of the storage account we are testing
            $storageaccount = $arrayFromFile[$linenumber + 1]
            #Write-Output ("Currently checking storage account " + $storageaccount)
            
            
            # Get the total number of containers
            $containertotal = $arrayFromFile[$linenumber]
            #Write-Output ("Container total = " + $containertotal)
            
            # Create a range of line numbers associated with container lines
            $containerstart = $linenumber + 2
            $containerend = $containerstart + $containertotal - 1
            #Write-Output ("Container lines are starting at " + $containerstart + " and ending at " + $containerend)

            Write-Output ("[*] Storage Account: " + $storageaccount)
            # For each line in the list of container lines
            foreach($i in $containerstart..$containerend)
            {
            
            Write-Output ("[**] Container: " + $arrayFromFile[$i])
            
            $FullList += "http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
            $FullList += "https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
                
                Write-Host -NoNewline "[***] Checking HTTP: "
                try
                {
 	                $request = Invoke-WebRequest -Uri ("http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list")
                    if ($request.StatusCode -like 200){
                        Write-Host -ForegroundColor green "Public access enabled!"
                        Write-Output ("[****] Public Storage Container URL: " + "http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list")
                        Write-Host $request.RawContent
                        $defpublic += "http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
                    }
                }
                catch
                {
 	                $Failure = $_.Exception.Response
                    if ($Failure.StatusDescription -match "specified resource does not exist")
                    {
                        
                        Write-Host -ForegroundColor yellow "Public access may be enabled but resource does not exist."
                        $PossiblePublicContainers += "http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
                    }
                    else
                    {
                        Write-Host -ForegroundColor red $Failure.StatusDescription
                    }

                }

                Write-Host -NoNewline "[***] Checking HTTPS: "
                try
                {
 	                $request = Invoke-WebRequest -Uri ("https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list")
                    if ($request.StatusCode -like 200){
                        Write-Host -ForegroundColor green "Public access enabled!"
                        Write-Output ("[****] Public Storage Container URL: " + "https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list")
                        Write-Host $request.RawContent
                        $defpublic += "https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
                    }
                }
                catch
                {
                    $Failure = $_.Exception.Response
                    if ($Failure.StatusDescription -match "specified resource does not exist")
                    {
                        Write-Host -ForegroundColor yellow "Public access may be enabled but resource does not exist."
                        $PossiblePublicContainers += "https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
                    }
                    else
                    {
                        Write-Host -ForegroundColor red $Failure.StatusDescription 
                    }
                }
            $linenumber++
            }
         $linenumber++
        }
    $linenumber++
    }
 $FullList | Out-File -Encoding ascii "full-storage-account.txt"
 $defpublic | Out-File -Encoding ascii "public-containers.txt"
 $PossiblePublicContainers | Out-File -Encoding ascii "possible-public-containers.txt"
 Write-Output "----- Public Azure Storage Accounts -----"
 $defpublic
 }
	function Invoke-AzPublicStorageEnum{


	# First create a list of storage accounts and containers from ScoutSuite results

	# tail scoutsuite_results*.js -n +2 \| jq -r '.services.storageaccounts.subscriptions[].storage_accounts[] \| .blob_containers_count,.name,.blob_containers[].id' > /root/Desktop/storage-array.txt

	[string[]]$arrayFromFile = Get-Content -Path '.\storage-array.txt'
	$FullList = @()
	$PossiblePublicContainers = @()
	$defpublic = @()

	# $linenumber = [array]::IndexOf($arrayFromFile, $line)
	$linenumber = 0
	ForEach($line in $arrayFromFile){

	If ($arrayFromFile[$linenumber] -In 1..10000){

	# Get the name of the storage account we are testing
	$storageaccount = $arrayFromFile[$linenumber + 1]
	#Write-Output ("Currently checking storage account " + $storageaccount)


	# Get the total number of containers
	$containertotal = $arrayFromFile[$linenumber]
	#Write-Output ("Container total = " + $containertotal)

	# Create a range of line numbers associated with container lines
	$containerstart = $linenumber + 2
	$containerend = $containerstart + $containertotal - 1
	#Write-Output ("Container lines are starting at " + $containerstart + " and ending at " + $containerend)

	Write-Output ("[*] Storage Account: " + $storageaccount)
	# For each line in the list of container lines
	foreach($i in $containerstart..$containerend)
	{

	Write-Output ("[**] Container: " + $arrayFromFile[$i])

	$FullList += "http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
	$FullList += "https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"

	Write-Host -NoNewline "[***] Checking HTTP: "
	try
	{
	$request = Invoke-WebRequest -Uri ("http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list")
	if ($request.StatusCode -like 200){
	Write-Host -ForegroundColor green "Public access enabled!"
	Write-Output ("[****] Public Storage Container URL: " + "http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list")
	Write-Host $request.RawContent
	$defpublic += "http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
	}
	}
	catch
	{
	$Failure = $_.Exception.Response
	if ($Failure.StatusDescription -match "specified resource does not exist")
	{

	Write-Host -ForegroundColor yellow "Public access may be enabled but resource does not exist."
	$PossiblePublicContainers += "http://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
	}
	else
	{
	Write-Host -ForegroundColor red $Failure.StatusDescription
	}

	}

	Write-Host -NoNewline "[***] Checking HTTPS: "
	try
	{
	$request = Invoke-WebRequest -Uri ("https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list")
	if ($request.StatusCode -like 200){
	Write-Host -ForegroundColor green "Public access enabled!"
	Write-Output ("[****] Public Storage Container URL: " + "https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list")
	Write-Host $request.RawContent
	$defpublic += "https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
	}
	}
	catch
	{
	$Failure = $_.Exception.Response
	if ($Failure.StatusDescription -match "specified resource does not exist")
	{
	Write-Host -ForegroundColor yellow "Public access may be enabled but resource does not exist."
	$PossiblePublicContainers += "https://" + $storageaccount + ".blob.core.windows.net/" + $arrayFromFile[$i] + "?restype=container&comp=list"
	}
	else
	{
	Write-Host -ForegroundColor red $Failure.StatusDescription
	}
	}
	$linenumber++
	}
	$linenumber++
	}
	$linenumber++
	}
	$FullList \| Out-File -Encoding ascii "full-storage-account.txt"
	$defpublic \| Out-File -Encoding ascii "public-containers.txt"
	$PossiblePublicContainers \| Out-File -Encoding ascii "possible-public-containers.txt"
	Write-Output "----- Public Azure Storage Accounts -----"
	$defpublic
	}