Created
April 10, 2013 10:51
-
-
Save securitytube/5353620 to your computer and use it in GitHub Desktop.
CheckS3.py - Prints all the files with public-read enabled.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # Author - Vivek Ramachandran | |
| # | |
| # Website - http://securitytube.net | |
| # | |
| # Python for Hackers: http://securitytube-training.com/online-courses/securitytube-python-scripting-expert/ | |
| # | |
| # License: Use as you please for non-commercial purposes. | |
| # | |
| from boto.s3.connection import S3Connection | |
| import sys | |
| new_connection = S3Connection(ACCESS_KEY, SECRET_KEY) | |
| print "[+] Connecting to bucket %s " %sys.argv[1] | |
| bucket = new_connection.get_bucket(sys.argv[1]) | |
| print "[+] Checking permissions on all keys " | |
| print "-------------- List of Public Keys ----------------------\n\n" | |
| for key in bucket.list() : | |
| for grant in key.get_acl().acl.grants : | |
| if grant.permission == 'READ' : | |
| print "PUBLIC: " +str(key) | |
| print "\n\n--------------------------------------------------------" | |
| print "[+] Completed " | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment