-
Notifications
You must be signed in to change notification settings - Fork 26
/
s3-public-scanner.sh
31 lines (26 loc) · 1016 Bytes
/
s3-public-scanner.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#!/bin/bash
print_help() {
echo "This is a tool that enumerates S3 buckets and returns the ones which are public. The public ones will be stored to buckets.txt"
echo "Usage: $0 [AWS_PROFILE_NAME]"
}
while getopts "h?:" opt; do
case "$opt" in
h|\?)
print_help
exit 0
;;
esac
done
echo "-------------------------------"
echo "S3 Public Scanner is a tool that enumerates S3 Buckets in an AWS account to see if any are public."
echo "If they are public, it will be echoed to the screen in green writing as well as saved to 'buckets.txt' for manual enumeration."
echo "Enjoy! -Tyler Ramsbey"
echo "-------------------------------"
for BUCKET in $(aws s3api list-buckets --query "Buckets[].Name" --output text); do
if aws s3api get-bucket-acl --bucket $BUCKET | grep -q "URI=\"http\|URI=\"https";
then echo -e "\033[32mBucket $BUCKET is public\033[0m";
echo "$BUCKET" >> buckets.txt;
else
echo -e "\033[31mBucket $BUCKET is not public\033[0m";
fi;
done