From 5db3b7ac77835601f92e25c92c3287dce3c61dee Mon Sep 17 00:00:00 2001
From: Netscylla <github@netscylla.com>
Date: Wed, 20 Jun 2018 10:41:47 +0100
Subject: [PATCH] Update aws_escalate.py

Added an option to accept an aws profile for the boto3 connection.
---
 tools/aws-pentest-tools/aws_escalate.py | 37 +++++++++++++++----------
 1 file changed, 22 insertions(+), 15 deletions(-)

diff --git a/tools/aws-pentest-tools/aws_escalate.py b/tools/aws-pentest-tools/aws_escalate.py
index 1c52f98..c64e2e9 100644
--- a/tools/aws-pentest-tools/aws_escalate.py
+++ b/tools/aws-pentest-tools/aws_escalate.py
@@ -7,24 +7,30 @@ def main(args):
     access_key_id = args.access_key_id
     secret_access_key = args.secret_key
     session_token = args.session_token
+    profile = args.profile
 
-    if args.access_key_id is None or args.secret_key is None:
-        print('IAM keys not passed in as arguments, enter them below:')
-        access_key_id = input('  Access Key ID: ')
-        secret_access_key = input('  Secret Access Key: ')
-        session_token = input('  Session Token (Leave blank if none): ')
-        if session_token.strip() == '':
-            session_token = None
-
+    if args.profile is None:
+        if args.access_key_id is None or args.secret_key is None:
+            print('IAM keys not passed in as arguments, enter them below:')
+            access_key_id = input('  Access Key ID: ')
+            secret_access_key = input('  Secret Access Key: ')
+            session_token = input('  Session Token (Leave blank if none): ')
+            if session_token.strip() == '':
+                session_token = None
+    else:
+        aws_session_token = boto3.session.Session(profile_name=profile)
     # Begin permissions enumeration
     current_user = None
     users = []
-    client = boto3.client(
-        'iam',
-        aws_access_key_id=access_key_id,
-        aws_secret_access_key=secret_access_key,
-        aws_session_token=session_token
-    )
+    if aws_session_token is None:
+        client = boto3.client(
+            'iam',
+            aws_access_key_id=access_key_id,
+            aws_secret_access_key=secret_access_key,
+            aws_session_token=session_token
+        )
+    else:
+        client = aws_session_token.client('iam')
     if args.all_users is True:
         response = client.list_users()
         for user in response['Users']:
@@ -528,6 +534,7 @@ def parse_document(document, user):
     parser.add_argument('--access-key-id', required=False, default=None, help='The AWS access key ID to use for authentication.')
     parser.add_argument('--secret-key', required=False, default=None, help='The AWS secret access key to use for authentication.')
     parser.add_argument('--session-token', required=False, default=None, help='The AWS session token to use for authentication, if there is one.')
+    parser.add_argument('--profile', required=False, default=None, help='The AWS profile to use for authentication, if there is one.')
 
     args = parser.parse_args()
-    main(args)
\ No newline at end of file
+    main(args)