aws_metadata_enumeration.sh · by dunkirk.sh

dunkirk.sh / aws_metadata_enumeration.sh

tiny bash script to go through every endpoint on an aws metadata server

aws_metadata_enumeration.sh 3mo ago

45 lines 1.2 kB view raw

 1#!/bin/bash
 2
 3# Usage: ./aws_enumerate_metadata.sh host:port
 4
 5if [ $# -ne 1 ]; then
 6    echo "Usage: $0 host:port"
 7    exit 1
 8fi
 9
10HOSTPORT="$1"
11BASE_URL="http://${HOSTPORT}/latest"
12
13# Recursively enumerate endpoints
14enumerate() {
15    local path="$1"
16    local url="${BASE_URL}${path}"
17    local result
18    result=$(curl -s "$url")
19
20    # If the result contains lines ending with '/', it's a directory
21    if [[ "$result" == *"/"* ]]; then
22        # For each line ending with '/', recurse
23        while IFS= read -r line; do
24            if [[ "$line" == */ ]]; then
25                enumerate "${path}/${line%/}"
26            else
27                # Print the URL and its output for files
28                value=$(curl -s "${url}/${line}")
29                echo "${url}/${line} $value"
30            fi
31        done <<< "$(echo "$result")"
32    else
33        # Print the URL and its output for leaf nodes
34        echo "$url $result"
35    fi
36}
37
38# Get top-level categories (e.g., meta-data, user-data, dynamic)
39top_level=$(curl -s "${BASE_URL}/" | grep -E '^[a-zA-Z0-9._-]+/?$')
40
41for category in $top_level; do
42    # Remove trailing slash if present
43    category="${category%/}"
44    enumerate "/${category}"
45done