fixup env file handling

libs/aws/brute.py

@@ -292,9 +292,9 @@ def brute_alexaforbusiness_permissions():
     tests = [('CreateAddressBook', 'create_address_book', (), {'Name': 'Test'}, ), ]
     return generic_permission_bruteforcer('alexaforbusiness', tests)
 
-'''
-https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/amplify.html
-'''
+
+# https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/amplify.html
+
 
 
 def brute_apigateway_permissions():
@@ -1156,8 +1156,8 @@ def brute_kinesis_permissions():
 # http://boto3.readthedocs.io/en/latest/reference/services/kinesis-video-archived-media.html
 # NO functions to call without data
 
-# http://boto3.readthedocs.io/en/latest/reference/services/kinesis-video-media.html
-# NO functions to call without data
+#  http://boto3.readthedocs.io/en/latest/reference/services/kinesis-video-media.html
+#  NO functions to call without data
 
 # https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/kinesis-video-signaling.html
 
@@ -1343,8 +1343,8 @@ def brute_mediastore_data_permissions():
 # https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/mediatailor.html
 
 
-# http://boto3.readthedocs.io/en/latest/reference/services/meteringmarketplace.html
-# NO functions to call without arguements
+#  http://boto3.readthedocs.io/en/latest/reference/services/meteringmarketplace.html
+#  NO functions to call without arguements
 
 
 def brute_mgh_permissions():

libs/aws/cloudtrail.py

@@ -17,9 +17,22 @@
 '''
 Code to get the AWS_ACCESS_KEY_ID from boto3
 '''
-session = boto3.Session()
-credentials = session.get_credentials()
-AWS_ACCESS_KEY_ID = credentials.access_key
+try:
+    session = boto3.Session()
+    credentials = session.get_credentials()
+    AWS_ACCESS_KEY_ID = credentials.access_key
+
+#  Little hack to gracefully handle messed up .env/.aws credentials file as this is the first 
+#  library that is loaded
+except AttributeError as e:
+    #print(e)
+    print("[-] WeirdAAL had an eror loading the .env file [-]")
+    print("[-] Make sure .env file exists OR you have at least one entry in .env [-]")
+    sys.exit(1)
+except botocore.exceptions.ConfigParseError as e:
+    print("[-] {} [-]".format(e))
+    print("[-] Make sure you dont have duplicate entries in your .env file [-]")
+    sys.exit(1)
 
 
 def describe_trails():

weirdAAL.py

@@ -10,6 +10,7 @@
 import argparse
 import os
 from botocore.exceptions import ClientError
+from botocore.exceptions import ConfigParseError
 from modules import *
 import sys
 import builtins
@@ -20,7 +21,12 @@
 # Let a user set .aws/credentials or another file as the credentials source
 # If user-defined, must be an absolute path
 if 'AWS_SHARED_CREDENTIALS_FILE' not in os.environ:
-    os.environ['AWS_SHARED_CREDENTIALS_FILE'] = '.env'
+    try:
+        #  print("loading .env into our ENV")
+        os.environ['AWS_SHARED_CREDENTIALS_FILE'] = '.env'
+    except Exception as e:
+        print("Error: {}".format(e))
+        sys.exit("fix your credentials file -exiting...")
 
 # If you want to use a transparent + supports SSL proxy you can put it here
 # os.environ['HTTPS_PROXY'] = 'https://127.0.0.1:3128'
@@ -52,12 +58,13 @@ def perform_credential_check():
     try:
         client = boto3.client("sts")
         account_id = client.get_caller_identity()["Account"]
-    except botocore.exceptions.NoCredentialsError as e:
+    except (botocore.exceptions.NoCredentialsError) as e:
         print("Error: Unable to locate credentials")
         sys.exit("fix your credentials file -exiting...")
     except ClientError as e:
-        print("The AWS Access Keys are not valid/active")
+        print("[X] The AWS Access Keys are not valid/active [X]")
         sys.exit(1)
+
 
 def method_create():
     try:
@@ -135,7 +142,7 @@ def print_the_list():
 try:
     perform_credential_check()
 except:
-    print("Check the above error message and fix to use weirdAAL")
+    print("[-] Check the above error message and fix to use weirdAAL [-]")
     sys.exit(1)