Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Opinel fails to assign token code and serial number when changing roles on AWS. #33

Open
r8tor opened this issue Dec 21, 2018 · 0 comments
Open

Opinel fails to assign token code and serial number when changing roles on AWS. #33

r8tor opened this issue Dec 21, 2018 · 0 comments
Labels
bug

Comments

@r8tor
Copy link

r8tor commented Dec 21, 2018

The file opinel/opinel/utils/credentials.py line 77, 78 and 79 is not looking for the correct variable to load the token code and serial number to be passed to the assumeRole Function.

This result in ScoutSuite failing to scan AWS environments when assume role and MFA are required.

The current code looks like this:
if 'mfa_serial' in credentials and 'mfa_code' in credentials: sts_args['TokenCode'] = credentials['mfa_code'] sts_args['SerialNumber'] = credentials['mfa_serial']

The correct code and solution for this problem(which I tested and found to be working properly)is to replace the code above with the following:
if 'TokenCode' in credentials and 'TokenCode' in credentials: sts_args['TokenCode'] = credentials['TokenCode'] sts_args['SerialNumber'] = credentials['TokenCode']
@x4v13r64 x4v13r64 added the bug label Dec 21, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@x4v13r64 @r8tor