Display a warning when * is the evil principal

NixOTrix · Feb 13, 2021 · a28e302 · a28e302
1 parent 0d624cc
commit a28e302
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 1 deletion.
diff --git a/endgame/command/smash.py b/endgame/command/smash.py
@@ -11,7 +11,7 @@
 from endgame import set_log_level
 from endgame.shared.aws_login import get_boto3_client, get_current_account_id
 from endgame.shared.validate import click_validate_supported_aws_service, click_validate_user_or_principal_arn, click_validate_comma_separated_resource_names
-from endgame.shared import utils, constants
+from endgame.shared import utils, constants, scary_warnings
 from endgame.command.list_resources import get_all_resources_for_all_services, list_resources_by_service
 from endgame.command.expose import expose_service
 from endgame.shared.response_message import ResponseMessage
@@ -102,6 +102,12 @@ def smash(service, evil_principal, profile, region, dry_run, undo, cloak, exclud
     sts_client = get_boto3_client(profile=profile, service="sts", region=region, cloak=cloak)
     current_account_id = get_current_account_id(sts_client=sts_client)
     if evil_principal.strip('"').strip("'") == "*":
+        if not scary_warnings.confirm_anonymous_principal():
+            utils.print_red("User cancelled, exiting")
+            exit()
+        else:
+            print()
+
         principal_type = "internet-wide access"
         principal_name = "*"
     else:
@@ -165,3 +171,4 @@ def smash_resource(
                                       current_account_id=current_account_id,
                                       client=client, undo=undo, dry_run=dry_run, evil_principal=evil_principal)
     return response_message
+
diff --git a/endgame/shared/scary_warnings.py b/endgame/shared/scary_warnings.py
@@ -0,0 +1,80 @@
+from endgame.shared import utils
+
+def confirm_anonymous_principal():
+    print(r""",,,,,,,,,,''',,'',,,,''''',''''',,,,,,''''''''''''''''''''''''''''''''''''''''..
+,,,,,,,,,,'',,,''',,,,,''',,,',;;,,;;:cccc;,''''''''''''''''''''''''''''''''''..
+,,,,,,,,,,',,,,,,',,,,,,,,,';cc:,',,,,;;;:cc;,''',''''''''''''''''''''''''''..''
+,,,,,,,,,,','',,',,,,,,,,,;lxd;.......'',,col:,',,''''''''''''''''''''''''''''''
+,,,,,,,,,,,,,',,,,,,,,,,;oOkoo;..........'',,:;,,,,'''''''''''''''''''''''''''''
+,,,,,,,,,,,,,,,,,,,,,,,:xKKx:::.............',,,,,,,,'''''''''''''''''''''''''''
+,,,,,,,,,,,,,,,,,,,,,,,l00k:.,c;............',',,,,,,,,,,,,,,,''''''''''''''',''
+,,,,,,,,,,,,,,,,,,,,,,:dOx:.'cl:'...........,;,,,,,,,,,,,,,,,,,,,,,'''''''''''''
+,,,,,,,,,,,,,,,,,,,;;clod;.,:c;,............';,,,,,,,,,,,,,,,,,,,,,,,,,,''''''''
+,,;;,,,,,,,,,,;;,,;;ckocl;;cc;'.............,:;;;;;,,,,,,,,,,,,,,,,,,,,,'''',,,,
+,;;,,,,,,;;;;;;;;;::dKOl;,cc,'.............',,;;;;;;;;;;;;,,,,,,,,,,,,,,,,,,,,,,
+;;;;;;;;;;;;;;;;:::o0KOx:'','............,;',;;;;;;;;;;;;;;,,,,,,,,,,,,,,,,,,,,,
+;;;;;;;;;;;;;;::::lkK0kdl;'..............';::::::::;;;;;;;;;;;,,,,,,,,,,,,,,,,,,
+;;;;;;;;;;;;;;:::cxKKOdoc,,'..............,oo:::::::::::;;;;;;;;,,,,,,,,,,,,,,,,
+;;,,;;;;;;;;::::clO0kool::lc;.............,llldxxdolc::::;;;;;;;;;;;,,;;;;;;;;;;
+,,,,,;;;;;;;:::cldOOkxkkkkOx;..';ccccc::::lodddxkkkdc::::;;;;;;;;;;;;;;;;;;;;;;;
+,,,,,,;;;;;:::coxxxxxxdllc:'.,:coooollclooc:::;,,,,,,:ccclc:;;;;;;;;;;;;;;;;;;;;
+,,,,,;;;;:::::ccc:;:::;'.....'clllllcc:;,'........';cc;:ddc:cc:;;;;;;;;;;;;;;;;;
+,,,,;;;:::cccc:''''''''......';c:,,'''..................,'..';cc:;;;;;;;;;;;;;;;
+,,;;;::::cllc:;'............''.''...'.........................,:::::::;;;;;;;;;;
+,;;;::::cddc'.''..............................................;:::cc::::::::::;;
+;;;:::ccdOl,..,,.......''....................................',';clccccccc::::::
+;:::ccclkdoxc'...............................................'..;lollllccccc::::
+ccclllokk:cxo:..',,'............................................:ooollllcccc::::
+loooddk0d:odc:lddo:,.......................''..................,odooolllcccccc::
+odddxO0xol;',col:;'...................''',okl..................cxdoooollllcccccc
+ddxxOKko:'..,'............''........::;;;cxOl.................'dxddddooollllcccc
+ddk0KKd;..,;,..............'','..'';cddllxK0d'................:kxdddddooollllccc
+xk00Oo::;.';,..............''',,'';c;lxl:lO0;.................:kkxxdddooolllcccc
+OKOko,;l;...................''',;;,,;::;;,:c'..................ckxxxdddooollcccc
+Oxxxo;,'......................''',;;;,''.''....................'okxxxdddoollcccc
+ddkOkc............................',''''...'....................;okxxdddoollcccc
+cool;...............................:dl..........................,ldxddooollcccc
+..................................,lO0x,..........................,lxddooolllccc
+c:,..............';;'..............,c;.............................;oxddooolllcc
+;'...............';,...............................................:dxxddoollllc
+....................'''.'c:.................'......................,lxxxddoollcc
+..''.................','lkl'.................'.................'....',:ldddolllc
+...'...............''..'cc'..................''..............',,,......'cddoollc
+,...................''........................'.............''''','.....cddoollc
+.................................................................',.....cddoolll
+.................................................................''''..'oxddoool
+...................................................................',,,lkxxxddoo
+..................................................................'',lxkkxxxxddd
+.........................................';:c'....................'''cxkkxxxxddd
+....................................',,'..',:'.....................,',lxxxxxxddd
+......................','''''.',,,,',;:,...'.......................,;,;oxxxddddd
+......................',,,,'''',,,,,;;;,'....':;'''................'c;;dxxxddddd
+......................',,,,,,;;,'''..',,,....'::,,,,'..............'lclxxxdddddd
+'......................',,,,,,:l:,'''.','.....','..''..............,oxxxxxxddddd
+''......................,,,,,,',;;,,,''''.......'''''..............'okkkxxxxxdxd
+'........................''',,,,,''',''...........'''.'....''''....':dkkkxxxxxxd
+'..............................'''....'............'..............''':xkkxxxxxdd
+...............................................,;,,''..............'',lxxxxxxxdd
+,''.........................'...................'',,''..........''..''cxxxxxxxdd
+,..''.........................................'..''''''...............;oxxxxxxxd
+;,'...............................................'''''....'''....'...,lxxxxxxxd
+kdl:,'.........................................''...'......','..''....'cxxxxxxxx
+do;','..........................................''...........''........;dxxxxxxx
+::::'..'....................................................'''.......'lkkkxxkkx
+:llcc,',;:,................................................''........':xOkkkkkkk
+:lxc,lc'':c;.........................................................:lokOOOOOkk
+::ld:,ll:;::,........................................................,c:lkkkkkkk
+::;lxocc:::;,,'...........................'...........................',,lxkkkkk
+;;;:dOkd;:o;,''........................................................',:dxkkkO
+,,,;cxkkc:lc:'.''''.....................................................';odxkkO
+,,,,;lkkd::oc,''........................'.................................;oodxk
+,,,,,cOOxlcdddol,..........................................................,llll
+,,,,,ckkkocc;coc,...........................................................co:;
+,,,,,cxdoxOd:okxc.......................................................... 'dl; """)
+    print("\n")
+    utils.print_red("WARNING:")
+    confirm = input("You are about to expose resources to the ENTIRE INTERNET. Are you sure you want to do that? [y/N]")
+    if confirm.lower() == 'y':
+        return True
+    else:
+        return False