Barq is a post-exploitation framework specifically created for carrying out attacks on a live AWS infrastructure. It streamlines the process of launching attacks on active EC2 instances without the need for the original instance SSH key pairs. Furthermore, Barq empowers users to systematically list and extract stored secrets and parameters within the AWS environment.
Prerequisites
An existing AWS account access key id and secret (Token tooin some cases)
Python 2 or 3 (compatible with both). To run the msfvenom payloads, ensure that msfvenom is available on your workstation with the PATH set up correctly.
Installing
Main Features
· Attacking EC2 instances without knowing key pairs or connection profiles/passwords.
· Dumping EC2 secrets and parameters.
· Enumerating EC2 instances and security groups.
· Launching Metasploit and Empire payloads againstEC2 instances.
· Training mode for testing attacks and feature swith out impacting a running production environment.
· Tab-completed commands in a menu-based navigation system.
· Dumping EC2 instance metadata details.
· Using EC2 keys or tokens (e.g., acquired from compromised instances or leaked source code).
· Printing listening commands for msfconsole in CLI mode for easy copy-pasting.
TODO
1. Create a plugin-based class system for menus in the framework
2. Add a feature to exclude attacker-defined IP sand ports from security groups.
3. Add persistence functionality.
4. Launch attacks against Lambda, S3 and RDS.
5. Export hostnames, IPs and ports in an nmap-ready format for scanning.
6. Integrate fully with Metasploit and Empire RESTAPIs.
Demonstration of the output
