working version of bucket_finder.rb ruby script
Project description
Bucket Finder
From Original Author:
Copyright(c) 2011, Robin Wood robin@digininja.org
This project goes alongside my blog post "Whats In Amazon's Buckets?" http://www.digininja.org/blog/whats_in_amazons_buckets.php , read through that for more information on what is going on behind the scenes.
This is a fairly simple tool to run, all it requires is a wordlist and it will go off and check each word to see if that bucket name exists in the Amazon's S3 system. Any that it finds it will check to see if the bucket is public, private or a redirect.
Public buckets are checked for directory indexing being enabled, if it is then all files listed will be checked using HEAD to see if they are public or private. Redirects are followed and the final destination checked. All this is reported on so you can later go through and analyse what has been found.
Version
1.0 - Release 1.1 - Added logging to file 1.2 - Fixed and added support for installation via PyPi (phx)
Installation
I don't think it needs anything more than the built in modules so you shouldn't need to install any gems. Just grab the file, make it executable and run it.
I've tested it in Ruby 1.8.7 and 1.9.1 so there should be no problems with versions.
Usage
Basic usage is simple, just start it with a wordlist:
bucketfinder my_words
and it will go off and do your bidding.
You can specify which region you want to run the initial check against by using
the --region parameter:
bucketfinder --region ie my_words
The script will follow all redirects anyway so even if left at default, US Standard, everything will be found that can be found but if most of the buckets you are finding are in a different region then you'll be doing a lot of redirects so doubling your network traffic.
You can also specify the --download option to download all public files found. Be
careful with this as there are a lot of large files out there. I'd personally do
the general search then only use this option with a select subset of bucket names:
bucketfinder --download --region ie my_words
The files are downloaded into a folder with the bucket name and then the appropriate structure from the bucket.
As some people are having trouble piping the output to files or other apps I've added
a logging option to send all output to a file. To use this just use the --log-file
parameter:
bucketfinder --log-file bucket.out my_words
Licence
This project released under the following license:
Creative Commons Attribution-Share Alike 2.0 UK: England & Wales (CC BY-SA 2.0 UK)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file bucketfinder-1.2.3.tar.gz.
File metadata
- Download URL: bucketfinder-1.2.3.tar.gz
- Upload date:
- Size: 5.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | dbc670f7bcb78d39bfebbfd134f4991e658f79bd60e363f747500e2a926e2239 |
|
| MD5 | 9afdae21aa1a09ed0f131019991ea327 |
|
| BLAKE2b-256 | e604fdc8551012750e87d434171c1ba26feefe5ab8396a18d19b0391922c104b |
File details
Details for the file bucketfinder-1.2.3-py3-none-any.whl.
File metadata
- Download URL: bucketfinder-1.2.3-py3-none-any.whl
- Upload date:
- Size: 5.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.10.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 9d2b61ffb6b715d8c84d0192e8af7cd6e653755e92b95656c16dd370aa669968 |
|
| MD5 | c7d9950b45bc29b8befca92d58eb793f |
|
| BLAKE2b-256 | 347c4376115fa492b6a53ce04929fa63150f728991110aae53e62758bcfed717 |
