404tk
diff --git a/‎README.md‎
Lines changed: 1 addition & 1 deletion b/‎README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎go.mod‎
Lines changed: 1 addition & 1 deletion b/‎go.mod‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/providers/alibaba/alibaba.go‎
Lines changed: 30 additions & 3 deletions b/‎pkg/providers/alibaba/alibaba.go‎
Lines changed: 30 additions & 3 deletions
diff --git a/‎pkg/providers/alibaba/ram/roledel.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/providers/alibaba/ram/roledel.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/providers/alibaba/ram/userdel.go‎
Lines changed: 1 addition & 1 deletion b/‎pkg/providers/alibaba/ram/userdel.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pkg/providers/alibaba/ram/users.go‎
Lines changed: 2 additions & 4 deletions b/‎pkg/providers/alibaba/ram/users.go‎
Lines changed: 2 additions & 4 deletions
diff --git a/‎pkg/providers/alibaba/rds/accounts.go‎
Lines changed: 86 additions & 0 deletions b/‎pkg/providers/alibaba/rds/accounts.go‎
Lines changed: 86 additions & 0 deletions
diff --git a/‎pkg/providers/alibaba/rds/databases.go‎
Lines changed: 39 additions & 10 deletions b/‎pkg/providers/alibaba/rds/databases.go‎
Lines changed: 39 additions & 10 deletions
diff --git a/‎pkg/providers/aws/aws.go‎
Lines changed: 3 additions & 1 deletion b/‎pkg/providers/aws/aws.go‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎pkg/providers/azure/azure.go‎
Lines changed: 3 additions & 1 deletion b/‎pkg/providers/azure/azure.go‎
Lines changed: 3 additions & 1 deletion
@@ -5,7 +5,7 @@ Cloud Penetration Testing Toolkit
 
 |          Providers          |                   Payload                   |                          Supported                           |
 | :-------------------------: | :-----------------------------------------: | :----------------------------------------------------------: |
-|        Alibaba Cloud        | cloudlist<br/>backdoor-user<br/>bucket-dump<br/>event-dump<br/>exec-command | ECS (Elastic Compute Service)<br/>OSS (Object Storage Service)<br/>RAM (Resource Access Management)<br/>RDS (Relational Database Service)<br/>SMS (Short Message Service)<br/>AliDNS |
+|        Alibaba Cloud        | cloudlist<br/>backdoor-user<br/>bucket-dump<br/>event-dump<br/>exec-command<br/>database-account | ECS (Elastic Compute Service)<br/>OSS (Object Storage Service)<br/>RAM (Resource Access Management)<br/>RDS (Relational Database Service)<br/>SMS (Short Message Service)<br/>AliDNS |
 |        Tencent Cloud        |         cloudlist<br/>backdoor-user<br/>exec-command         | CVM (Cloud Virtual Machine)<br/>Lighthouse<br/>COS (Cloud Object Storage)<br/>CAM (Cloud Access Management)<br/>CDB (Cloud DataBase)<br/>DNSPod |
 |        Huawei Cloud         |         cloudlist<br/>backdoor-user         | ECS (Elastic Cloud Server)<br/>OBS (Object Storage Service)<br/>IAM (Identity and Access Management)<br/>RDS (Relational Database Service) |
 |       Microsoft Azure       |                  cloudlist                  |              Virtual Machines<br/>Blob Storage               |
 
@@ -3,7 +3,7 @@ module github.com/404tk/cloudtoolkit
 go 1.18
 
 require (
-	github.com/404tk/table v0.0.3
+	github.com/404tk/table v0.0.4
 	github.com/Azure/azure-sdk-for-go v67.1.0+incompatible
 	github.com/Azure/go-autorest/autorest v0.11.28
 	github.com/Azure/go-autorest/autorest/azure/auth v0.5.11
 
@@ -46,7 +46,7 @@ func New(options schema.Options) (*Provider, error) {
 	cred := credentials.NewStsTokenCredential(accessKey, secretKey, token)
 
 	payload, _ := options.GetMetadata(utils.Payload)
-	if payload == "cloudlist" || payload == "sessions" {
+	if payload == "cloudlist" {
 		// Get current username
 		stsclient, err := sts.NewClientWithOptions("cn-hangzhou", sdk.NewConfig(), cred)
 		request := sts.CreateGetCallerIdentityRequest()
@@ -168,7 +168,7 @@ func (p *Provider) BucketDump(ctx context.Context, action, bucketname string) {
 	}
 }
 
-func (p *Provider) EventDump(action, sourceIp string) {
+func (p *Provider) EventDump(action, args string) {
 	d := _sas.Driver{Cred: p.cred}
 	switch action {
 	case "dump":
@@ -189,7 +189,7 @@ func (p *Provider) EventDump(action, sourceIp string) {
 			logger.Info(msg)
 		}
 	case "whitelist":
-		d.HandleEvents(sourceIp) // sourceIp here means SecurityEventIds
+		d.HandleEvents(args) // args here means SecurityEventIds
 	default:
 		logger.Error("Please set metadata like \"dump all\"")
 	}
@@ -219,3 +219,30 @@ func (p *Provider) ExecuteCloudVMCommand(instanceId, cmd string) {
 		fmt.Println(output)
 	}
 }
+
+func (p *Provider) DBManagement(action, args string) {
+	r := &_rds.Driver{Cred: p.cred, Region: p.region}
+	switch action {
+	case "useradd":
+		var region, dbname string
+		//var instance schema.Database
+		for _, db := range _rds.CacheDBList {
+			if db.InstanceId == args {
+				region = db.Region
+				dbname = db.DBNames
+				//instance = db
+				break
+			}
+		}
+		if region == "" {
+			logger.Error("Run cloudlist first")
+			return
+		}
+		r.Region = region
+		r.CreateAccount(args, dbname)
+	case "userdel":
+		r.DeleteAccount(args)
+	default:
+		logger.Error("`instanceId` is missing")
+	}
+}
@@ -19,7 +19,7 @@ func (d *Driver) DelRole() {
 		logger.Error(fmt.Sprintf("Delete role %s failed: %s", d.RoleName, err.Error()))
 		return
 	}
-	logger.Info("Done.")
+	logger.Warning(d.RoleName + " role delete completed.")
 }
 
 func detachPolicyFromRole(client *ram.Client, roleName string) error {
 
@@ -22,7 +22,7 @@ func (d *Driver) DelUser() {
 		logger.Error(fmt.Sprintf("Delete user %s failed: %s", d.UserName, err))
 		return
 	}
-	logger.Info("Done.")
+	logger.Warning(d.UserName + " user delete completed.")
 }
 
 func detachPolicyFromUser(client *ram.Client, userName string) error {
 
@@ -58,6 +58,8 @@ func (d *Driver) GetRamUser(ctx context.Context) ([]schema.User, error) {
 				UserName: user.UserName,
 				UserId:   user.UserId,
 			}
+			date, _ := time.Parse(time.RFC3339, user.CreateDate)
+			_user.CreateTime = date.String()
 
 			request := ram.CreateGetLoginProfileRequest()
 			request.Scheme = "https"
@@ -73,10 +75,6 @@ func (d *Driver) GetRamUser(ctx context.Context) ([]schema.User, error) {
 					lastLoginDate, _ := time.Parse(time.RFC3339, getUserResponse.User.LastLoginDate)
 					_user.LastLogin = lastLoginDate.String()
 				}
-				if err == nil && getUserResponse.User.CreateDate != "" {
-					date, _ := time.Parse(time.RFC3339, getUserResponse.User.CreateDate)
-					_user.CreateTime = date.String()
-				}
 			}
 
 			_user.Policies = listPoliciesForUser(client, _user.UserName)
 
@@ -0,0 +1,86 @@
+package rds
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/404tk/cloudtoolkit/utils"
+	"github.com/404tk/cloudtoolkit/utils/logger"
+	"github.com/aliyun/alibaba-cloud-sdk-go/services/rds"
+)
+
+func (d *Driver) CreateAccount(instanceId, dbname string) bool {
+	client, err := d.NewClient()
+	if err != nil {
+		logger.Error(err)
+		return false
+	}
+	account := strings.Split(utils.DBAccount, ":")
+	request := rds.CreateCreateAccountRequest()
+	request.Scheme = "https"
+	request.DBInstanceId = instanceId
+	request.AccountName = account[0]
+	request.AccountPassword = account[1]
+	request.AccountType = "Normal"
+	_, err = client.CreateAccount(request)
+	if err != nil {
+		logger.Error(err)
+		return false
+	}
+	err = grantAccountPrivilege(client, instanceId, account[0], dbname)
+	if err != nil {
+		logger.Error(err)
+		return false
+	}
+	fmt.Printf("\n%-10s\t%-10s\t%-60s\n", "Username", "Password", "Privilege")
+	fmt.Printf("%-10s\t%-10s\t%-60s\n", "--------", "--------", "---------")
+	fmt.Printf("%-10s\t%-10s\t%-60s\n\n",
+		account[0], account[1], "ReadOnly")
+	return true
+}
+
+func (d *Driver) DeleteAccount(instanceId string) {
+	client, err := d.NewClient()
+	if err != nil {
+		logger.Error(err)
+		return
+	}
+	account := strings.Split(utils.DBAccount, ":")
+	request := rds.CreateDeleteAccountRequest()
+	request.Scheme = "https"
+	request.DBInstanceId = instanceId
+	request.AccountName = account[0]
+	resp, err := client.DeleteAccount(request)
+	if err != nil {
+		logger.Error(err)
+		return
+	}
+	if resp.IsSuccess() {
+		logger.Warning(account[0] + " user delete completed.")
+	}
+}
+
+func grantAccountPrivilege(client *rds.Client, instanceId, uname, dbname string) error {
+	request := rds.CreateGrantAccountPrivilegeRequest()
+	request.Scheme = "https"
+	request.DBInstanceId = instanceId
+	request.AccountName = uname
+	request.DBName = dbname
+	request.AccountPrivilege = "ReadOnly"
+	_, err := client.GrantAccountPrivilege(request)
+	return err
+}
+
+/*
+func describeAccounts(instanceId string) {
+	request := rds.CreateDescribeAccountsRequest()
+	request.Scheme = "https"
+	request.DBInstanceId = instanceId
+	//response, err := client.DescribeAccounts(request)
+	//AccountStatus
+	//AccountDescription
+	//AccountType
+	//AccountName
+	//DatabasePrivileges
+}
+*/
@@ -3,6 +3,7 @@ package rds
 import (
 	"context"
 	"math"
+	"strings"
 
 	"github.com/404tk/cloudtoolkit/pkg/schema"
 	"github.com/404tk/cloudtoolkit/utils/logger"
@@ -17,6 +18,16 @@ type Driver struct {
 	Region string
 }
 
+var CacheDBList []schema.Database
+
+func (d *Driver) NewClient() (*rds.Client, error) {
+	region := d.Region
+	if region == "all" {
+		region = "cn-hangzhou"
+	}
+	return rds.NewClientWithOptions(region, sdk.NewConfig(), d.Cred)
+}
+
 func (d *Driver) GetDatabases(ctx context.Context) ([]schema.Database, error) {
 	list := schema.NewResources().Databases
 	select {
@@ -25,11 +36,8 @@ func (d *Driver) GetDatabases(ctx context.Context) ([]schema.Database, error) {
 	default:
 		logger.Info("Start enumerating RDS ...")
 	}
-	region := d.Region
-	if region == "all" {
-		region = "cn-hangzhou"
-	}
-	client, err := rds.NewClientWithOptions(region, sdk.NewConfig(), d.Cred)
+	defer func() { CacheDBList = list }()
+	client, err := d.NewClient()
 	if err != nil {
 		return list, err
 	}
@@ -46,15 +54,17 @@ func (d *Driver) GetDatabases(ctx context.Context) ([]schema.Database, error) {
 		pageCount := int(math.Ceil(float64(response.TotalRecordCount) / 100))
 		for _, dbInstance := range response.Items.DBInstance {
 			_db := schema.Database{
-				DBInstanceId:  dbInstance.DBInstanceId,
+				InstanceId:    dbInstance.DBInstanceId,
 				Engine:        dbInstance.Engine,
 				EngineVersion: dbInstance.EngineVersion,
 				Region:        dbInstance.RegionId,
+				Address:       dbInstance.ConnectionString,
+				NetworkType:   dbInstance.InstanceNetworkType,
 			}
-			if dbInstance.DBInstanceNetType == "Internet" {
-				_db.Address = dbInstance.ConnectionString
-			}
-
+			// if dbInstance.DBInstanceNetType == "Internet" {
+			// _db.Address = dbInstance.ConnectionString
+			// }
+			_db.DBNames = describeDatabases(client, dbInstance.DBInstanceId)
 			list = append(list, _db)
 		}
 		if page == pageCount || pageCount == 0 {
@@ -70,3 +80,22 @@ func (d *Driver) GetDatabases(ctx context.Context) ([]schema.Database, error) {
 	}
 	return list, nil
 }
+
+func describeDatabases(client *rds.Client, instanceId string) string {
+	request := rds.CreateDescribeDatabasesRequest()
+	request.Scheme = "https"
+	request.DBInstanceId = instanceId
+	request.PageSize = requests.NewInteger(30)
+	request.PageNumber = requests.NewInteger(1)
+	request.DBStatus = "Running"
+	response, err := client.DescribeDatabases(request)
+	if err != nil {
+		logger.Error(err)
+		return ""
+	}
+	dbs := []string{}
+	for _, db := range response.Databases.Database {
+		dbs = append(dbs, db.DBName)
+	}
+	return strings.Join(dbs, ",")
+}
@@ -55,7 +55,7 @@ func New(options schema.Options) (*Provider, error) {
 	}
 
 	payload, _ := options.GetMetadata(utils.Payload)
-	if payload == "cloudlist" || payload == "sessions" {
+	if payload == "cloudlist" {
 		// Get current username
 		stsclient := sts.New(session)
 		resp, err := stsclient.GetCallerIdentity(&sts.GetCallerIdentityInput{})
@@ -156,3 +156,5 @@ func (p *Provider) BucketDump(ctx context.Context, action, bucketname string) {
 func (p *Provider) EventDump(action, sourceIp string) {}
 
 func (p *Provider) ExecuteCloudVMCommand(instanceId, cmd string) {}
+
+func (p *Provider) DBManagement(action, args string) {}
@@ -56,7 +56,7 @@ func New(options schema.Options) (*Provider, error) {
 		}
 		for _, v := range resp.Values() {
 			payload, _ := options.GetMetadata(utils.Payload)
-			if payload == "cloudlist" || payload == "sessions" {
+			if payload == "cloudlist" {
 				logger.Warning(fmt.Sprintf("Found Subscription: %s(%s)", *v.DisplayName, *v.SubscriptionID))
 				cache.Cfg.CredInsert(*v.DisplayName, options)
 			}
@@ -117,3 +117,5 @@ func (p *Provider) BucketDump(ctx context.Context, action, bucketname string) {
 func (p *Provider) EventDump(action, sourceIp string) {}
 
 func (p *Provider) ExecuteCloudVMCommand(instanceId, cmd string) {}
+
+func (p *Provider) DBManagement(action, args string) {}
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ func (d *Driver) DelRole() {`
`19`	`19`	`logger.Error(fmt.Sprintf("Delete role %s failed: %s", d.RoleName, err.Error()))`
`20`	`20`	`return`
`21`	`21`	`}`
`22`		`- logger.Info("Done.")`
	`22`	`+ logger.Warning(d.RoleName + " role delete completed.")`
`23`	`23`	`}`
`24`	`24`
`25`	`25`	`func detachPolicyFromRole(client *ram.Client, roleName string) error {`
Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,7 @@ func (d *Driver) DelUser() {`
`22`	`22`	`logger.Error(fmt.Sprintf("Delete user %s failed: %s", d.UserName, err))`
`23`	`23`	`return`
`24`	`24`	`}`
`25`		`- logger.Info("Done.")`
	`25`	`+ logger.Warning(d.UserName + " user delete completed.")`
`26`	`26`	`}`
`27`	`27`
`28`	`28`	`func detachPolicyFromUser(client *ram.Client, userName string) error {`
Original file line number	Diff line number	Diff line change
`@@ -58,6 +58,8 @@ func (d *Driver) GetRamUser(ctx context.Context) ([]schema.User, error) {`
`58`	`58`	`UserName: user.UserName,`
`59`	`59`	`UserId: user.UserId,`
`60`	`60`	`}`
	`61`	`+ date, _ := time.Parse(time.RFC3339, user.CreateDate)`
	`62`	`+ _user.CreateTime = date.String()`
`61`	`63`
`62`	`64`	`request := ram.CreateGetLoginProfileRequest()`
`63`	`65`	`request.Scheme = "https"`
`@@ -73,10 +75,6 @@ func (d *Driver) GetRamUser(ctx context.Context) ([]schema.User, error) {`
`73`	`75`	`lastLoginDate, _ := time.Parse(time.RFC3339, getUserResponse.User.LastLoginDate)`
`74`	`76`	`_user.LastLogin = lastLoginDate.String()`
`75`	`77`	`}`
`76`		`- if err == nil && getUserResponse.User.CreateDate != "" {`
`77`		`- date, _ := time.Parse(time.RFC3339, getUserResponse.User.CreateDate)`
`78`		`- _user.CreateTime = date.String()`
`79`		`- }`
`80`	`78`	`}`
`81`	`79`
`82`	`80`	`_user.Policies = listPoliciesForUser(client, _user.UserName)`
Original file line number	Diff line number	Diff line change
`@@ -56,7 +56,7 @@ func New(options schema.Options) (*Provider, error) {`
`56`	`56`	`}`
`57`	`57`	`for _, v := range resp.Values() {`
`58`	`58`	`payload, _ := options.GetMetadata(utils.Payload)`
`59`		`- if payload == "cloudlist" \|\| payload == "sessions" {`
	`59`	`+ if payload == "cloudlist" {`
`60`	`60`	`logger.Warning(fmt.Sprintf("Found Subscription: %s(%s)", v.DisplayName, v.SubscriptionID))`
`61`	`61`	`cache.Cfg.CredInsert(*v.DisplayName, options)`
`62`	`62`	`}`
`@@ -117,3 +117,5 @@ func (p *Provider) BucketDump(ctx context.Context, action, bucketname string) {`
`117`	`117`	`func (p *Provider) EventDump(action, sourceIp string) {}`
`118`	`118`
`119`	`119`	`func (p *Provider) ExecuteCloudVMCommand(instanceId, cmd string) {}`
	`120`	`+`
	`121`	`+func (p *Provider) DBManagement(action, args string) {}`