@@ -23,8 +23,12 @@ def print_account_response(reply):
2323 This function is passed into the class object so we can view results
2424 in real-time.
2525 """
26+ #
2627 if reply .status_code == 404 :
2728 pass
29+ elif 'The specified account is disabled' in reply .reason :
30+ utils .printc (" Disabled Storage Account: {}\n "
31+ .format (reply .url ), 'red' )
2832 elif 'Value for one of the query' in reply .reason :
2933 utils .printc (" HTTP-OK Storage Account: {}\n "
3034 .format (reply .url ), 'orange' )
@@ -35,7 +39,7 @@ def print_account_response(reply):
3539 " {}: {}"
3640 .format (reply .status_code , reply .reason ))
3741
38- def check_storage_accounts (names , threads ):
42+ def check_storage_accounts (names , threads , nameserver ):
3943 """
4044 Checks storage account names
4145 """
@@ -59,7 +63,7 @@ def check_storage_accounts(names, threads):
5963 candidates .append ('{}.{}' .format (name , BLOB_URL ))
6064
6165 # Azure Storage Accounts use DNS sub-domains. First, see which are valid.
62- valid_names = utils .fast_dns_lookup (candidates )
66+ valid_names = utils .fast_dns_lookup (candidates , nameserver )
6367
6468 # Send the valid names to the batch HTTP processor
6569 utils .get_url_batch (valid_names , use_ssl = False ,
@@ -78,11 +82,20 @@ def print_container_response(reply):
7882 This function is passed into the class object so we can view results
7983 in real-time.
8084 """
81- if reply .status_code == 200 :
85+ # Stop brute forcing disabled accounts
86+ if 'The specified account is disabled' in reply .reason :
87+ return 'breakout'
88+
89+ # Stop brute forcing accounts without permission
90+ if 'not authorized to perform this operation' in reply .reason :
91+ return 'breakout'
92+
93+ # Handle other responses
94+ if reply .status_code == 404 :
95+ pass
96+ elif reply .status_code == 200 :
8297 utils .printc (" OPEN AZURE CONTAINER: {}\n "
8398 .format (reply .url ), 'green' )
84- elif reply .status_code == 404 :
85- pass
8699 elif 'One of the request inputs is out of range' in reply .reason :
87100 pass
88101 else : print (" Unknown status codes being received:\n "
@@ -131,7 +144,7 @@ def print_website_response(hostname):
131144 utils .printc (" Registered Azure Website DNS Name: {}\n "
132145 .format (hostname ), 'green' )
133146
134- def check_azure_websites (names ):
147+ def check_azure_websites (names , nameserver ):
135148 """
136149 Checks for Azure Websites (PaaS)
137150 """
@@ -144,22 +157,20 @@ def check_azure_websites(names):
144157 candidates = [name + '.' + WEBAPP_URL for name in names ]
145158
146159 # Azure Websites use DNS sub-domains. If it resolves, it is registered.
147- valid_names = utils .fast_dns_lookup (candidates ,
148- callback = print_website_response )
160+ utils .fast_dns_lookup (candidates , nameserver ,
161+ callback = print_website_response )
149162
150163 # Stop the timer
151164 utils .stop_timer (start_time )
152165
153- return valid_names
154-
155- def run_all (names , brute_list , threads ):
166+ def run_all (names , brute_list , threads , nameserver ):
156167 """
157168 Function is called by main program
158169 """
159170 print (BANNER )
160171
161- valid_accounts = check_storage_accounts (names , threads )
172+ valid_accounts = check_storage_accounts (names , threads , nameserver )
162173 if valid_accounts :
163174 brute_force_containers (valid_accounts , brute_list , threads )
164175
165- check_azure_websites (names )
176+ check_azure_websites (names , nameserver )
0 commit comments