Merge pull request #912 from nccgroup/develop

release/5.11.0

Author: alessandrogonzalez

.github/PULL_REQUEST_TEMPLATE.md

@@ -2,6 +2,8 @@
 
 **Make sure the PR is against the `develop` branch (see [Contributing](https://github.com/nccgroup/ScoutSuite/blob/master/CONTRIBUTING.md)).**
 
+**Make sure to set the corresponding milestone in the PR.**
+
 Please include a summary of the change(s) and which issue(s) it addresses. Please also include relevant motivation and context.
 
 Fixes # (issue)

.gitignore

@@ -53,6 +53,7 @@ report-*
 
 # PyCharm
 .idea/
+*.iml
 
 # Vs Code
 .vscode/
@@ -69,4 +70,7 @@ report-*
 /private*/
 /**/private*/
 
+#Profiling output
+*.prof
+
 !docker/bin

ScoutSuite/__init__.py

@@ -1,5 +1,5 @@
 __author__ = 'NCC Group'
-__version__ = '5.10.2'
+__version__ = '5.11.0'
 
 ERRORS_LIST = []
 

ScoutSuite/__main__.py

@@ -273,11 +273,14 @@ async def _run(provider,
         if update:
             try:
                 print_info('Updating existing data')
-                current_run_services = copy.deepcopy(cloud_provider.services)
+                #Load previous results
                 last_run_dict = report.encoder.load_from_file('RESULTS')
-                cloud_provider.services = last_run_dict['services']
-                for service in cloud_provider.service_list:
-                    cloud_provider.services[service] = current_run_services[service]
+                #Get list of previous services which were not updated during this run
+                previous_services = [prev_service for prev_service in last_run_dict['service_list'] if prev_service not in cloud_provider.service_list]
+                #Add previous services
+                for service in previous_services:
+                    cloud_provider.service_list.append(service)
+                    cloud_provider.services[service] = last_run_dict['services'][service]
             except Exception as e:
                 print_exception('Failure while updating report: {}'.format(e))
 

ScoutSuite/core/cli_parser.py

@@ -5,7 +5,7 @@
 class ScoutSuiteArgumentParser:
 
     def __init__(self):
-        self.parser = argparse.ArgumentParser()
+        self.parser = argparse.ArgumentParser(epilog='To get addtional help on a specific provider run: scout.py {provider} -h')
 
         # People will still be able to use the old --provider syntax
         self.parser.add_argument("--provider",

ScoutSuite/core/conditions.py

@@ -181,6 +181,18 @@ def pass_condition(b, test, a):
             if re.match(c, b):
                 result = True
                 break
+    elif test == 'matchInList':
+        if type(a) != list:
+            a = [a]
+        if type(b) !=list:
+            b = [b]
+        for c in a:
+            for d in b:
+                if re.match(c, d):
+                    result = True
+                    break
+            if result:
+                break
     elif test == 'notMatch':
         result = (not pass_condition(b, 'match', a))
 
@@ -277,6 +289,19 @@ def pass_condition(b, test, a):
             if c == a or re.match(r'arn:aws:iam:.*?:%s:.*' % a, c):
                 result = True
                 break
+    elif test == 'isAccountRoot':
+        result = False
+        if type(b) != list:
+            b = [b]
+        for c in b:
+            if type(c) == dict and 'AWS' in c:
+                c = c['AWS']
+                if type(c) != list:
+                    c = [c]
+                for i in c:
+                    if i == a or re.match(r'arn:aws:iam:.*?:%s:root' % a, i):
+                        result = True
+                        break
 
     # Unknown test case
     else: