Merge pull request #75 from BishopFox/seth-dev

Version 1.13.2 - 2 bug fixes on new functionality in 1.13.1

aws/env-vars.go

@@ -836,7 +836,7 @@ func (m *EnvsModule) interestingEnvVarsOnly() [][]string {
 	for _, envVar := range m.EnvironmentVariables {
 		if envVar.interesting {
 			interestingBody = append(
-				m.output.Body, []string{
+				interestingBody, []string{
 					aws.ToString(m.Caller.Account),
 					envVar.service,
 					envVar.region,

aws/role-trusts.go

@@ -241,33 +241,32 @@ func (m *RoleTrustsModule) printPrincipalTrusts(outputDirectory string) ([]strin
 	for _, role := range m.AnalyzedRoles {
 		for _, statement := range role.trustsDoc.Statement {
 			for _, principal := range statement.Principal.AWS {
-				if strings.Contains(principal, ":root") {
-					//check to see if the accountID is known
-					accountID := strings.Split(principal, ":")[4]
-					vendorName := m.vendors.GetVendorNameFromAccountID(accountID)
-					if vendorName != "" {
-						principal = fmt.Sprintf("%s (%s)", principal, vendorName)
-					}
+				//check to see if the accountID is known
+				accountID := strings.Split(principal, ":")[4]
+				vendorName := m.vendors.GetVendorNameFromAccountID(accountID)
+				if vendorName != "" {
+					principal = fmt.Sprintf("%s (%s)", principal, vendorName)
+				}
 
-					RoleTrustRow := RoleTrustRow{
-						RoleARN:          aws.ToString(role.roleARN),
-						RoleName:         GetResourceNameFromArn(aws.ToString(role.roleARN)),
-						TrustedPrincipal: principal,
-						ExternalID:       statement.Condition.StringEquals.StsExternalID,
-						IsAdmin:          role.Admin,
-						CanPrivEsc:       role.CanPrivEsc,
-					}
-					body = append(body, []string{
-						aws.ToString(m.Caller.Account),
-						RoleTrustRow.RoleARN,
-						RoleTrustRow.RoleName,
-						RoleTrustRow.TrustedPrincipal,
-						RoleTrustRow.ExternalID,
-						RoleTrustRow.IsAdmin,
-						RoleTrustRow.CanPrivEsc})
+				RoleTrustRow := RoleTrustRow{
+					RoleARN:          aws.ToString(role.roleARN),
+					RoleName:         GetResourceNameFromArn(aws.ToString(role.roleARN)),
+					TrustedPrincipal: principal,
+					ExternalID:       statement.Condition.StringEquals.StsExternalID,
+					IsAdmin:          role.Admin,
+					CanPrivEsc:       role.CanPrivEsc,
 				}
+				body = append(body, []string{
+					aws.ToString(m.Caller.Account),
+					RoleTrustRow.RoleARN,
+					RoleTrustRow.RoleName,
+					RoleTrustRow.TrustedPrincipal,
+					RoleTrustRow.ExternalID,
+					RoleTrustRow.IsAdmin,
+					RoleTrustRow.CanPrivEsc})
 			}
 		}
+
 	}
 
 	m.sortTrustsTablePerTrustedPrincipal()

main.go

@@ -10,7 +10,7 @@ import (
 var (
 	rootCmd = &cobra.Command{
 		Use:     os.Args[0],
-		Version: "1.13.1-prerelease",
+		Version: "1.13.2",
 	}
 )