Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import argparse
- import getpass
- import splunk.entity as entity
- import splunk.auth
- ap = argparse.ArgumentParser()
- ap.add_argument("--username", required=True)
- ap.add_argument("--password", required=False)
- ap.add_argument("--app")
- args = ap.parse_args()
- if not args.password:
- args.password = getpass.getpass("Password: ")
- sessionKey = splunk.auth.getSessionKey(args.username, args.password)
- try:
- # list all credentials
- entities = entity.getEntities(
- ["storage", "passwords"],
- namespace="-",
- owner="nobody",
- sessionKey=sessionKey
- )
- except Exception as e:
- raise Exception("Could not get credentials from splunk. Error: %s" % str(e))
- data = {}
- for cred in entities.values():
- app_name = cred["eai:acl"]["app"]
- if args.app and app_name != args.app:
- continue
- if app_name not in data:
- data[app_name] = []
- data[app_name].append({k: cred[k] for k in ("username", "realm", "clear_password")})
- for app in sorted(data.keys()):
- print("[+] App: %s" % app)
- for cred in sorted(data[app], key=lambda x: x["username"]):
- print(" [+] Username: %s, Realm: %s, Password: %s" % (
- cred["username"],
- cred["realm"],
- cred["clear_password"]
- ))
Add Comment
Please, Sign In to add comment