nuclei-templates/cloud/aws/sns/sns-topic-public-accessible...

id: sns-topic-public-accessible

info:
  name: Public Access of SNS Topics via Policy
  author: Ritesh_Gohil(#L4stPL4Y3R)
  severity: high
  description: |
    This template checks if Amazon SNS topics are configured to prevent public access via topic policies.
  reference:
    - https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html
  tags: cloud,devops,aws,amazon,sns,aws-cloud-config

flow: |
  code(1)
  for (let topicArn of iterate(template.topics)) {
    set("topicArn", topicArn)
    code(2)
  }

self-contained: true
code:
  - engine:
      - sh
      - bash
    source: |
      aws sns list-topics --query 'Topics[*].TopicArn'

    extractors:
      - type: json
        internal: true
        name: topics
        json:
          - '.[]'

  - engine:
      - sh
      - bash
    source: |
      aws sns get-topic-attributes --topic-arn $topicArn --query Attributes.Policy --output text

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"Effect":"Allow"'

      - type: word
        part: body
        words:
          - '"Principal":{"AWS":"*"}'

      - type: regex
        part: body
        negative: true
        regex:
          - '"Condition"'

    extractors:
      - type: dsl
        dsl:
          - '"The SNS topic " + topicArn + " is publicly accessible via Policy"'
# digest: 4a0a0047304502200dff8839ea05345d4fbf9399ef0c6b3b5efd891edbfcc049b16f9509cc6147ef022100f333312e0dfe72993ca40c3ad6b5ba91e7237fa0871eb620f2ede5529c5ab328:366f2a24c8eb519f6968bd8801c08ebe
misc changes 2024-06-06 18:47:04 +00:00			`id: sns-topic-public-accessible`
Added SNS Topic access publicly Template 2024-06-06 15:51:18 +00:00
			`info:`
			`name: Public Access of SNS Topics via Policy`
			`author: Ritesh_Gohil(#L4stPL4Y3R)`
misc changes 2024-06-06 18:47:04 +00:00			`severity: high`
Added SNS Topic access publicly Template 2024-06-06 15:51:18 +00:00			`description: \|`
			`This template checks if Amazon SNS topics are configured to prevent public access via topic policies.`
			`reference:`
			`- https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html`
misc changes 2024-06-06 18:47:04 +00:00			`tags: cloud,devops,aws,amazon,sns,aws-cloud-config`
Added SNS Topic access publicly Template 2024-06-06 15:51:18 +00:00
			`flow: \|`
			`code(1)`
			`for (let topicArn of iterate(template.topics)) {`
			`set("topicArn", topicArn)`
			`code(2)`
			`}`

			`self-contained: true`
			`code:`
			`- engine:`
			`- sh`
			`- bash`
			`source: \|`
			`aws sns list-topics --query 'Topics[*].TopicArn'`

			`extractors:`
			`- type: json`
			`internal: true`
			`name: topics`
			`json:`
			`- '.[]'`

			`- engine:`
			`- sh`
			`- bash`
			`source: \|`
			`aws sns get-topic-attributes --topic-arn $topicArn --query Attributes.Policy --output text`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`part: body`
			`words:`
			`- '"Effect":"Allow"'`

			`- type: word`
			`part: body`
			`words:`
			`- '"Principal":{"AWS":"*"}'`

			`- type: regex`
			`part: body`
			`negative: true`
			`regex:`
			`- '"Condition"'`

			`extractors:`
			`- type: dsl`
			`dsl:`
			`- '"The SNS topic " + topicArn + " is publicly accessible via Policy"'`
misc changes 2024-06-11 18:51:29 +00:00			`# digest: 4a0a0047304502200dff8839ea05345d4fbf9399ef0c6b3b5efd891edbfcc049b16f9509cc6147ef022100f333312e0dfe72993ca40c3ad6b5ba91e7237fa0871eb620f2ede5529c5ab328:366f2a24c8eb519f6968bd8801c08ebe`