| echo "=== 6.1.2 CIFS (Port 445) Access Audit ==="; echo -e "\nScanning ALL regions for security groups allowing unrestricted inbound CIFS (port 445) from 0.0.0.0/0 or ::/0..."; for region in $(aws ec2 describe-regions --query 'Regions[].RegionName' --output text --profile gop-ro); do echo -e "\n=== $region ==="; aws ec2 describe-security-groups --region $region --profile gop-ro --query "SecurityGroups[?length(IpPermissions[?((FromPort<= \`445\` && ToPort>= \`445\`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}" --output table 2>&1 || echo "No issues or error checking region"; done; echo -e "\n=== End of 6.1.2 Audit ===\nIf any security groups appear above, they allow unrestricted CIFS access → FAIL"
|
| === 6.1.2 CIFS (Port 445) Access Audit ===
|
|
|
| Scanning ALL regions for security groups allowing unrestricted inbound CIFS (port 445) from 0.0.0.0/0 or ::/0...
|
|
|
| === ap-south-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === eu-north-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === eu-west-3 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === eu-west-2 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === eu-west-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === ap-northeast-3 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === ap-northeast-2 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === ap-northeast-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === ca-central-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === sa-east-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === ap-southeast-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === ap-southeast-2 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === eu-central-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === us-east-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === us-east-2 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === us-west-1 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === us-west-2 ===
|
|
|
| aws: [ERROR]: An error occurred (ParamValidation): Bad value for --query SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}: Expecting: rbracket, got: rparen: Parse error at column 186, token ")" (RPAREN), for expression:
|
| "SecurityGroups[?length(IpPermissions[?((FromPort<= `445` && ToPort>= `445`) || IpProtocol=='-1') && (contains(IpRanges[].CidrIp, '0.0.0.0/0') || contains(Ipv6Ranges[].CidrIpv6, '::/0')) ) ].{GroupId:GroupId,GroupName:GroupName,Description:Description}"
|
| ^
|
| No issues or error checking region
|
|
|
| === End of 6.1.2 Audit ===
|
| If any security groups appear above, they allow unrestricted CIFS access → FAIL
|