添加链接 注册    登录
link管理
链接快照平台
  • 输入网页链接,自动生成快照
  • 标签化管理网页链接
相关文章推荐
文质彬彬的仙人掌  ·  任泽平:俄乌局势对全球及中国经济的影响分析_ ...·  1 周前    · 
干练的炒粉  ·  QComboBox ...·  4 月前    · 
逼格高的酱牛肉  ·  python json ...·  10 月前    · 
踏实的登山鞋  ·  三国战纪2 童年的记忆 游戏厅的打法 ...·  1 年前    · 
温柔的开水瓶  ·  一生必听的10部交响乐 音乐发烧友必读_网易订阅·  1 年前    · 
link管理  ›  MissingSecurityToken Authentication Failure when using ScoutSuite with Alibaba Cloud · Issue #1678 ·
https://github.com/nccgroup/ScoutSuite/issues/1678
心软的小虾米
2 周前

MissingSecurityToken Authentication Failure when using ScoutSuite with Alibaba Cloud #1678

New issue
New issue
Open
Open
MissingSecurityToken Authentication Failure when using ScoutSuite with Alibaba Cloud #1678
Labels
bug Something isn't working potential Unconfirmed issue
@Asgaros

Description

@Asgaros
Asgaros
opened on Nov 6, 2024

I am trying to scan an Alibaba Cloud account with ScoutSuite using the following CLI parameters:

scout aliyun --access-keys -k SECRETABC123 -s SECRETABCXYZ

This results in an Authentication Failure which claims that a mandatory SecurityToken is missing. However, besides of the Access Key ID and the Access Key Secret, there is no option to provide any additional Security Token.

The debug-output looks as follow: 

2024-11-06 15:03:10 Asgaros scout[28692] INFO Launching Scout
2024-11-06 15:03:10 Asgaros scout[28692] INFO Authenticating to cloud provider
2024-11-06 15:03:11 Asgaros scout[28692] ERROR __main__.py L217: Authentication failure: HTTP Status: 400 Error:MissingSecurityToken SecurityToken is mandatory for this action. RequestID: 193F64B6-9BCA-54FF-875E-7A99655518DE
Traceback (most recent call last):
  File "C:\Apps\ScoutSuite\venv\Lib\site-packages\ScoutSuite\providers\aliyun\authentication_strategy.py", line 34, in authenticate
    response = client.do_action_with_exception(
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Apps\ScoutSuite\venv\Lib\site-packages\aliyunsdkcore\client.py", line 503, in do_action_with_exception
    raise exception
aliyunsdkcore.acs_exception.exceptions.ServerException: HTTP Status: 400 Error:MissingSecurityToken SecurityToken is mandatory for this action. RequestID: 193F64B6-9BCA-54FF-875E-7A99655518DE
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
  File "C:\Apps\ScoutSuite\venv\Lib\site-packages\ScoutSuite\__main__.py", line 217, in _run
    credentials = auth_strategy.authenticate(profile=profile,
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Apps\ScoutSuite\venv\Lib\site-packages\ScoutSuite\providers\aliyun\authentication_strategy.py", line 41, in authenticate
    raise AuthenticationException(e)
ScoutSuite.providers.base.authentication_strategy.AuthenticationException: HTTP Status: 400 Error:MissingSecurityToken SecurityToken is mandatory for this action. RequestID: 193F64B6-9BCA-54FF-875E-7A99655518DE
 
推荐文章
文质彬彬的仙人掌  ·  任泽平:俄乌局势对全球及中国经济的影响分析_新浪财经_新浪网
1 周前
干练的炒粉  ·  QComboBox 设置选中的item_c++ qt combox additem所添加的项的索引位置-CSDN博客
4 月前
逼格高的酱牛肉  ·  python json 所有的key_mob64ca12de24b0的技术博客_51CTO博客
10 月前
踏实的登山鞋  ·  三国战纪2 童年的记忆 游戏厅的打法 盖世英雄 曹军全隐藏密室_单机游戏热门视频
1 年前
温柔的开水瓶  ·  一生必听的10部交响乐 音乐发烧友必读_网易订阅
1 年前
Link管理   ·   Sov5搜索   ·   小百科
link管理 - 链接快照平台