Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS IAM Privilege Escalation Methods
Search
Pralhad Chaskar
July 26, 2019
Technology
290
0
Share
AWS IAM Privilege Escalation Methods
Presented at null Dubai Meet 26 July 2019 Monthly Meet
Pralhad Chaskar
July 26, 2019
More Decks by Pralhad Chaskar
See All by Pralhad Chaskar
Unfurling AI
c0d3xpl0it
0
28
M365 Security Review
c0d3xpl0it
0
430
RDP Hijacking
c0d3xpl0it
0
470
Pwning O365 Infrastructure
c0d3xpl0it
0
630
AWS Security Assessment
c0d3xpl0it
0
1.4k
Bloodhound 2.0
c0d3xpl0it
0
210
Auditing ACLs on Active Directory
c0d3xpl0it
0
220
Adversay Emulation using Caldera
c0d3xpl0it
1
190
GPO Vs Applocker Restrictions
c0d3xpl0it
0
720
Other Decks in Technology
See All in Technology
OpenID Connectによるサービス間連携
takesection
0
150
AI駆動開発でなんでもハンズオン環境をつくってみた
yoshimi0227
0
190
美味しいスイスチーズを作ろう🧀🐭
taigamikami
1
200
GitHub Copilot CLIでWebアクセシビリティを改善した話
tomokusaba
0
140
チームで実践する AI-DLC 思考の軌跡を残すチェックポイント設計
belongadmin
0
450
TROCCOで始めるクラウドコストを民主化するためのFinOps
tk3fftk
2
520
個人AIからチームAIへ:開発における品質と生産性の再設計
moongift
PRO
0
340
もりもり新機能を一挙紹介! AgentCoreに入門して、AWS上にAIエージェントを構築しよう
minorun365
PRO
6
570
React、まだ楽しくて草
uhyo
7
3.6k
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
1.8k
地元にいないローカルオーガナイザーの立ち回り
uvb_76
1
410
食べログのサーキットブレーカー導入を振り返って
atpons
1
160
Featured
See All Featured
Speed Design
sergeychernyshev
33
1.8k
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
570
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.3k
The #1 spot is gone: here's how to win anyway
tamaranovitovic
2
1.1k
Navigating Team Friction
lara
192
16k
Fireside Chat
paigeccino
42
3.9k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
3.3k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.2k
Paper Plane (Part 1)
katiecoart
PRO
0
8.1k
The Spectacular Lies of Maps
axbom
PRO
1
780
Chasing Engaging Ingredients in Design
codingconduct
0
200
The Illustrated Children's Guide to Kubernetes
chrisshort
51
52k
Transcript
AWS IAM Privilege Escalation Methods Pralhad Chaskar (@c0d3xpl0it)
None
Recap of AWS • ACCESS_KEYS → Identifier of the user
in account • SECRET_ACCESS_KEY → Password needed to authenticate • SESSION_TOKEN → Security Token • AWS CLI → Console client written in python that allows a user to interact with the different services offered by AWS
Permission Policies
Privilege Escalation in the cloud • Misconfiguration of identity and
access management (IAM) policies • Manipulation of APIs • Cloud provider vulnerabilities https://searchcloudsecurity.techtarget.com/tip/3-reasons-privilege-escalation-in-the-cloud-works
For Auditors/Pentesters/BlueTeamer Take one user per role in order to
check Privilege Escalation possibility and feed the ACCESS_KEYS, SECRET_ACCESS_KEY, SESSION_TOKEN to below demo’ed tools.
AWS_ESCALATE.py https://github.com/RhinoSecurityLabs/Cloud-Security-Research/tree/master/AWS/aws_escalate
PACU • Pacu is an open source AWS exploitation framework,
designed for offensive security testing against cloud environments. Below are some capabilities/modules • RECON_UNAUTH • ENUM • ESCALATE (run iam__privesc_scan) • LATERAL_MOVE • EXPLOIT • PERSIST • EXFIL • EVADE https://github.com/RhinoSecurityLabs/pacu
None
Demo
References • https://github.com/RhinoSecurityLabs/Cloud-Security- Research/tree/master/AWS/aws_escalate • https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details • https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
None
c0d3xpl0it
takesection
yoshimi0227
taigamikami
tomokusaba
belongadmin
tk3fftk
moongift
minorun365
uhyo
oracle4engineer
uvb_76
atpons
sergeychernyshev
baasie
charlesmeaden
tamaranovitovic
lara
paigeccino
garrettdimon
addyosmani
katiecoart
axbom
codingconduct
chrisshort
