Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS IAM Privilege Escalation Methods
Search
Pralhad Chaskar
July 26, 2019
Technology
0
250
AWS IAM Privilege Escalation Methods
Presented at null Dubai Meet 26 July 2019 Monthly Meet
Pralhad Chaskar
July 26, 2019
Tweet
Share
More Decks by Pralhad Chaskar
See All by Pralhad Chaskar
M365 Security Review
c0d3xpl0it
0
380
RDP Hijacking
c0d3xpl0it
0
420
Pwning O365 Infrastructure
c0d3xpl0it
0
590
AWS Security Assessment
c0d3xpl0it
0
1.4k
Bloodhound 2.0
c0d3xpl0it
0
180
Auditing ACLs on Active Directory
c0d3xpl0it
0
180
Adversay Emulation using Caldera
c0d3xpl0it
1
160
GPO Vs Applocker Restrictions
c0d3xpl0it
0
660
Introduction Atomic Red Team Framework
c0d3xpl0it
0
350
Other Decks in Technology
See All in Technology
AWS表彰プログラムとキャリアについて
naoki_0531
1
150
SRE新規立ち上げ! Hubbleインフラのこれまでと展望
katsuya0515
0
140
【CEDEC2025】現場を理解して実現!ゲーム開発を効率化するWebサービスの開発と、利用促進のための継続的な改善
cygames
PRO
0
710
オブザーバビリティプラットフォーム開発におけるオブザーバビリティとの向き合い / Hatena Engineer Seminar #34 オブザーバビリティの実現と運用編
arthur1
0
330
【2025 Japan AWS Jr. Champions Ignition】点から線、線から面へ 〜僕たちが起こすコラボレーション・ムーブメント〜
amixedcolor
1
120
恐怖!テストコードなき夜
tsukuboshi
2
110
ホリスティックテスティングの右側も大切にする 〜2つの[はか]る〜 / Holistic Testing: Right Side Matters
nihonbuson
PRO
0
540
解消したはずが…技術と人間のエラーが交錯する恐怖体験
lamaglama39
0
180
Nx × AI によるモノレポ活用 〜コードジェネレーター編〜
puku0x
0
280
バクラクによるコーポレート業務の自動運転 #BetAIDay
layerx
PRO
1
800
相互運用可能な学修歴クレデンシャルに向けた標準技術と国際動向
fujie
0
200
Gemini in Android Studio - Google I/O Bangkok '25
akexorcist
0
180
Featured
See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
4 Signs Your Business is Dying
shpigford
184
22k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
50
5.5k
Done Done
chrislema
185
16k
Code Review Best Practice
trishagee
69
19k
GraphQLとの向き合い方2022年版
quramy
49
14k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
The Art of Programming - Codeland 2020
erikaheidi
54
13k
Statistics for Hackers
jakevdp
799
220k
Designing for Performance
lara
610
69k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
Transcript
AWS IAM Privilege Escalation Methods Pralhad Chaskar (@c0d3xpl0it)
None
Recap of AWS • ACCESS_KEYS → Identifier of the user
in account • SECRET_ACCESS_KEY → Password needed to authenticate • SESSION_TOKEN → Security Token • AWS CLI → Console client written in python that allows a user to interact with the different services offered by AWS
Permission Policies
Privilege Escalation in the cloud • Misconfiguration of identity and
access management (IAM) policies • Manipulation of APIs • Cloud provider vulnerabilities https://searchcloudsecurity.techtarget.com/tip/3-reasons-privilege-escalation-in-the-cloud-works
For Auditors/Pentesters/BlueTeamer Take one user per role in order to
check Privilege Escalation possibility and feed the ACCESS_KEYS, SECRET_ACCESS_KEY, SESSION_TOKEN to below demo’ed tools.
AWS_ESCALATE.py https://github.com/RhinoSecurityLabs/Cloud-Security-Research/tree/master/AWS/aws_escalate
PACU • Pacu is an open source AWS exploitation framework,
designed for offensive security testing against cloud environments. Below are some capabilities/modules • RECON_UNAUTH • ENUM • ESCALATE (run iam__privesc_scan) • LATERAL_MOVE • EXPLOIT • PERSIST • EXFIL • EVADE https://github.com/RhinoSecurityLabs/pacu
None
Demo
References • https://github.com/RhinoSecurityLabs/Cloud-Security- Research/tree/master/AWS/aws_escalate • https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details • https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
None
c0d3xpl0it
naoki_0531
katsuya0515
cygames
.jpeg){kind=avatar}
arthur1
amixedcolor
tsukuboshi
nihonbuson
.jpg){kind=avatar}
lamaglama39
puku0x
layerx
fujie
akexorcist
samlambert
sstephenson
shpigford
reverentgeek
chrislema
trishagee
quramy
iamctodd
erikaheidi
jakevdp
lara
yeseniaperezcruz
