Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS IAM Privilege Escalation Methods
Search
Pralhad Chaskar
July 26, 2019
Technology
0
260
AWS IAM Privilege Escalation Methods
Presented at null Dubai Meet 26 July 2019 Monthly Meet
Pralhad Chaskar
July 26, 2019
Tweet
Share
More Decks by Pralhad Chaskar
See All by Pralhad Chaskar
M365 Security Review
c0d3xpl0it
0
390
RDP Hijacking
c0d3xpl0it
0
440
Pwning O365 Infrastructure
c0d3xpl0it
0
600
AWS Security Assessment
c0d3xpl0it
0
1.4k
Bloodhound 2.0
c0d3xpl0it
0
200
Auditing ACLs on Active Directory
c0d3xpl0it
0
190
Adversay Emulation using Caldera
c0d3xpl0it
1
170
GPO Vs Applocker Restrictions
c0d3xpl0it
0
690
Introduction Atomic Red Team Framework
c0d3xpl0it
0
370
Other Decks in Technology
See All in Technology
『星の世界の地図の話: Google Sky MapをAI Agentでよみがえらせる』 - Google Developers DevFest Tokyo 2025
taniiicom
0
450
Symfony AI in Action
el_stoffel
2
300
Master Dataグループ紹介資料
sansan33
PRO
1
4k
OpenShiftのBGPサポート - MetalLB+FRR-k8s編
orimanabu
0
130
ローカルVLM OCRモデル + Gemini 3.0 Proで日本語性能を試す
gotalab555
1
260
.NET 10 のパフォーマンス改善
nenonaninu
2
3.8k
進化の早すぎる生成 AI と向き合う
satohjohn
0
460
type-challenges を全問解いたのでエッセンスと推し問題を紹介してみる
kworkdev
PRO
0
160
AI駆動開発によるDDDの実践
dip_tech
PRO
0
160
事業部のプロジェクト進行と開発チームの改善の “時間軸" のすり合わせ
konifar
9
2.2k
TypeScript×CASLでつくるSaaSの認可 / Authz with CASL
saka2jp
2
170
IPv6-mostly field report from RubyKaigi 2026
sorah
0
240
Featured
See All Featured
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
118
20k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
132
19k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
9
990
Docker and Python
trallard
46
3.7k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.6k
Typedesign – Prime Four
hannesfritz
42
2.9k
Rebuilding a faster, lazier Slack
samanthasiow
84
9.3k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
How STYLIGHT went responsive
nonsquared
100
5.9k
For a Future-Friendly Web
brad_frost
180
10k
Imperfection Machines: The Place of Print at Facebook
scottboms
269
13k
Optimizing for Happiness
mojombo
379
70k
Transcript
AWS IAM Privilege Escalation Methods Pralhad Chaskar (@c0d3xpl0it)
None
Recap of AWS • ACCESS_KEYS → Identifier of the user
in account • SECRET_ACCESS_KEY → Password needed to authenticate • SESSION_TOKEN → Security Token • AWS CLI → Console client written in python that allows a user to interact with the different services offered by AWS
Permission Policies
Privilege Escalation in the cloud • Misconfiguration of identity and
access management (IAM) policies • Manipulation of APIs • Cloud provider vulnerabilities https://searchcloudsecurity.techtarget.com/tip/3-reasons-privilege-escalation-in-the-cloud-works
For Auditors/Pentesters/BlueTeamer Take one user per role in order to
check Privilege Escalation possibility and feed the ACCESS_KEYS, SECRET_ACCESS_KEY, SESSION_TOKEN to below demo’ed tools.
AWS_ESCALATE.py https://github.com/RhinoSecurityLabs/Cloud-Security-Research/tree/master/AWS/aws_escalate
PACU • Pacu is an open source AWS exploitation framework,
designed for offensive security testing against cloud environments. Below are some capabilities/modules • RECON_UNAUTH • ENUM • ESCALATE (run iam__privesc_scan) • LATERAL_MOVE • EXPLOIT • PERSIST • EXFIL • EVADE https://github.com/RhinoSecurityLabs/pacu
None
Demo
References • https://github.com/RhinoSecurityLabs/Cloud-Security- Research/tree/master/AWS/aws_escalate • https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details • https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
None
c0d3xpl0it
taniiicom
el_stoffel
sansan33
orimanabu
gotalab555
nenonaninu
satohjohn
kworkdev
dip_tech
konifar
saka2jp
sorah
panda_program
morganepeng
addyosmani
trallard
honnibal
hannesfritz
samanthasiow
garrettdimon
nonsquared
brad_frost
scottboms
mojombo
