Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS IAM Privilege Escalation Methods
Search
Pralhad Chaskar
July 26, 2019
Technology
290
0
Share
AWS IAM Privilege Escalation Methods
Presented at null Dubai Meet 26 July 2019 Monthly Meet
Pralhad Chaskar
July 26, 2019
More Decks by Pralhad Chaskar
See All by Pralhad Chaskar
Unfurling AI
c0d3xpl0it
0
29
M365 Security Review
c0d3xpl0it
0
430
RDP Hijacking
c0d3xpl0it
0
470
Pwning O365 Infrastructure
c0d3xpl0it
0
630
AWS Security Assessment
c0d3xpl0it
0
1.4k
Bloodhound 2.0
c0d3xpl0it
0
210
Auditing ACLs on Active Directory
c0d3xpl0it
0
220
Adversay Emulation using Caldera
c0d3xpl0it
1
190
GPO Vs Applocker Restrictions
c0d3xpl0it
0
720
Other Decks in Technology
See All in Technology
PHP と TypeScript の型システム比較:AI 時代の「型」は誰のためにあるのか? #frontend_phpcon_do / frontend_phpcon_do_2026
shogogg
1
220
食べログのサーキットブレーカー導入を振り返って
atpons
1
160
ルールやカスタム機能、どう使う?理想の出力を引き出すために今知りたいIBM Bob 5つの機能
muehara
0
170
Claude code Orchestra
ozakiomumkj
3
840
組織の中で自分を経営する技術
shoota
0
230
イベントストーミングとKiroの仕様駆動開発で実現する要件の認識合わせプロセス
syobochim
7
1k
個人の発見を、組織の知恵に 〜生成AI活用を"探索"から"組織の仕組み"へ〜
kintotechdev
2
450
はじめてのDatadog
kairim0
0
250
【Gen-AX】20260530開催_JJUG CCC 2026 Spring
genax
0
240
Platform engineering for developers, architects & the rest of us (AI agents)
danielbryantuk
0
160
Dynamic Workersについて
yusukebe
2
560
Anthropic AIネイティブ・スタートアップ構築のプレイブック を理解する
nagatsu
0
240
Featured
See All Featured
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.7k
Build your cross-platform service in a week with App Engine
jlugia
234
18k
Raft: Consensus for Rubyists
vanstee
141
7.5k
Applied NLP in the Age of Generative AI
inesmontani
PRO
4
2.3k
Why Our Code Smells
bkeepers
PRO
340
58k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
37
6.5k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
840
Technical Leadership for Architectural Decision Making
baasie
3
390
Into the Great Unknown - MozCon
thekraken
41
2.5k
Mozcon NYC 2025: Stop Losing SEO Traffic
samtorres
1
240
A designer walks into a library…
pauljervisheath
211
24k
Money Talks: Using Revenue to Get Sh*t Done
nikkihalliwell
0
240
Transcript
AWS IAM Privilege Escalation Methods Pralhad Chaskar (@c0d3xpl0it)
None
Recap of AWS • ACCESS_KEYS → Identifier of the user
in account • SECRET_ACCESS_KEY → Password needed to authenticate • SESSION_TOKEN → Security Token • AWS CLI → Console client written in python that allows a user to interact with the different services offered by AWS
Permission Policies
Privilege Escalation in the cloud • Misconfiguration of identity and
access management (IAM) policies • Manipulation of APIs • Cloud provider vulnerabilities https://searchcloudsecurity.techtarget.com/tip/3-reasons-privilege-escalation-in-the-cloud-works
For Auditors/Pentesters/BlueTeamer Take one user per role in order to
check Privilege Escalation possibility and feed the ACCESS_KEYS, SECRET_ACCESS_KEY, SESSION_TOKEN to below demo’ed tools.
AWS_ESCALATE.py https://github.com/RhinoSecurityLabs/Cloud-Security-Research/tree/master/AWS/aws_escalate
PACU • Pacu is an open source AWS exploitation framework,
designed for offensive security testing against cloud environments. Below are some capabilities/modules • RECON_UNAUTH • ENUM • ESCALATE (run iam__privesc_scan) • LATERAL_MOVE • EXPLOIT • PERSIST • EXFIL • EVADE https://github.com/RhinoSecurityLabs/pacu
None
Demo
References • https://github.com/RhinoSecurityLabs/Cloud-Security- Research/tree/master/AWS/aws_escalate • https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details • https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
None
c0d3xpl0it
shogogg
atpons
muehara
ozakiomumkj
shoota
syobochim
kintotechdev
kairim0
.png){kind=avatar}
genax
danielbryantuk
yusukebe
nagatsu
tammyeverts
jlugia
vanstee
inesmontani
bkeepers
kevinliebholz
tomoyanonymous
baasie
thekraken
samtorres
pauljervisheath
nikkihalliwell
