Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS IAM Privilege Escalation Methods
Search
Pralhad Chaskar
July 26, 2019
Technology
0
230
AWS IAM Privilege Escalation Methods
Presented at null Dubai Meet 26 July 2019 Monthly Meet
Pralhad Chaskar
July 26, 2019
Tweet
Share
More Decks by Pralhad Chaskar
See All by Pralhad Chaskar
M365 Security Review
c0d3xpl0it
0
310
RDP Hijacking
c0d3xpl0it
0
380
Pwning O365 Infrastructure
c0d3xpl0it
0
550
AWS Security Assessment
c0d3xpl0it
0
1.3k
Bloodhound 2.0
c0d3xpl0it
0
170
Auditing ACLs on Active Directory
c0d3xpl0it
0
140
Adversay Emulation using Caldera
c0d3xpl0it
1
130
GPO Vs Applocker Restrictions
c0d3xpl0it
0
600
Introduction Atomic Red Team Framework
c0d3xpl0it
0
320
Other Decks in Technology
See All in Technology
Creative UIs with Compose: DroidKaigi 2024
chrishorner
1
600
サプライチェーン攻撃に備える
ryunen344
0
370
ロリポップ! for Gamersを支えるインフラ/lolipop for gamers infrastructure
takumakume
0
140
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
5
46k
可視化により内部品質をあげるAIドキュメントリバース/20240910 Hiromitsu Akiba
shift_evolve
0
230
JEP 480: Structured Concurrency
aya_ebata
0
130
Swift Testingのconfirmationを コードリーディング/Dive into Swift Testing confirmation
laprasdrum
2
270
2024年のナビゲーション・フォーカス対応:Composeでキーボード・ナビゲーションをサポートしよう
tahia910
0
110
DevRelの始め方
moongift
PRO
2
400
ナレッジグラフとLLMの相互利用
koujikozaki
0
430
再考 アクターモデル/ reconsider actor model
ytake
0
370
Mocking in Rust Applications
taiki45
2
420
Featured
See All Featured
Understanding Cognitive Biases in Performance Measurement
bluesmoon
26
1.3k
Fireside Chat
paigeccino
31
2.9k
Building Flexible Design Systems
yeseniaperezcruz
325
38k
Rebuilding a faster, lazier Slack
samanthasiow
78
8.6k
How to train your dragon (web standard)
notwaldorf
85
5.6k
Git: the NoSQL Database
bkeepers
PRO
425
64k
Learning to Love Humans: Emotional Interface Design
aarron
270
40k
How to Ace a Technical Interview
jacobian
274
23k
StorybookのUI Testing Handbookを読んだ
zakiyama
26
5.1k
A Modern Web Designer's Workflow
chriscoyier
692
190k
Code Review Best Practice
trishagee
62
16k
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
Transcript
AWS IAM Privilege Escalation Methods Pralhad Chaskar (@c0d3xpl0it)
None
Recap of AWS • ACCESS_KEYS → Identifier of the user
in account • SECRET_ACCESS_KEY → Password needed to authenticate • SESSION_TOKEN → Security Token • AWS CLI → Console client written in python that allows a user to interact with the different services offered by AWS
Permission Policies
Privilege Escalation in the cloud • Misconfiguration of identity and
access management (IAM) policies • Manipulation of APIs • Cloud provider vulnerabilities https://searchcloudsecurity.techtarget.com/tip/3-reasons-privilege-escalation-in-the-cloud-works
For Auditors/Pentesters/BlueTeamer Take one user per role in order to
check Privilege Escalation possibility and feed the ACCESS_KEYS, SECRET_ACCESS_KEY, SESSION_TOKEN to below demo’ed tools.
AWS_ESCALATE.py https://github.com/RhinoSecurityLabs/Cloud-Security-Research/tree/master/AWS/aws_escalate
PACU • Pacu is an open source AWS exploitation framework,
designed for offensive security testing against cloud environments. Below are some capabilities/modules • RECON_UNAUTH • ENUM • ESCALATE (run iam__privesc_scan) • LATERAL_MOVE • EXPLOIT • PERSIST • EXFIL • EVADE https://github.com/RhinoSecurityLabs/pacu
None
Demo
References • https://github.com/RhinoSecurityLabs/Cloud-Security- Research/tree/master/AWS/aws_escalate • https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details • https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
None