Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS IAM Privilege Escalation Methods
Search
Pralhad Chaskar
July 26, 2019
Technology
0
250
AWS IAM Privilege Escalation Methods
Presented at null Dubai Meet 26 July 2019 Monthly Meet
Pralhad Chaskar
July 26, 2019
Tweet
Share
More Decks by Pralhad Chaskar
See All by Pralhad Chaskar
M365 Security Review
c0d3xpl0it
0
380
RDP Hijacking
c0d3xpl0it
0
430
Pwning O365 Infrastructure
c0d3xpl0it
0
600
AWS Security Assessment
c0d3xpl0it
0
1.4k
Bloodhound 2.0
c0d3xpl0it
0
190
Auditing ACLs on Active Directory
c0d3xpl0it
0
180
Adversay Emulation using Caldera
c0d3xpl0it
1
160
GPO Vs Applocker Restrictions
c0d3xpl0it
0
670
Introduction Atomic Red Team Framework
c0d3xpl0it
0
360
Other Decks in Technology
See All in Technology
AWSで始める実践Dagster入門
kitagawaz
1
570
品質視点から考える組織デザイン/Organizational Design from Quality
mii3king
0
160
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
8.7k
Webブラウザ向け動画配信プレイヤーの 大規模リプレイスから得た知見と学び
yud0uhu
0
230
dbt開発 with Claude Codeのためのガードレール設計
10xinc
2
1.1k
実践!カスタムインストラクション&スラッシュコマンド
puku0x
0
310
ChatGPTとPlantUML/Mermaidによるソフトウェア設計
gowhich501
1
120
シークレット管理だけじゃない!HashiCorp Vault でデータ暗号化をしよう / Beyond Secret Management! Let's Encrypt Data with HashiCorp Vault
nnstt1
3
230
エラーとアクセシビリティ
schktjm
1
1.2k
バイブスに「型」を!Kent Beckに学ぶ、AI時代のテスト駆動開発
amixedcolor
2
490
MCPで変わる Amebaデザインシステム「Spindle」の開発
spindle
PRO
3
3.2k
生成AI時代のデータ基盤設計〜ペースレイヤリングで実現する高速開発と持続性〜 / Levtech Meetup_Session_2
sansan_randd
1
150
Featured
See All Featured
Fireside Chat
paigeccino
39
3.6k
Gamification - CAS2011
davidbonilla
81
5.4k
Building Flexible Design Systems
yeseniaperezcruz
328
39k
Bash Introduction
62gerente
615
210k
Automating Front-end Workflow
addyosmani
1370
200k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
131
19k
Documentation Writing (for coders)
carmenintech
74
5k
Reflections from 52 weeks, 52 projects
jeffersonlam
352
21k
Making the Leap to Tech Lead
cromwellryan
135
9.5k
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.7k
Writing Fast Ruby
sferik
628
62k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
580
Transcript
AWS IAM Privilege Escalation Methods Pralhad Chaskar (@c0d3xpl0it)
None
Recap of AWS • ACCESS_KEYS → Identifier of the user
in account • SECRET_ACCESS_KEY → Password needed to authenticate • SESSION_TOKEN → Security Token • AWS CLI → Console client written in python that allows a user to interact with the different services offered by AWS
Permission Policies
Privilege Escalation in the cloud • Misconfiguration of identity and
access management (IAM) policies • Manipulation of APIs • Cloud provider vulnerabilities https://searchcloudsecurity.techtarget.com/tip/3-reasons-privilege-escalation-in-the-cloud-works
For Auditors/Pentesters/BlueTeamer Take one user per role in order to
check Privilege Escalation possibility and feed the ACCESS_KEYS, SECRET_ACCESS_KEY, SESSION_TOKEN to below demo’ed tools.
AWS_ESCALATE.py https://github.com/RhinoSecurityLabs/Cloud-Security-Research/tree/master/AWS/aws_escalate
PACU • Pacu is an open source AWS exploitation framework,
designed for offensive security testing against cloud environments. Below are some capabilities/modules • RECON_UNAUTH • ENUM • ESCALATE (run iam__privesc_scan) • LATERAL_MOVE • EXPLOIT • PERSIST • EXFIL • EVADE https://github.com/RhinoSecurityLabs/pacu
None
Demo
References • https://github.com/RhinoSecurityLabs/Cloud-Security- Research/tree/master/AWS/aws_escalate • https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details • https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
None
c0d3xpl0it
kitagawaz
mii3king
fullkaiten
yud0uhu
10xinc
puku0x
gowhich501
nnstt1
schktjm
amixedcolor
spindle
sansan_randd
paigeccino
davidbonilla
yeseniaperezcruz
62gerente
addyosmani
morganepeng
carmenintech
jeffersonlam
cromwellryan
productmarketing
sferik
bluesmoon
