Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
AWS IAM Privilege Escalation Methods
Search
Pralhad Chaskar
July 26, 2019
Technology
0
250
AWS IAM Privilege Escalation Methods
Presented at null Dubai Meet 26 July 2019 Monthly Meet
Pralhad Chaskar
July 26, 2019
Tweet
Share
More Decks by Pralhad Chaskar
See All by Pralhad Chaskar
M365 Security Review
c0d3xpl0it
0
390
RDP Hijacking
c0d3xpl0it
0
440
Pwning O365 Infrastructure
c0d3xpl0it
0
600
AWS Security Assessment
c0d3xpl0it
0
1.4k
Bloodhound 2.0
c0d3xpl0it
0
190
Auditing ACLs on Active Directory
c0d3xpl0it
0
190
Adversay Emulation using Caldera
c0d3xpl0it
1
170
GPO Vs Applocker Restrictions
c0d3xpl0it
0
680
Introduction Atomic Red Team Framework
c0d3xpl0it
0
370
Other Decks in Technology
See All in Technology
技術の総合格闘技!?AIインフラの現在と未来。
ebiken
PRO
0
250
エンタープライズ企業における開発効率化のためのコンテキスト設計とその活用
sergicalsix
1
330
バクラクの AI-BPO を支える AI エージェント 〜とそれを支える Bet AI Guild〜
tomoaki25
2
570
品質保証の取り組みを広げる仕組みづくり〜スキルの移譲と自律を支える実践知〜
tarappo
2
840
隙間ツール開発のすすめ / PHP Conference Fukuoka 2025
meihei3
0
340
AI時代に必要なデータプラットフォームの要件とは by @Kazaneya_PR / 20251107
kazaneya
PRO
4
960
us-east-1 の障害が 起きると なぜ ソワソワするのか
miu_crescent
PRO
2
790
“それなりに”安全なWebアプリケーションの作り方
xryuseix
0
290
Claude Code 10連ガチャ
uhyo
3
660
[JDDStudy #10] 社内Agent勉強会の取り組み紹介
yp_genzitsu
1
130
開発者から見たLLMの進化 202511
ny7760
1
170
メタプログラミングRuby問題集の活用
willnet
2
770
Featured
See All Featured
Fireside Chat
paigeccino
41
3.7k
Code Reviewing Like a Champion
maltzj
527
40k
Typedesign – Prime Four
hannesfritz
42
2.9k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
127
54k
For a Future-Friendly Web
brad_frost
180
10k
Building Flexible Design Systems
yeseniaperezcruz
329
39k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
508
140k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.2k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.5k
Transcript
AWS IAM Privilege Escalation Methods Pralhad Chaskar (@c0d3xpl0it)
None
Recap of AWS • ACCESS_KEYS → Identifier of the user
in account • SECRET_ACCESS_KEY → Password needed to authenticate • SESSION_TOKEN → Security Token • AWS CLI → Console client written in python that allows a user to interact with the different services offered by AWS
Permission Policies
Privilege Escalation in the cloud • Misconfiguration of identity and
access management (IAM) policies • Manipulation of APIs • Cloud provider vulnerabilities https://searchcloudsecurity.techtarget.com/tip/3-reasons-privilege-escalation-in-the-cloud-works
For Auditors/Pentesters/BlueTeamer Take one user per role in order to
check Privilege Escalation possibility and feed the ACCESS_KEYS, SECRET_ACCESS_KEY, SESSION_TOKEN to below demo’ed tools.
AWS_ESCALATE.py https://github.com/RhinoSecurityLabs/Cloud-Security-Research/tree/master/AWS/aws_escalate
PACU • Pacu is an open source AWS exploitation framework,
designed for offensive security testing against cloud environments. Below are some capabilities/modules • RECON_UNAUTH • ENUM • ESCALATE (run iam__privesc_scan) • LATERAL_MOVE • EXPLOIT • PERSIST • EXFIL • EVADE https://github.com/RhinoSecurityLabs/pacu
None
Demo
References • https://github.com/RhinoSecurityLabs/Cloud-Security- Research/tree/master/AWS/aws_escalate • https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details • https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
None
c0d3xpl0it
ebiken
sergicalsix
tomoaki25
tarappo
meihei3
kazaneya
miu_crescent
xryuseix
uhyo
yp_genzitsu
ny7760
willnet
paigeccino
maltzj
hannesfritz
aki_iinuma
brad_frost
yeseniaperezcruz
samlambert
chriscoyier
cassininazir
tammyeverts
tanoku
philnash
