Merge pull request #270 from thug-gamer/patch-1

fix saml_forge.py script; fix typo

src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc/README.md

@@ -50,7 +50,7 @@ aws iam create-access-key --user-name <target_user>
 Note that a user can only have 2 access keys created, so if a user already has 2 access keys you will need the permission `iam:DeleteAccessKey` to detele one of them to be able to create a new one:
 
 ```bash
-aws iam delete-access-key --uaccess-key-id <key_id>
+aws iam delete-access-key --access-key-id <key_id>
 ```
 
 ### **`iam:CreateVirtualMFADevice` + `iam:EnableMFADevice`**
@@ -437,7 +437,7 @@ def make_signed_saml_response(role_arn: str, principal_arn: str, key_pem: str, c
     response.set("Destination", "https://signin.aws.amazon.com/saml")
 
     issuer = etree.SubElement(response, etree.QName(ns["saml2"], "Issuer"))
-    issuer.text = "https://attacker-idp.attacker.invalid/idp"
+    issuer.text = "https://attacker-idp.invalid/idp"
 
     status = etree.SubElement(response, etree.QName(ns["saml2p"], "Status"))
     status_code = etree.SubElement(status, etree.QName(ns["saml2p"], "StatusCode"))
@@ -449,7 +449,7 @@ def make_signed_saml_response(role_arn: str, principal_arn: str, key_pem: str, c
     assertion.set("IssueInstant", issue_instant.isoformat())
 
     a_issuer = etree.SubElement(assertion, etree.QName(ns["saml2"], "Issuer"))
-    a_issuer.text = "https://attacker-idp.attacker.invalid/idp"
+    a_issuer.text = "https://attacker-idp.invalid/idp"
 
     subject = etree.SubElement(assertion, etree.QName(ns["saml2"], "Subject"))
     name_id = etree.SubElement(subject, etree.QName(ns["saml2"], "NameID"))