gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-28 13:43:24 -08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #135 from HackTricks-wiki/support-file-downloads

Browse Source 
Support file downloads
This commit is contained in:
SirBroccoli
2025-01-04 18:48:56 +01:00
committed by GitHub
parent d65983432b 853e602bc2
commit 1e29cb77cc
3 changed files with 39 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
src/files/empty.zip Normal file
View File

Binary file not shown.

7
src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/iam-passrole-codestar-createproject.md
View File

@@ -32,7 +32,9 @@ To exploit this you need to create a **S3 bucket that is accessible** from the a
Also **upload** this `empty zip` file to the **bucket**:
{% file src="../../../../images/empty.zip" %}
{{#file}}
empty.zip
{{#endfile}}
Remember that the **bucket with both files must be accessible by the victim account**.
@@ -86,6 +88,3 @@ aws codestar create-project \
This exploit is based on the **Pacu exploit of these privileges**: [https://github.com/RhinoSecurityLabs/pacu/blob/2a0ce01f075541f7ccd9c44fcfc967cad994f9c9/pacu/modules/iam\_\_privesc_scan/main.py#L1997](https://github.com/RhinoSecurityLabs/pacu/blob/2a0ce01f075541f7ccd9c44fcfc967cad994f9c9/pacu/modules/iam__privesc_scan/main.py#L1997) On it you can find a variation to create an admin managed policy for a role instead of to a user.
{{#include ../../../../banners/hacktricks-training.md}}