From 312cfc59e48ec00b457376d2d49bd62e9d333fde Mon Sep 17 00:00:00 2001
From: Translator <github-actions@github.com>
Date: Thu, 13 Feb 2025 09:54:40 +0000
Subject: [PATCH] Translated
 ['src/pentesting-cloud/aws-security/aws-privilege-escalation/

---
 .../aws-macie-privesc.md                      | 25 ++++++++++
 .../aws-services/aws-macie-enum.md            | 48 +++++++++++++++++++
 theme/ht_searcher.js                          |  5 +-
 theme/index.hbs                               |  1 +
 4 files changed, 77 insertions(+), 2 deletions(-)
 create mode 100644 src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.md
 create mode 100644 src/pentesting-cloud/aws-security/aws-services/aws-macie-enum.md

diff --git a/src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.md b/src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.md
new file mode 100644
index 000000000..9bc08885e
--- /dev/null
+++ b/src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.md
@@ -0,0 +1,25 @@
+# Amazon Macie - Bypass `Reveal Sample` Integrity Check
+
+AWS Macie ni huduma ya usalama inayogundua kiotomatiki data nyeti ndani ya mazingira ya AWS, kama vile akidi, taarifa za kibinafsi zinazoweza kutambulika (PII), na data nyingine za siri. Wakati Macie inatambua akidi nyeti, kama vile funguo za siri za AWS zilizohifadhiwa katika S3 bucket, inaunda matokeo yanayomruhusu mmiliki kuona "kielelezo" cha data iliyogunduliwa. Kwa kawaida, mara tu faili nyeti inapondolewa kutoka S3 bucket, inatarajiwa kwamba siri haiwezi tena kupatikana.
+
+Hata hivyo, **bypass** imegundulika ambapo mshambuliaji mwenye ruhusa za kutosha anaweza **ku-upload tena faili yenye jina sawa** lakini ikiwa na data tofauti, zisizo nyeti. Hii inasababisha Macie kuhusisha faili iliyopakiwa upya na matokeo ya awali, ikimruhusu mshambuliaji kutumia **kipengele cha "Reveal Sample"** kutoa siri iliyogunduliwa hapo awali. Tatizo hili linaweka hatari kubwa ya usalama, kwani siri ambazo zilidhaniwa kufutwa zinabaki kupatikana kupitia njia hii.
+
+<img src="https://github.com/user-attachments/assets/c44228ae-12cd-41bd-9a04-57f503a63281" height="800" width="auto"/>
+
+## Steps To Reproduce:
+
+1. Upload a file (e.g., `test-secret.txt`) to an S3 bucket with sensitive data, such as an AWS secret key. Wait for AWS Macie to scan and generate a finding.
+
+2. Navigate to AWS Macie Findings, locate the generated finding, and use the **Reveal Sample** feature to view the detected secret.
+
+3. Delete `test-secret.txt` from the S3 bucket and verify that it no longer exists.
+
+4. Create a new file named `test-secret.txt` with dummy data and re-upload it to the same S3 bucket using **attacker's account**.
+
+5. Return to AWS Macie Findings, access the original finding, and click **Reveal Sample** again.
+
+6. Observe that Macie still reveals the original secret, despite the file being deleted and replaced with different content **from different accounts, in our case it will be the attacker's account**.
+
+## Summary:
+
+Uthibitisho huu unaruhusu mshambuliaji mwenye ruhusa za kutosha za AWS IAM kurejesha siri zilizogunduliwa hapo awali hata baada ya faili ya awali kufutwa kutoka S3. Ikiwa funguo ya siri ya AWS, token ya ufikiaji, au akidi nyingine nyeti inafichuliwa, mshambuliaji anaweza kutumia kasoro hii kuirejesha na kupata ufikiaji usioidhinishwa kwa rasilimali za AWS. Hii inaweza kusababisha kupanda kwa ruhusa, ufikiaji usioidhinishwa wa data, au kuathiri zaidi mali za wingu, na kusababisha uvunjaji wa data na usumbufu wa huduma.
diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-macie-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-macie-enum.md
new file mode 100644
index 000000000..2811eed5e
--- /dev/null
+++ b/src/pentesting-cloud/aws-security/aws-services/aws-macie-enum.md
@@ -0,0 +1,48 @@
+# Amazon Macie
+
+## Introduction
+
+Amazon Macie ni huduma ya usalama wa data inayogundua data nyeti kwa kutumia kujifunza kwa mashine na ulinganifu wa mifumo, inatoa mwonekano wa hatari za usalama wa data, na inaruhusu ulinzi wa kiotomatiki dhidi ya hatari hizo.
+
+## Listing Findings with AWS Console
+
+Baada ya kuchanganua S3 bucket maalum kwa ajili ya siri na data nyeti, matokeo yatatengenezwa na kuonyeshwa kwenye console. Watumiaji walioidhinishwa wenye ruhusa za kutosha wanaweza kuona na kuorodhesha matokeo haya kwa kila kazi.
+
+<img width="1438" alt="Screenshot 2025-02-10 at 19 08 08" src="https://github.com/user-attachments/assets/4420f13e-c071-4ae4-946b-6fe67449a9f6" />
+
+
+## Revealing Secret
+
+Amazon Macie inatoa kipengele kinachoonyesha siri zilizogunduliwa kwa muundo wa maandiko wazi. Hii inasaidia katika kutambua data iliyovunjwa. Hata hivyo, kuonyesha siri kwa maandiko wazi kwa ujumla hakuchukuliwi kama njia bora kutokana na wasiwasi wa usalama, kwani inaweza kufichua taarifa nyeti.
+
+<img width="596" alt="Screenshot 2025-02-10 at 19 13 53" src="https://github.com/user-attachments/assets/31c40c29-0bba-429b-8b86-4e214d1aef66" />
+
+<img width="1154" alt="Screenshot 2025-02-10 at 19 15 11" src="https://github.com/user-attachments/assets/df616e56-a11a-41da-ac69-0bea37d143a5" />
+
+## Enumeration
+```bash
+# List and describe classification jobs
+aws macie2 list-classification-jobs --region eu-west-1
+aws macie2 describe-classification-job --job-id <Job_ID> --region eu-west-1
+
+# Retrieve account details and statistics
+aws macie2 get-macie-session --region eu-west-1
+aws macie2 get-usage-statistics --region eu-west-1
+
+# List and manage Macie members (for organizations)
+aws macie2 list-members --region eu-west-1
+
+# List findings and get detailed information about specific findings
+aws macie2 list-findings --region eu-west-1
+aws macie2 get-findings --finding-id <Finding_ID> --region eu-west-1
+
+# Manage custom data identifiers
+aws macie2 list-custom-data-identifiers --region eu-west-1
+aws macie2 get-custom-data-identifier --id <Identifier_ID> --region eu-west-1
+
+# List and detail findings filters
+aws macie2 list-findings-filters --region eu-west-1
+aws macie2 get-findings-filter --id <Filter_ID> --region eu-west-1
+
+```
+
diff --git a/theme/ht_searcher.js b/theme/ht_searcher.js
index 276bbfe6a..5a47c0ee3 100644
--- a/theme/ht_searcher.js
+++ b/theme/ht_searcher.js
@@ -471,12 +471,13 @@ window.search = window.search || {};
         showResults(true);
     }
 
-    fetch('https://raw.githubusercontent.com/HackTricks-wiki/hacktricks-cloud/refs/heads/master/searchindex.json')
+    var branch = lang === "en" ? "master" : lang
+    fetch(`https://raw.githubusercontent.com/HackTricks-wiki/hacktricks-cloud/refs/heads/${branch}/searchindex.json`)
         .then(response => response.json())
         .then(json => init(json))        
         .catch(error => { // Try to load searchindex.js if fetch failed
             var script = document.createElement('script');
-            script.src = 'https://raw.githubusercontent.com/HackTricks-wiki/hacktricks-cloud/refs/heads/master/searchindex.js';
+            script.src = `https://raw.githubusercontent.com/HackTricks-wiki/hacktricks-cloud/refs/heads/${branch}/searchindex.js`;
             script.onload = () => init(window.search);
             document.head.appendChild(script);
         });
diff --git a/theme/index.hbs b/theme/index.hbs
index 683ea99c1..9c7fa3155 100644
--- a/theme/index.hbs
+++ b/theme/index.hbs
@@ -55,6 +55,7 @@
         <!-- Provide site root to javascript -->
         <script>
             var path_to_root = "{{ path_to_root }}";
+            var lang = "{{ language }}";
             var default_theme = window.matchMedia("(prefers-color-scheme: dark)").matches ? "{{ preferred_dark_theme }}" : "{{ default_theme }}";
         </script>
         <!-- Start loading toc.js asap -->