Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/

src/pentesting-cloud/aws-security/aws-services/aws-sts-enum.md

@@ -4,62 +4,57 @@
 
 ## STS
 
-**AWS Security Token Service (STS)** is primarily designed to issue **temporary, limited-privilege credentials**. These credentials can be requested for **AWS Identity and Access Management (IAM)** users or for authenticated users (federated users).
+**AWS Security Token Service (STS)** is hoofsaaklik ontwerp om **tydelike, beperkte bevoegdheid akkrediteerbare** te verskaf. Hierdie akkrediteerbare kan aangevra word vir **AWS Identity and Access Management (IAM)** gebruikers of vir geverifieerde gebruikers (gefedereerde gebruikers).
 
-Given that STS's purpose is to **issue credentials for identity impersonation**, the service is immensely valuable for **escalating privileges and maintaining persistence**, even though it might not have a wide array of options.
+Aangesien STS se doel is om **akkrediteerbare vir identiteit se vervalsing** uit te reik, is die diens uiters waardevol vir **bevoegdheidstoename en volgehoue volharding**, selfs al het dit dalk nie 'n wye verskeidenheid opsies nie.
 
 ### Assume Role Impersonation
 
-The action [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) provided by AWS STS is crucial as it permits a principal to acquire credentials for another principal, essentially impersonating them. Upon invocation, it responds with an access key ID, a secret key, and a session token corresponding to the specified ARN.
+Die aksie [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) wat deur AWS STS verskaf word, is van kardinale belang aangesien dit 'n hoofrol toelaat om akkrediteerbare vir 'n ander hoofrol te verkry, wat hulle essensieel vervals. By aanroep, antwoord dit met 'n toegang sleutel ID, 'n geheime sleutel, en 'n sessie token wat ooreenstem met die gespesifiseerde ARN.
 
-For Penetration Testers or Red Team members, this technique is instrumental for privilege escalation (as elaborated [**here**](../aws-privilege-escalation/aws-sts-privesc.md#sts-assumerole)). However, it's worth noting that this technique is quite conspicuous and may not catch an attacker off guard.
+Vir Penetration Testers of Red Team lede, is hierdie tegniek instrumenteel vir bevoegdheidstoename (soos uitgebreider [**hier**](../aws-privilege-escalation/aws-sts-privesc.md#sts-assumerole)). Dit is egter die moeite werd om te noem dat hierdie tegniek redelik opvallend is en mag nie 'n aanvaller onbewus vang nie.
 
 #### Assume Role Logic
 
-In order to assume a role in the same account if the **role to assume is allowing specifically a role ARN** like in:
-
+Om 'n rol in dieselfde rekening aan te neem, as die **rol om aan te neem spesifiek 'n rol ARN toelaat** soos in:
 ```json
 {
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Principal": {
-        "AWS": "arn:aws:iam::<acc_id>:role/priv-role"
-      },
-      "Action": "sts:AssumeRole",
-      "Condition": {}
-    }
-  ]
+"Version": "2012-10-17",
+"Statement": [
+{
+"Effect": "Allow",
+"Principal": {
+"AWS": "arn:aws:iam::<acc_id>:role/priv-role"
+},
+"Action": "sts:AssumeRole",
+"Condition": {}
+}
+]
 }
 ```
+Die rol **`priv-role`** in hierdie geval, **hoef nie spesifiek toegelaat te word** om daardie rol aan te neem (met daardie toelae is genoeg).
 
-The role **`priv-role`** in this case, **doesn't need to be specifically allowed** to assume that role (with that allowance is enough).
-
-However, if a role is allowing an account to assume it, like in:
-
+Maar, as 'n rol 'n rekening toelaat om dit aan te neem, soos in:
 ```json
 {
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Principal": {
-        "AWS": "arn:aws:iam::<acc_id>:root"
-      },
-      "Action": "sts:AssumeRole",
-      "Condition": {}
-    }
-  ]
+"Version": "2012-10-17",
+"Statement": [
+{
+"Effect": "Allow",
+"Principal": {
+"AWS": "arn:aws:iam::<acc_id>:root"
+},
+"Action": "sts:AssumeRole",
+"Condition": {}
+}
+]
 }
 ```
+Die rol wat probeer om aan te neem, sal 'n **spesifieke `sts:AssumeRole` toestemming** oor daardie rol **nodig hê om dit aan te neem**.
 
-The role trying to assume it will need a **specific `sts:AssumeRole` permission** over that role **to assume it**.
-
-If you try to assume a **role** **from a different account**, the **assumed role must allow it** (indicating the role **ARN** or the **external account**), and the **role trying to assume** the other one **MUST** to h**ave permissions to assume it** (in this case this isn't optional even if the assumed role is specifying an ARN).
+As jy probeer om 'n **rol** **van 'n ander rekening** aan te neem, moet die **aangenome rol dit toelaat** (wat die rol **ARN** of die **eksterne rekening** aandui), en die **rol wat probeer om die ander een aan te neem** **MOET** **toestemmings hê om dit aan te neem** (in hierdie geval is dit nie opsioneel nie, selfs al spesifiseer die aangeneemde rol 'n ARN).
 
 ### Enumeration
-
 ```bash
 # Get basic info of the creds
 aws sts get-caller-identity
@@ -72,10 +67,9 @@ aws sts get-session-token
 ## MFA
 aws sts get-session-token --serial-number <arn_device> --token-code <otp_code>
 ```
-
 ### Privesc
 
-In the following page you can check how to **abuse STS permissions to escalate privileges**:
+In die volgende bladsy kan jy kyk hoe om **STS-toestemmings te misbruik om voorregte te verhoog**:
 
 {{#ref}}
 ../aws-privilege-escalation/aws-sts-privesc.md
@@ -98,7 +92,3 @@ In the following page you can check how to **abuse STS permissions to escalate p
 - [https://blog.christophetd.fr/retrieving-aws-security-credentials-from-the-aws-console/?utm_source=pocket_mylist](https://blog.christophetd.fr/retrieving-aws-security-credentials-from-the-aws-console/?utm_source=pocket_mylist)
 
 {{#include ../../../banners/hacktricks-training.md}}
-
-
-
-