From 80f0643b2d16b111ed19640c5a2760fdada7344e Mon Sep 17 00:00:00 2001 From: Translator Date: Mon, 24 Nov 2025 21:40:25 +0000 Subject: [PATCH] Translated ['', 'src/pentesting-cloud/aws-security/aws-unauthenticated-e --- .../aws-unauthenticated-enum-access/README.md | 64 ++++++++++--------- 1 file changed, 35 insertions(+), 29 deletions(-) diff --git a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/README.md b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/README.md index 00384ebb3..c4cc1aae0 100644 --- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/README.md +++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/README.md @@ -1,44 +1,50 @@ -# AWS - Ongeauthentiseerde Enum & Toegang +# AWS - Unauthenticated Enum & Access {{#include ../../../banners/hacktricks-training.md}} -## AWS Kredensiaal Lekke +## AWS Credentials Leaks -'n Algemene manier om toegang of inligting oor 'n AWS-rekening te verkry, is deur **lekke te soek**. Jy kan lekke soek deur **google dorks**, die **openbare repos** van die **organisasie** en die **werkers** van die organisasie in **Github** of ander platforms te kontroleer, in **kredensiaal lekdatabasisse** te soek... of in enige ander plek waar jy dalk inligting oor die maatskappy en sy wolkinfrastruktuur kan vind.\ -Sommige nuttige **hulpmiddels**: +'n Algemene manier om toegang of inligting oor 'n AWS-rekening te verkry is deur **searching for leaks**. Jy kan na leaks soek deur **google dorks** te gebruik, die **public repos** van die **organization** en die **workers** van die organisasie op **Github** of ander platforms te kontroleer, in **credentials leaks databases** te soek... of enige ander plek wat jy dink jy mag inligting oor die maatskappy en sy cloud infa kan vind.\ +Sommige nuttige **tools**: - [https://github.com/carlospolop/leakos](https://github.com/carlospolop/leakos) - [https://github.com/carlospolop/pastos](https://github.com/carlospolop/pastos) - [https://github.com/carlospolop/gorks](https://github.com/carlospolop/gorks) -## AWS Ongeauthentiseerde Enum & Toegang +## AWS Unauthenticated Enum & Access -Daar is verskeie dienste in AWS wat geconfigureer kan word om 'n soort toegang aan die hele internet of aan meer mense as verwag te gee. Kyk hier hoe: +Daar is verskeie dienste in AWS wat so gekonfigureer kan wees dat hulle 'n vorm van toegang aan die hele Internet of aan meer mense as verwag verleen. Kyk hier hoe: -- [**Rekeninge Ongeauthentiseerde Enum**](aws-accounts-unauthenticated-enum.md) -- [**Cloud9 Ongeauthentiseerde Enum**](https://github.com/carlospolop/hacktricks-cloud/blob/master/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/broken-reference/README.md) -- [**Cloudfront Ongeauthentiseerde Enum**](aws-cloudfront-unauthenticated-enum.md) -- [**Cloudsearch Ongeauthentiseerde Enum**](https://github.com/carlospolop/hacktricks-cloud/blob/master/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/broken-reference/README.md) -- [**Cognito Ongeauthentiseerde Enum**](aws-cognito-unauthenticated-enum.md) -- [**DocumentDB Ongeauthentiseerde Enum**](aws-documentdb-enum.md) -- [**EC2 Ongeauthentiseerde Enum**](aws-ec2-unauthenticated-enum.md) -- [**Elasticsearch Ongeauthentiseerde Enum**](aws-elasticsearch-unauthenticated-enum.md) -- [**IAM Ongeauthentiseerde Enum**](aws-iam-and-sts-unauthenticated-enum.md) -- [**IoT Ongeauthentiseerde Toegang**](aws-iot-unauthenticated-enum.md) -- [**Kinesis Video Ongeauthentiseerde Toegang**](aws-kinesis-video-unauthenticated-enum.md) -- [**Media Ongeauthentiseerde Toegang**](aws-media-unauthenticated-enum.md) -- [**MQ Ongeauthentiseerde Toegang**](aws-mq-unauthenticated-enum.md) -- [**MSK Ongeauthentiseerde Toegang**](aws-msk-unauthenticated-enum.md) -- [**RDS Ongeauthentiseerde Toegang**](aws-rds-unauthenticated-enum.md) -- [**Redshift Ongeauthentiseerde Toegang**](aws-redshift-unauthenticated-enum.md) -- [**SQS Ongeauthentiseerde Toegang**](aws-sqs-unauthenticated-enum.md) -- [**S3 Ongeauthentiseerde Toegang**](aws-s3-unauthenticated-enum.md) +- [**Accounts Unauthenticated Enum**](aws-accounts-unauthenticated-enum/index.html) +- [**API Gateway Unauthenticated Enum**](aws-api-gateway-unauthenticated-enum/index.html) +- [**Cloudfront Unauthenticated Enum**](aws-cloudfront-unauthenticated-enum/index.html) +- [**Codebuild Unauthenticated Access**](aws-codebuild-unauthenticated-access/index.html) +- [**Cognito Unauthenticated Enum**](aws-cognito-unauthenticated-enum/index.html) +- [**DocumentDB Unauthenticated Enum**](aws-documentdb-enum/index.html) +- [**DynamoDB Unauthenticated Access**](aws-dynamodb-unauthenticated-access/index.html) +- [**EC2 Unauthenticated Enum**](aws-ec2-unauthenticated-enum/index.html) +- [**Elastic Beanstalk Unauthenticated Enum**](aws-elastic-beanstalk-unauthenticated-enum/index.html) +- [**Elasticsearch Unauthenticated Enum**](aws-elasticsearch-unauthenticated-enum/index.html) +- [**IAM Unauthenticated Enum**](aws-iam-and-sts-unauthenticated-enum/index.html) +- [**Identity Center and SSO Unauthenticated Enum**](aws-identity-center-and-sso-unauthenticated-enum/index.html) +- [**IoT Unauthenticated Enum**](aws-iot-unauthenticated-enum/index.html) +- [**Kinesis Video Unauthenticated Enum**](aws-kinesis-video-unauthenticated-enum/index.html) +- [**Lambda Unauthenticated Access**](aws-lambda-unauthenticated-access/index.html) +- [**Media Unauthenticated Enum**](aws-media-unauthenticated-enum/index.html) +- [**MQ Unauthenticated Enum**](aws-mq-unauthenticated-enum/index.html) +- [**MSK Unauthenticated Enum**](aws-msk-unauthenticated-enum/index.html) +- [**RDS Unauthenticated Enum**](aws-rds-unauthenticated-enum/index.html) +- [**Redshift Unauthenticated Enum**](aws-redshift-unauthenticated-enum/index.html) +- [**S3 Unauthenticated Enum**](aws-s3-unauthenticated-enum/index.html) +- [**Sagemaker Unauthenticated Enum**](aws-sagemaker-unauthenticated-enum/index.html) +- [**SNS Unauthenticated Enum**](aws-sns-unauthenticated-enum/index.html) +- [**SQS Unauthenticated Enum**](aws-sqs-unauthenticated-enum/index.html) -## Kruisrekening Aanvalle +## Kruis-rekening-aanvalle -In die praatjie [**Breaking the Isolation: Cross-Account AWS Vulnerabilities**](https://www.youtube.com/watch?v=JfEFIcpJ2wk) word voorgestel hoe sommige dienste enige AWS-rekening toegelaat het om toegang te verkry omdat **AWS dienste sonder om rekening-ID's te spesifiseer** toegelaat is. +In die praatjie [**Breaking the Isolation: Cross-Account AWS Vulnerabilities**](https://www.youtube.com/watch?v=JfEFIcpJ2wk) word getoon hoe sommige dienste enige AWS-rekening toegang gegee het omdat **AWS services without specifying accounts ID** toegelaat is. -Tydens die praatjie spesifiseer hulle verskeie voorbeelde, soos S3-buckets wat **cloudtrail** (van **enige AWS** rekening) toelaat om **na hulle te skryf**: +Tydens die praatjie noem hulle verskeie voorbeelde, soos S3 buckets **allowing cloudtrai**l (of **any AWS** account) to **write to them**: ![](<../../../images/image (260).png>) @@ -47,8 +53,8 @@ Ander dienste wat kwesbaar gevind is: - AWS Config - Serverless repository -## Hulpmiddels +## Gereedskap -- [**cloud_enum**](https://github.com/initstring/cloud_enum): Multi-cloud OSINT hulpmiddel. **Vind openbare hulpbronne** in AWS, Azure, en Google Cloud. Ondersteunde AWS dienste: Open / Beskermde S3 Buckets, awsapps (WorkMail, WorkDocs, Connect, ens.) +- [**cloud_enum**](https://github.com/initstring/cloud_enum): Multi-cloud OSINT gereedskap. **Vind openbare hulpbronne** in AWS, Azure, en Google Cloud. Ondersteunde AWS-dienste: Open / Protected S3 Buckets, awsapps (WorkMail, WorkDocs, Connect, etc.) {{#include ../../../banners/hacktricks-training.md}}