mirror of
https://github.com/HackTricks-wiki/hacktricks-cloud.git
synced 2026-02-04 11:07:37 -08:00
Translated ['', 'src/pentesting-cloud/aws-security/aws-unauthenticated-e
This commit is contained in:
Translator
@@ -1,54 +1,60 @@
|
||||
# AWS - Neautentifikovana Enum & Pristup
|
||||
# AWS - Unauthenticated Enum & Access
|
||||
|
||||
{{#include ../../../banners/hacktricks-training.md}}
|
||||
|
||||
## AWS Kredencijali Curjenja
|
||||
## AWS Credentials Leaks
|
||||
|
||||
Uobičajen način da se dobije pristup ili informacije o AWS nalogu je **pretraživanje curenja**. Možete pretraživati curenja koristeći **google dorks**, proveravajući **javne repozitorijume** organizacije i **radnike** organizacije na **Githubu** ili drugim platformama, pretražujući u **bazama podataka o curenjima kredencijala**... ili na bilo kojem drugom mestu gde mislite da biste mogli pronaći informacije o kompaniji i njenoj cloud infrastrukturi.\
|
||||
Neki korisni **alati**:
|
||||
Čest način da se dobije pristup ili informacije o AWS nalogu je **pretraživanje za leak-ovima**. Možete tražiti leak-ove koristeći **google dorks**, proveravajući **public repos** organizacije i radnika organizacije na **Github** ili drugim platformama, pretražujući u **credentials leaks databases**... ili bilo gde drugde za šta mislite da možete naći informacije o kompaniji i njenoj cloud infrastrukturi.\
|
||||
Neki korisni **alatke**:
|
||||
|
||||
- [https://github.com/carlospolop/leakos](https://github.com/carlospolop/leakos)
|
||||
- [https://github.com/carlospolop/pastos](https://github.com/carlospolop/pastos)
|
||||
- [https://github.com/carlospolop/gorks](https://github.com/carlospolop/gorks)
|
||||
|
||||
## AWS Neautentifikovana Enum & Pristup
|
||||
## AWS Unauthenticated Enum & Access
|
||||
|
||||
Postoji nekoliko usluga u AWS-u koje mogu biti konfigurisane tako da daju neku vrstu pristupa svima na internetu ili većem broju ljudi nego što se očekuje. Proverite ovde kako:
|
||||
Postoji nekoliko servisa u AWS koji mogu biti konfigurisani tako da daju neku vrstu pristupa celom Internetu ili većem broju ljudi nego što je očekivano. Pogledajte ovde kako:
|
||||
|
||||
- [**Neautentifikovana Enum Naloga**](aws-accounts-unauthenticated-enum.md)
|
||||
- [**Neautentifikovana Enum Cloud9**](https://github.com/carlospolop/hacktricks-cloud/blob/master/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/broken-reference/README.md)
|
||||
- [**Neautentifikovana Enum Cloudfront**](aws-cloudfront-unauthenticated-enum.md)
|
||||
- [**Neautentifikovana Enum Cloudsearch**](https://github.com/carlospolop/hacktricks-cloud/blob/master/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/broken-reference/README.md)
|
||||
- [**Neautentifikovana Enum Cognito**](aws-cognito-unauthenticated-enum.md)
|
||||
- [**Neautentifikovana Enum DocumentDB**](aws-documentdb-enum.md)
|
||||
- [**Neautentifikovana Enum EC2**](aws-ec2-unauthenticated-enum.md)
|
||||
- [**Neautentifikovana Enum Elasticsearch**](aws-elasticsearch-unauthenticated-enum.md)
|
||||
- [**Neautentifikovana Enum IAM**](aws-iam-and-sts-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup IoT**](aws-iot-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup Kinesis Video**](aws-kinesis-video-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup Mediji**](aws-media-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup MQ**](aws-mq-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup MSK**](aws-msk-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup RDS**](aws-rds-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup Redshift**](aws-redshift-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup SQS**](aws-sqs-unauthenticated-enum.md)
|
||||
- [**Neautentifikovani Pristup S3**](aws-s3-unauthenticated-enum.md)
|
||||
- [**Accounts Unauthenticated Enum**](aws-accounts-unauthenticated-enum/index.html)
|
||||
- [**API Gateway Unauthenticated Enum**](aws-api-gateway-unauthenticated-enum/index.html)
|
||||
- [**Cloudfront Unauthenticated Enum**](aws-cloudfront-unauthenticated-enum/index.html)
|
||||
- [**Codebuild Unauthenticated Access**](aws-codebuild-unauthenticated-access/index.html)
|
||||
- [**Cognito Unauthenticated Enum**](aws-cognito-unauthenticated-enum/index.html)
|
||||
- [**DocumentDB Unauthenticated Enum**](aws-documentdb-enum/index.html)
|
||||
- [**DynamoDB Unauthenticated Access**](aws-dynamodb-unauthenticated-access/index.html)
|
||||
- [**EC2 Unauthenticated Enum**](aws-ec2-unauthenticated-enum/index.html)
|
||||
- [**Elastic Beanstalk Unauthenticated Enum**](aws-elastic-beanstalk-unauthenticated-enum/index.html)
|
||||
- [**Elasticsearch Unauthenticated Enum**](aws-elasticsearch-unauthenticated-enum/index.html)
|
||||
- [**IAM Unauthenticated Enum**](aws-iam-and-sts-unauthenticated-enum/index.html)
|
||||
- [**Identity Center and SSO Unauthenticated Enum**](aws-identity-center-and-sso-unauthenticated-enum/index.html)
|
||||
- [**IoT Unauthenticated Enum**](aws-iot-unauthenticated-enum/index.html)
|
||||
- [**Kinesis Video Unauthenticated Enum**](aws-kinesis-video-unauthenticated-enum/index.html)
|
||||
- [**Lambda Unauthenticated Access**](aws-lambda-unauthenticated-access/index.html)
|
||||
- [**Media Unauthenticated Enum**](aws-media-unauthenticated-enum/index.html)
|
||||
- [**MQ Unauthenticated Enum**](aws-mq-unauthenticated-enum/index.html)
|
||||
- [**MSK Unauthenticated Enum**](aws-msk-unauthenticated-enum/index.html)
|
||||
- [**RDS Unauthenticated Enum**](aws-rds-unauthenticated-enum/index.html)
|
||||
- [**Redshift Unauthenticated Enum**](aws-redshift-unauthenticated-enum/index.html)
|
||||
- [**S3 Unauthenticated Enum**](aws-s3-unauthenticated-enum/index.html)
|
||||
- [**Sagemaker Unauthenticated Enum**](aws-sagemaker-unauthenticated-enum/index.html)
|
||||
- [**SNS Unauthenticated Enum**](aws-sns-unauthenticated-enum/index.html)
|
||||
- [**SQS Unauthenticated Enum**](aws-sqs-unauthenticated-enum/index.html)
|
||||
|
||||
## Napadi Preko Naloga
|
||||
## Cross Account Attacks
|
||||
|
||||
U predavanju [**Rušenje Izolacije: Cross-Account AWS Ranljivosti**](https://www.youtube.com/watch?v=JfEFIcpJ2wk) prikazano je kako neke usluge omogućavaju bilo kojem AWS nalogu pristup jer su **AWS usluge bez specificiranja ID-a naloga** bile dozvoljene.
|
||||
U predavanju [**Breaking the Isolation: Cross-Account AWS Vulnerabilities**](https://www.youtube.com/watch?v=JfEFIcpJ2wk) prikazano je kako su neki servisi omogućavali pristup bilo kom AWS nalogu jer su **AWS services without specifying accounts ID** bili dozvoljeni.
|
||||
|
||||
Tokom predavanja navode se nekoliko primera, kao što su S3 bucket-i **koji omogućavaju cloudtrail** (bilo kojem **AWS** nalogu) da **pišu u njih**:
|
||||
Tokom predavanja navode se različiti primeri, kao što su S3 buckets koji su dozvoljavali cloudtrail (od **any AWS** account) da piše u njih:
|
||||
|
||||
.png>)
|
||||
|
||||
Druge usluge koje su pronađene ranjive:
|
||||
Ostali servisi koji su pronađeni kao ranjivi:
|
||||
|
||||
- AWS Config
|
||||
- Serverless repozitorijum
|
||||
- Serverless repository
|
||||
|
||||
## Alati
|
||||
## Tools
|
||||
|
||||
- [**cloud_enum**](https://github.com/initstring/cloud_enum): Multi-cloud OSINT alat. **Pronađite javne resurse** u AWS-u, Azure-u i Google Cloud-u. Podržane AWS usluge: Otvoreni / Zaštićeni S3 bucket-i, awsapps (WorkMail, WorkDocs, Connect, itd.)
|
||||
- [**cloud_enum**](https://github.com/initstring/cloud_enum): Multi-cloud OSINT tool. **Find public resources** u AWS, Azure, i Google Cloud. Supported AWS services: Open / Protected S3 Buckets, awsapps (WorkMail, WorkDocs, Connect, etc.)
|
||||
|
||||
{{#include ../../../banners/hacktricks-training.md}}
|
||||
|
||||
Reference in New Issue
Block a user