mirror of
https://github.com/HackTricks-wiki/hacktricks-cloud.git
synced 2026-02-04 19:11:41 -08:00
Translated ['src/pentesting-cloud/aws-security/aws-post-exploitation/aws
This commit is contained in:
Translator
@@ -111,6 +111,7 @@
|
||||
- [GCP - Add Custom SSH Metadata](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/gcp-add-custom-ssh-metadata.md)
|
||||
- [GCP - Composer Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.md)
|
||||
- [GCP - Container Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.md)
|
||||
- [GCP - Dataproc Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-dataproc-privesc.md)
|
||||
- [GCP - Deploymentmaneger Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-deploymentmaneger-privesc.md)
|
||||
- [GCP - IAM Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.md)
|
||||
- [GCP - KMS Privesc](pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-kms-privesc.md)
|
||||
@@ -161,6 +162,7 @@
|
||||
- [GCP - VPC & Networking](pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.md)
|
||||
- [GCP - Composer Enum](pentesting-cloud/gcp-security/gcp-services/gcp-composer-enum.md)
|
||||
- [GCP - Containers & GKE Enum](pentesting-cloud/gcp-security/gcp-services/gcp-containers-gke-and-composer-enum.md)
|
||||
- [GCP - Dataproc Enum](pentesting-cloud/gcp-security/gcp-services/gcp-dataproc-enum.md)
|
||||
- [GCP - DNS Enum](pentesting-cloud/gcp-security/gcp-services/gcp-dns-enum.md)
|
||||
- [GCP - Filestore Enum](pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.md)
|
||||
- [GCP - Firebase Enum](pentesting-cloud/gcp-security/gcp-services/gcp-firebase-enum.md)
|
||||
|
||||
@@ -92,22 +92,22 @@ aws kms put-key-policy --key-id mrk-c10357313a644d69b4b28b88523ef20c \
|
||||
}
|
||||
```
|
||||
> [!CAUTION]
|
||||
> Imajte na umu da ako promenite tu politiku i omogućite pristup samo eksternom nalogu, a zatim iz ovog eksternog naloga pokušate da postavite novu politiku da **ponovo omogućite pristup originalnom nalogu, nećete moći**.
|
||||
> Imajte na umu da ako promenite tu politiku i date pristup samo eksternom nalogu, a zatim iz ovog eksternog naloga pokušate da postavite novu politiku da **ponovo date pristup originalnom nalogu, nećete moći jer akcija Put Policy ne može biti izvršena iz međunaložja**.
|
||||
|
||||
<figure><img src="../../../images/image (77).png" alt=""><figcaption></figcaption></figure>
|
||||
|
||||
### Generički KMS Ransomware
|
||||
### Generic KMS Ransomware
|
||||
|
||||
#### Globalni KMS Ransomware
|
||||
#### Global KMS Ransomware
|
||||
|
||||
Postoji još jedan način da se izvrši globalni KMS Ransomware, koji bi uključivao sledeće korake:
|
||||
|
||||
- Kreirajte novi **ključ sa ključnim materijalom** koji je uvezen od strane napadača
|
||||
- Kreirajte novu **ključ sa ključnim materijalom** koji je uvezen od strane napadača
|
||||
- **Ponovo enkriptujte starije podatke** enkriptovane prethodnom verzijom sa novom.
|
||||
- **Obrišite KMS ključ**
|
||||
- Sada samo napadač, koji ima originalni ključni materijal, može dekriptovati enkriptovane podatke
|
||||
|
||||
### Uništavanje ključeva
|
||||
### Destroy keys
|
||||
```bash
|
||||
# Destoy they key material previously imported making the key useless
|
||||
aws kms delete-imported-key-material --key-id 1234abcd-12ab-34cd-56ef-1234567890ab
|
||||
|
||||
Reference in New Issue
Block a user