gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-09 11:44:59 -08:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/pentesting-cloud/aws-security/aws-privilege-escalation/

Browse Source
This commit is contained in:
Translator
2025-01-05 10:37:27 +00:00
parent f842e98fd2
commit 89a5cbe15d
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/iam-passrole-codestar-createproject.md
View File

@@ -2,7 +2,7 @@
{{#include ../../../../banners/hacktricks-training.md}}
Kwa ruhusa hizi unaweza **kutumia codestar IAM Role** kufanya **vitendo vyovyote** kupitia **cloudformation template**.
Kwa ruhusa hizi unaweza **kutumia codestar IAM Role** kufanya **vitendo vya kiholela** kupitia **cloudformation template**.
Ili kutumia hii unahitaji kuunda **S3 bucket inayopatikana** kutoka kwa akaunti iliyoshambuliwa. Pakia faili inayoitwa `toolchain.json`. Faili hii inapaswa kuwa na **cloudformation template exploit**. Ifuatayo inaweza kutumika kuweka sera inayosimamiwa kwa mtumiaji chini ya udhibiti wako na **kumpa ruhusa za admin**:
```json:toolchain.json
@@ -36,7 +36,7 @@ empty.zip
Kumbuka kwamba **bucket yenye faili zote mbili inapaswa kufikiwa na akaunti ya mwathirika**.
Kwa vitu vyote viwili vilivyopakiwa sasa unaweza kuendelea na **exploitation** kwa kuunda mradi wa **codestar**:
Kwa vitu vyote viwili vilivyopakuliwa, sasa unaweza kuendelea na **exploitation** kwa kuunda mradi wa **codestar**:
```bash
PROJECT_NAME="supercodestar"
@@ -81,6 +81,6 @@ aws codestar create-project \
--source-code file://$SOURCE_CODE_PATH \
--toolchain file://$TOOLCHAIN_PATH
```
Huu uvunjaji unategemea **uvunjaji wa Pacu wa haki hizi**: [https://github.com/RhinoSecurityLabs/pacu/blob/2a0ce01f075541f7ccd9c44fcfc967cad994f9c9/pacu/modules/iam\_\_privesc_scan/main.py#L1997](https://github.com/RhinoSecurityLabs/pacu/blob/2a0ce01f075541f7ccd9c44fcfc967cad994f9c9/pacu/modules/iam__privesc_scan/main.py#L1997) Juu yake unaweza kupata toleo la kuunda sera ya usimamizi wa admin kwa jukumu badala ya kwa mtumiaji.
Hii exploit inategemea **Pacu exploit ya haki hizi**: [https://github.com/RhinoSecurityLabs/pacu/blob/2a0ce01f075541f7ccd9c44fcfc967cad994f9c9/pacu/modules/iam\_\_privesc_scan/main.py#L1997](https://github.com/RhinoSecurityLabs/pacu/blob/2a0ce01f075541f7ccd9c44fcfc967cad994f9c9/pacu/modules/iam__privesc_scan/main.py#L1997) Juu yake unaweza kupata toleo la kuunda sera ya usimamizi wa admin kwa jukumu badala ya kwa mtumiaji.
{{#include ../../../../banners/hacktricks-training.md}}