gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-13 21:36:23 -08:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/

Browse Source
This commit is contained in:
Translator
2024-12-31 20:18:58 +00:00
parent 820dd99aed
commit 931ae54e5f
245 changed files with 9984 additions and 12710 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/pentesting-cloud/aws-security/aws-post-exploitation/aws-cloudfront-post-exploitation.md
View File

@@ -4,7 +4,7 @@
## CloudFront
For more information check:
Per ulteriori informazioni controlla:
{{#ref}}
../aws-services/aws-cloudfront-enum.md
@@ -12,24 +12,20 @@ For more information check:
### Man-in-the-Middle
This [**blog post**](https://medium.com/@adan.alvarez/how-attackers-can-misuse-aws-cloudfront-access-to-make-it-rain-cookies-acf9ce87541c) proposes a couple of different scenarios where a **Lambda** could be added (or modified if it's already being used) into a **communication through CloudFront** with the purpose of **stealing** user information (like the session **cookie**) and **modifying** the **response** (injecting a malicious JS script).
Questo [**post del blog**](https://medium.com/@adan.alvarez/how-attackers-can-misuse-aws-cloudfront-access-to-make-it-rain-cookies-acf9ce87541c) propone un paio di scenari diversi in cui una **Lambda** potrebbe essere aggiunta (o modificata se è già in uso) in una **comunicazione tramite CloudFront** con lo scopo di **rubare** informazioni degli utenti (come il **cookie** di sessione) e **modificare** la **risposta** (iniettando uno script JS malevolo).
#### scenario 1: MitM where CloudFront is configured to access some HTML of a bucket
#### scenario 1: MitM dove CloudFront è configurato per accedere a qualche HTML di un bucket
- **Create** the malicious **function**.
- **Associate** it with the CloudFront distribution.
- Set the **event type to "Viewer Response"**.
- **Crea** la **funzione** malevola.
- **Associala** alla distribuzione CloudFront.
- Imposta il **tipo di evento su "Viewer Response"**.
Accessing the response you could steal the users cookie and inject a malicious JS.
Accedendo alla risposta potresti rubare il cookie degli utenti e iniettare un JS malevolo.
#### scenario 2: MitM where CloudFront is already using a lambda function
#### scenario 2: MitM dove CloudFront sta già utilizzando una funzione lambda
- **Modify the code** of the lambda function to steal sensitive information
- **Modifica il codice** della funzione lambda per rubare informazioni sensibili
You can check the [**tf code to recreate this scenarios here**](https://github.com/adanalvarez/AWS-Attack-Scenarios/tree/main).
Puoi controllare il [**codice tf per ricreare questi scenari qui**](https://github.com/adanalvarez/AWS-Attack-Scenarios/tree/main).
{{#include ../../../banners/hacktricks-training.md}}