gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-02-04 19:11:41 -08:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/

Browse Source
This commit is contained in:
Translator
2024-12-31 20:24:43 +00:00
parent 10e2881a9b
commit 9ce07d92a3
245 changed files with 9883 additions and 12659 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.md
View File

@@ -4,20 +4,19 @@
## CloudFront
CloudFront is AWS's **content delivery network that speeds up distribution** of your static and dynamic content through its worldwide network of edge locations. When you use a request content that you're hosting through Amazon CloudFront, the request is routed to the closest edge location which provides it the lowest latency to deliver the best performance. When **CloudFront access logs** are enabled you can record the request from each user requesting access to your website and distribution. As with S3 access logs, these logs are also **stored on Amazon S3 for durable and persistent storage**. There are no charges for enabling logging itself, however, as the logs are stored in S3 you will be stored for the storage used by S3.
CloudFront je AWS-ova **mreža za isporuku sadržaja koja ubrzava distribuciju** vašeg statičkog i dinamičkog sadržaja putem svoje svetske mreže ivica. Kada koristite zahtev za sadržajem koji hostujete putem Amazon CloudFront-a, zahtev se usmerava na najbližu ivicu koja pruža najnižu latenciju za najbolju performansu. Kada su **CloudFront pristupni logovi** omogućeni, možete zabeležiti zahtev svakog korisnika koji traži pristup vašem veb sajtu i distribuciji. Kao i kod S3 pristupnih logova, ovi logovi su takođe **smešteni na Amazon S3 za trajno i postojano skladištenje**. Nema troškova za omogućavanje logovanja, međutim, pošto su logovi smešteni u S3, bićete naplaćeni za skladištenje koje koristi S3.
The log files capture data over a period of time and depending on the amount of requests that are received by Amazon CloudFront for that distribution will depend on the amount of log fils that are generated. It's important to know that these log files are not created or written to on S3. S3 is simply where they are delivered to once the log file is full. **Amazon CloudFront retains these logs until they are ready to be delivered to S3**. Again, depending on the size of these log files this delivery can take **between one and 24 hours**.
Log fajlovi beleže podatke tokom određenog vremenskog perioda i zavisno od broja zahteva koje Amazon CloudFront primi za tu distribuciju, zavisiće i broj generisanih log fajlova. Važno je znati da se ovi log fajlovi ne kreiraju ili ne pišu na S3. S3 je jednostavno mesto gde se isporučuju kada je log fajl pun. **Amazon CloudFront zadržava ove logove dok nisu spremni za isporuku na S3**. Ponovo, u zavisnosti od veličine ovih log fajlova, ova isporuka može trajati **između jednog i 24 sata**.
**By default cookie logging is disabled** but you can enable it.
**Po defaultu, logovanje kolačića je onemogućeno** ali ga možete omogućiti.
### Functions
You can create functions in CloudFront. These functions will have its **endpoint in cloudfront** defined and will run a declared **NodeJS code**. This code will run inside a **sandbox** in a machine running under an AWS managed machine (you would need a sandbox bypass to manage to escape to the underlaying OS).
Možete kreirati funkcije u CloudFront-u. Ove funkcije će imati svoj **endpoint u cloudfront-u** definisan i izvršiće deklarisani **NodeJS kod**. Ovaj kod će se izvršavati unutar **sandbox-a** na mašini koja radi pod AWS upravljanom mašinom (biće vam potrebna zaobilaženje sandbox-a da biste uspeli da pobegnete u osnovni OS).
As the functions aren't run in the users AWS account. no IAM role is attached so no direct privesc is possible abusing this feature.
Pošto se funkcije ne izvršavaju u korisnikovom AWS nalogu, nijedna IAM uloga nije povezana, tako da nije moguće direktno privilegije eskalirati zloupotrebom ove funkcije.
### Enumeration
```bash
aws cloudfront list-distributions
aws cloudfront get-distribution --id <id> # Just get 1
@@ -28,21 +27,16 @@ aws cloudfront get-function --name TestFunction function_code.js
aws cloudfront list-distributions | jq ".DistributionList.Items[] | .Id, .Origins.Items[].Id, .Origins.Items[].DomainName, .AliasICPRecordals[].CNAME"
```
## Unauthenticated Access
## Neautentifikovani Pristup
{{#ref}}
../aws-unauthenticated-enum-access/aws-cloudfront-unauthenticated-enum.md
{{#endref}}
## Post Exploitation
## Post Eksploatacija
{{#ref}}
../aws-post-exploitation/aws-cloudfront-post-exploitation.md
{{#endref}}
{{#include ../../../banners/hacktricks-training.md}}