From a51dbe2c5eead34d8945dfe05f1168eb95582f46 Mon Sep 17 00:00:00 2001 From: Translator Date: Thu, 9 Oct 2025 10:28:36 +0000 Subject: [PATCH] Fix unmatched refs --- .../aws-codebuild-post-exploitation/README.md | 2 +- .../aws-services/aws-api-gateway-enum.md | 8 ++++---- .../aws-cloudformation-and-codestar-enum.md | 2 +- .../aws-services/aws-cloudfront-enum.md | 4 ++-- .../aws-services/aws-codebuild-enum.md | 4 ++-- .../aws-services/aws-cognito-enum/README.md | 6 +++--- ...peline-codepipeline-codebuild-and-codecommit.md | 4 ++-- .../aws-directory-services-workdocs-enum.md | 4 ++-- .../aws-security/aws-services/aws-dynamodb-enum.md | 8 ++++---- .../aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/README.md | 12 ++++++------ .../aws-security/aws-services/aws-ecr-enum.md | 8 ++++---- .../aws-security/aws-services/aws-ecs-enum.md | 8 ++++---- .../aws-security/aws-services/aws-efs-enum.md | 6 +++--- .../aws-security/aws-services/aws-eks-enum.md | 2 +- .../aws-services/aws-elastic-beanstalk-enum.md | 8 ++++---- .../aws-security/aws-services/aws-emr-enum.md | 2 +- .../aws-security/aws-services/aws-iam-enum.md | 14 +++++++------- .../aws-security/aws-services/aws-kms-enum.md | 6 +++--- .../aws-security/aws-services/aws-lambda-enum.md | 4 ++-- .../aws-services/aws-lightsail-enum.md | 6 +++--- .../aws-security/aws-services/aws-macie-enum.md | 2 +- .../aws-security/aws-services/aws-mq-enum.md | 4 ++-- .../aws-security/aws-services/aws-msk-enum.md | 4 ++-- .../aws-security/aws-services/aws-redshift-enum.md | 2 +- .../aws-relational-database-rds-enum.md | 8 ++++---- .../aws-security/aws-services/aws-route53-enum.md | 2 +- .../aws-services/aws-s3-athena-and-glacier-enum.md | 8 ++++---- .../aws-services/aws-secrets-manager-enum.md | 6 +++--- .../aws-cloudtrail-enum.md | 6 +++--- .../aws-control-tower-enum.md | 2 +- .../aws-security/aws-services/aws-ses-enum.md | 2 +- .../aws-security/aws-services/aws-sns-enum.md | 8 ++++---- .../aws-services/aws-sqs-and-sns-enum.md | 8 ++++---- .../aws-services/aws-stepfunctions-enum.md | 6 +++--- .../aws-security/aws-services/aws-sts-enum.md | 6 +++--- .../aws-services/eventbridgescheduler-enum.md | 2 +- 36 files changed, 97 insertions(+), 97 deletions(-) diff --git a/src/pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/README.md b/src/pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/README.md index 5781fc890..fe68186dd 100644 --- a/src/pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/README.md +++ b/src/pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/README.md @@ -16,7 +16,7 @@ Si se han configurado credenciales en Codebuild para conectarse a Github, Gitlab Por lo tanto, si tienes acceso para leer el administrador de secretos, podrás obtener estos secretos y pivotar a la plataforma conectada. {{#ref}} -../../aws-privilege-escalation/aws-secrets-manager-privesc.md +../../aws-privilege-escalation/aws-secrets-manager-privesc/README.md {{#endref}} ### Abusar del Acceso al Repositorio de CodeBuild diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.md index c7eb9b127..f43435426 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.md @@ -263,25 +263,25 @@ Para que una clave API funcione, necesitas agregarla a un **Plan de Uso**, este ## Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum/README.md {{#endref}} ## Privesc {{#ref}} -../aws-privilege-escalation/aws-apigateway-privesc.md +../aws-privilege-escalation/aws-apigateway-privesc/README.md {{#endref}} ## Post Explotación {{#ref}} -../aws-post-exploitation/aws-api-gateway-post-exploitation.md +../aws-post-exploitation/aws-api-gateway-post-exploitation/README.md {{#endref}} ## Persistencia {{#ref}} -../aws-persistence/aws-api-gateway-persistence.md +../aws-persistence/aws-api-gateway-persistence/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.md index 6dbe8386e..8fcdb8cca 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.md @@ -40,7 +40,7 @@ En la siguiente página puedes verificar cómo **abusar de los permisos de cloud ### Persistence {{#ref}} -../aws-persistence/aws-cloudformation-persistence.md +../aws-persistence/aws-cloudformation-persistence/README.md {{#endref}} ### Post-Exploitation diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.md index a5df1c4ab..a4c21f62a 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.md @@ -30,13 +30,13 @@ aws cloudfront list-distributions | jq ".DistributionList.Items[] | .Id, .Origin ## Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-cloudfront-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-cloudfront-unauthenticated-enum/README.md {{#endref}} ## Post Explotación {{#ref}} -../aws-post-exploitation/aws-cloudfront-post-exploitation.md +../aws-post-exploitation/aws-cloudfront-post-exploitation/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.md index ab9c6dc50..d12400f85 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.md @@ -52,7 +52,7 @@ aws codebuild describe-test-cases --report-arn En la siguiente página, puedes verificar cómo **abusar de los permisos de codebuild para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-codebuild-privesc.md +../aws-privilege-escalation/aws-codebuild-privesc/README.md {{#endref}} ### Post Explotación @@ -64,7 +64,7 @@ En la siguiente página, puedes verificar cómo **abusar de los permisos de code ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-codebuild-unauthenticated-access.md +../aws-unauthenticated-enum-access/aws-codebuild-unauthenticated-access/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-cognito-enum/README.md b/src/pentesting-cloud/aws-security/aws-services/aws-cognito-enum/README.md index 641a0fb2e..d3e7c0c28 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-cognito-enum/README.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-cognito-enum/README.md @@ -82,19 +82,19 @@ Incluso si **no conoces un nombre de usuario válido** dentro de Cognito, podrí ## Privesc {{#ref}} -../../aws-privilege-escalation/aws-cognito-privesc.md +../../aws-privilege-escalation/aws-cognito-privesc/README.md {{#endref}} ## Acceso No Autenticado {{#ref}} -../../aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.md +../../aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum/README.md {{#endref}} ## Persistencia {{#ref}} -../../aws-persistence/aws-cognito-persistence.md +../../aws-persistence/aws-cognito-persistence/README.md {{#endref}} {{#include ../../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.md b/src/pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.md index 2c8d9096a..dd60400b2 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.md @@ -28,7 +28,7 @@ aws datapipeline get-pipeline-definition --pipeline-id En la siguiente página puedes verificar cómo **abusar de los permisos de datapipeline para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-datapipeline-privesc.md +../aws-privilege-escalation/aws-datapipeline-privesc/README.md {{#endref}} ## CodePipeline @@ -49,7 +49,7 @@ aws codepipeline get-pipeline-state --name En la siguiente página puedes verificar cómo **abusar de los permisos de codepipeline para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-codepipeline-privesc.md +../aws-privilege-escalation/aws-codepipeline-privesc/README.md {{#endref}} ## CodeCommit diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.md index fd3df540a..ed7cb091e 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.md @@ -48,7 +48,7 @@ Tenga en cuenta que si la **descripción** del directorio contenía un **dominio ### Privilege Escalation {{#ref}} -../aws-privilege-escalation/aws-directory-services-privesc.md +../aws-privilege-escalation/aws-directory-services-privesc/README.md {{#endref}} ## Persistence @@ -109,7 +109,7 @@ aws workdocs add-resource-permissions --resource-id --principals Id=anonymo ### Privesc {{#ref}} -../aws-privilege-escalation/aws-workdocs-privesc.md +../aws-privilege-escalation/aws-workdocs-privesc/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.md index f2794ba3f..3852ecb6f 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.md @@ -56,25 +56,25 @@ aws dynamodb describe-endpoints #Dynamodb endpoints ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-dynamodb-unauthenticated-access.md +../aws-unauthenticated-enum-access/aws-dynamodb-unauthenticated-access/README.md {{#endref}} ### Escalación de Privilegios {{#ref}} -../aws-privilege-escalation/aws-dynamodb-privesc.md +../aws-privilege-escalation/aws-dynamodb-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-dynamodb-post-exploitation.md +../aws-post-exploitation/aws-dynamodb-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-dynamodb-persistence.md +../aws-persistence/aws-dynamodb-persistence/README.md {{#endref}} ## Inyección en DynamoDB diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/README.md b/src/pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/README.md index ff48c9391..4c0f281c3 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/README.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/README.md @@ -130,7 +130,7 @@ aws ec2 describe-vpc-peering-connections ### Acceso No Autenticado {{#ref}} -../../aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum.md +../../aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum/README.md {{#endref}} ### Escalación de Privilegios @@ -138,7 +138,7 @@ aws ec2 describe-vpc-peering-connections En la siguiente página puedes verificar cómo **abusar de los permisos de EC2 para escalar privilegios**: {{#ref}} -../../aws-privilege-escalation/aws-ec2-privesc.md +../../aws-privilege-escalation/aws-ec2-privesc/README.md {{#endref}} ### Post-Explotación @@ -162,7 +162,7 @@ Una **AMI** se utiliza para **lanzar una instancia EC2**, mientras que un **snap En la siguiente página puedes verificar cómo **abusar de los permisos de EBS para escalar privilegios**: {{#ref}} -../../aws-privilege-escalation/aws-ebs-privesc.md +../../aws-privilege-escalation/aws-ebs-privesc/README.md {{#endref}} ## SSM @@ -191,7 +191,7 @@ ps aux | grep amazon-ssm En la siguiente página puedes verificar cómo **abusar de los permisos de SSM para escalar privilegios**: {{#ref}} -../../aws-privilege-escalation/aws-ssm-privesc.md +../../aws-privilege-escalation/aws-ssm-privesc/README.md {{#endref}} ### Persistencia @@ -199,7 +199,7 @@ En la siguiente página puedes verificar cómo **abusar de los permisos de SSM p En la siguiente página puedes verificar cómo **abusar de los permisos de SSM para lograr persistencia**: {{#ref}} -../../aws-persistence/aws-ssm-persistence.md +../../aws-persistence/aws-ssm-persistence/README.md {{#endref}} ## ELB @@ -312,7 +312,7 @@ Si se **estableció una conexión VPN**, deberías buscar archivos de configurac #### **Post Explotación** {{#ref}} -../../aws-post-exploitation/aws-vpn-post-exploitation.md +../../aws-post-exploitation/aws-vpn-post-exploitation/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-ecr-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-ecr-enum.md index 8db1dcbcd..64b3bd5b7 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-ecr-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-ecr-enum.md @@ -68,7 +68,7 @@ aws ecr get-repository-policy --repository-name ### Enumeración No Autenticada {{#ref}} -../aws-unauthenticated-enum-access/aws-ecr-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-ecr-unauthenticated-enum/README.md {{#endref}} ### Escalación de Privilegios @@ -76,19 +76,19 @@ aws ecr get-repository-policy --repository-name En la siguiente página puedes verificar cómo **abusar de los permisos de ECR para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-ecr-privesc.md +../aws-privilege-escalation/aws-ecr-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-ecr-post-exploitation.md +../aws-post-exploitation/aws-ecr-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-ecr-persistence.md +../aws-persistence/aws-ecr-persistence/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.md index 9cd92bd4a..cee9160b3 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-ecs-enum.md @@ -54,7 +54,7 @@ aws ecs describe-task-definition --task-definition : ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-ecs-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-ecs-unauthenticated-enum/README.md {{#endref}} ### Escalación de Privilegios @@ -62,19 +62,19 @@ aws ecs describe-task-definition --task-definition : En la siguiente página puedes verificar cómo **abusar de los permisos de ECS para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-ecs-privesc.md +../aws-privilege-escalation/aws-ecs-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-ecs-post-exploitation.md +../aws-post-exploitation/aws-ecs-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-ecs-persistence.md +../aws-persistence/aws-ecs-persistence/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-efs-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-efs-enum.md index 245e363dd..d76e5eaf4 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-efs-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-efs-enum.md @@ -214,19 +214,19 @@ get_efs_info(ip_address) ## Privesc {{#ref}} -../aws-privilege-escalation/aws-efs-privesc.md +../aws-privilege-escalation/aws-efs-privesc/README.md {{#endref}} ## Post Exploitation {{#ref}} -../aws-post-exploitation/aws-efs-post-exploitation.md +../aws-post-exploitation/aws-efs-post-exploitation/README.md {{#endref}} ## Persistence {{#ref}} -../aws-persistence/aws-efs-persistence.md +../aws-persistence/aws-efs-persistence/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-eks-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-eks-enum.md index 10bae8b60..d18689e71 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-eks-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-eks-enum.md @@ -34,7 +34,7 @@ aws eks describe-update --name --update-id #### Post Explotación {{#ref}} -../aws-post-exploitation/aws-eks-post-exploitation.md +../aws-post-exploitation/aws-eks-post-exploitation/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.md index 4936b14f2..f8093f3c5 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.md @@ -87,25 +87,25 @@ aws elasticbeanstalk describe-events ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-elastic-beanstalk-persistence.md +../aws-persistence/aws-elastic-beanstalk-persistence/README.md {{#endref}} ### Escalación de Privilegios {{#ref}} -../aws-privilege-escalation/aws-elastic-beanstalk-privesc.md +../aws-privilege-escalation/aws-elastic-beanstalk-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.md +../aws-post-exploitation/aws-elastic-beanstalk-post-exploitation/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-emr-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-emr-enum.md index 7380f3a44..a82cd05bc 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-emr-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-emr-enum.md @@ -48,7 +48,7 @@ aws emr list-studios #Get studio URLs #### Privesc {{#ref}} -../aws-privilege-escalation/aws-emr-privesc.md +../aws-privilege-escalation/aws-emr-privesc/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-iam-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-iam-enum.md index 3e252c4a3..cb1086416 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-iam-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-iam-enum.md @@ -213,7 +213,7 @@ Ninguna de las herramientas anteriores es capaz de verificar casi todos los perm ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum/README.md {{#endref}} ### Escalación de Privilegios @@ -221,19 +221,19 @@ Ninguna de las herramientas anteriores es capaz de verificar casi todos los perm En la siguiente página puedes verificar cómo **abusar de los permisos de IAM para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-iam-privesc.md +../aws-privilege-escalation/aws-iam-privesc/README.md {{#endref}} ### Post Explotación de IAM {{#ref}} -../aws-post-exploitation/aws-iam-post-exploitation.md +../aws-post-exploitation/aws-iam-post-exploitation/README.md {{#endref}} ### Persistencia de IAM {{#ref}} -../aws-persistence/aws-iam-persistence.md +../aws-persistence/aws-iam-persistence/README.md {{#endref}} ## Centro de Identidad de IAM @@ -340,19 +340,19 @@ external_id = 123456 ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum/README.md {{#endref}} ### Escalación de Privilegios {{#ref}} -../aws-privilege-escalation/aws-sso-and-identitystore-privesc.md +../aws-privilege-escalation/aws-sso-and-identitystore-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-sso-and-identitystore-post-exploitation.md +../aws-post-exploitation/aws-sso-and-identitystore-post-exploitation/README.md {{#endref}} ### Persistencia diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-kms-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-kms-enum.md index a090daa61..2ca712abc 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-kms-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-kms-enum.md @@ -137,19 +137,19 @@ done ### Privesc {{#ref}} -../aws-privilege-escalation/aws-kms-privesc.md +../aws-privilege-escalation/aws-kms-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-kms-post-exploitation.md +../aws-post-exploitation/aws-kms-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-kms-persistence.md +../aws-persistence/aws-kms-persistence/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-lambda-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-lambda-enum.md index 04e45669b..e1fa50cc0 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-lambda-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-lambda-enum.md @@ -143,13 +143,13 @@ Hay muchas otras fuentes que pueden activar un lambda En la siguiente página puedes verificar cómo **abusar de los permisos de Lambda para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-lambda-privesc.md +../aws-privilege-escalation/aws-lambda-privesc/README.md {{#endref}} ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-lambda-unauthenticated-access.md +../aws-unauthenticated-enum-access/aws-lambda-unauthenticated-access/README.md {{#endref}} ### Post Explotación diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.md index f01c77731..ce14b73e0 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.md @@ -39,19 +39,19 @@ Es posible generar **instantáneas de instancias y bases de datos relacionales d ### Privesc {{#ref}} -../aws-privilege-escalation/aws-lightsail-privesc.md +../aws-privilege-escalation/aws-lightsail-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-lightsail-post-exploitation.md +../aws-post-exploitation/aws-lightsail-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-lightsail-persistence.md +../aws-persistence/aws-lightsail-persistence/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-macie-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-macie-enum.md index c327a71cf..a6a5d29c1 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-macie-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-macie-enum.md @@ -123,7 +123,7 @@ aws macie2 get-usage-statistic ### Privesc {{#ref}} -../aws-privilege-escalation/aws-macie-privesc.md +../aws-privilege-escalation/aws-macie-privesc/README.md {{#endref}} ### Post Explotación diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-mq-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-mq-enum.md index e96d8e06f..fc6e92b37 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-mq-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-mq-enum.md @@ -53,13 +53,13 @@ aws mq create-user --broker-id --password --username --c ## Privesc {{#ref}} -../aws-privilege-escalation/aws-mq-privesc.md +../aws-privilege-escalation/aws-mq-privesc/README.md {{#endref}} ## Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum/README.md {{#endref}} ## Persistencia diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-msk-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-msk-enum.md index b5cf92d2a..2980b65f9 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-msk-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-msk-enum.md @@ -75,13 +75,13 @@ kafka_2.12-2.8.1/bin/kafka-console-consumer.sh --bootstrap-server $BS --consumer ### Privesc {{#ref}} -../aws-privilege-escalation/aws-msk-privesc.md +../aws-privilege-escalation/aws-msk-privesc/README.md {{#endref}} ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-msk-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-msk-unauthenticated-enum/README.md {{#endref}} ### Persistencia diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-redshift-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-redshift-enum.md index 86ce8071f..9af340c06 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-redshift-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-redshift-enum.md @@ -84,7 +84,7 @@ psql -h redshift-cluster-1.sdflju3jdfkfg.us-east-1.redshift.amazonaws.com -U adm ## Privesc {{#ref}} -../aws-privilege-escalation/aws-redshift-privesc.md +../aws-privilege-escalation/aws-redshift-privesc/README.md {{#endref}} ## Persistencia diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.md index c81124cc5..dc3e8780e 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.md @@ -108,25 +108,25 @@ aws rds modify-db-instance --db-instance-identifier --master-user-password ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum/README.md {{#endref}} ### Escalación de Privilegios {{#ref}} -../aws-privilege-escalation/aws-rds-privesc.md +../aws-privilege-escalation/aws-rds-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-rds-post-exploitation.md +../aws-post-exploitation/aws-rds-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-rds-persistence.md +../aws-persistence/aws-rds-persistence/README.md {{#endref}} ### Inyección SQL diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-route53-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-route53-enum.md index e03e15e55..0b64989b9 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-route53-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-route53-enum.md @@ -23,7 +23,7 @@ aws route53 list-traffic-policies ### Privesc {{#ref}} -../aws-privilege-escalation/route53-createhostedzone-route53-changeresourcerecordsets-acm-pca-issuecertificate-acm-pca-getcer.md +../aws-privilege-escalation/route53-createhostedzone-route53-changeresourcerecordsets-acm-pca-issuecertificate-acm-pca-getcer/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.md index 94621d367..f46a69e58 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.md @@ -241,25 +241,25 @@ Los endpoints de doble pila utilizan la siguiente sintaxis: En la siguiente página puedes verificar cómo **abusar de los permisos de S3 para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-s3-privesc.md +../aws-privilege-escalation/aws-s3-privesc/README.md {{#endref}} ### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum/README.md {{#endref}} ### S3 Post Explotación {{#ref}} -../aws-post-exploitation/aws-s3-post-exploitation.md +../aws-post-exploitation/aws-s3-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-s3-persistence.md +../aws-persistence/aws-s3-persistence/README.md {{#endref}} ## Otras vulnerabilidades de S3 diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.md index 849da737c..e39125334 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.md @@ -30,19 +30,19 @@ aws secretsmanager get-resource-policy --secret-id --secret-id ### Privesc {{#ref}} -../aws-privilege-escalation/aws-secrets-manager-privesc.md +../aws-privilege-escalation/aws-secrets-manager-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-secrets-manager-post-exploitation.md +../aws-post-exploitation/aws-secrets-manager-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-secrets-manager-persistence.md +../aws-persistence/aws-secrets-manager-persistence/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.md index 5bc8718a9..05831334f 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.md @@ -211,7 +211,7 @@ Por lo tanto, un usuario con acceso a EKS que haya descubierto la URL de la API Más información en: {{#ref}} -../../aws-post-exploitation/aws-eks-post-exploitation.md +../../aws-post-exploitation/aws-eks-post-exploitation/README.md {{#endref}} ### Modificando la Configuración de CloudTrail @@ -259,7 +259,7 @@ Podrías **generar una clave asimétrica** y hacer que **CloudTrail cifre los da Esto es básicamente un **ransomware S3-KMS** explicado en: {{#ref}} -../../aws-post-exploitation/aws-s3-post-exploitation.md +../../aws-post-exploitation/aws-s3-post-exploitation/README.md {{#endref}} **Ransomware KMS** @@ -267,7 +267,7 @@ Esto es básicamente un **ransomware S3-KMS** explicado en: Esta es una forma más fácil de realizar el ataque anterior con diferentes requisitos de permisos: {{#ref}} -../../aws-post-exploitation/aws-kms-post-exploitation.md +../../aws-post-exploitation/aws-kms-post-exploitation/README.md {{#endref}} ## **Referencias** diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-control-tower-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-control-tower-enum.md index 5e77b70ee..7c2dd28ce 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-control-tower-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-control-tower-enum.md @@ -34,7 +34,7 @@ aws controltower list-enabled-controls --target-identifier arn:aws:organizations ### Post Explotación y Persistencia {{#ref}} -../../aws-post-exploitation/aws-control-tower-post-exploitation.md +../../aws-post-exploitation/aws-control-tower-post-exploitation/README.md {{#endref}} {{#include ../../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-ses-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-ses-enum.md index ac35c13a2..469061563 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-ses-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-ses-enum.md @@ -115,7 +115,7 @@ aws ses get-send-statistics ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-ses-post-exploitation.md +../aws-post-exploitation/aws-ses-post-exploitation/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}} diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-sns-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-sns-enum.md index 88e27281a..5c2350ca0 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-sns-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-sns-enum.md @@ -49,25 +49,25 @@ aws sns subscribe --region \ #### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-sns-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-sns-unauthenticated-enum/README.md {{#endref}} #### Escalación de Privilegios {{#ref}} -../aws-privilege-escalation/aws-sns-privesc.md +../aws-privilege-escalation/aws-sns-privesc/README.md {{#endref}} #### Post Explotación {{#ref}} -../aws-post-exploitation/aws-sns-post-exploitation.md +../aws-post-exploitation/aws-sns-post-exploitation/README.md {{#endref}} #### Persistencia {{#ref}} -../aws-persistence/aws-sns-persistence.md +../aws-persistence/aws-sns-persistence/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.md index 1b9893816..14e7c3658 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.md @@ -23,25 +23,25 @@ aws sqs send-message --queue-url --message-body #### Acceso No Autenticado {{#ref}} -../aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum.md +../aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum/README.md {{#endref}} #### Escalación de Privilegios {{#ref}} -../aws-privilege-escalation/aws-sqs-privesc.md +../aws-privilege-escalation/aws-sqs-privesc/README.md {{#endref}} #### Post Explotación {{#ref}} -../aws-post-exploitation/aws-sqs-post-exploitation.md +../aws-post-exploitation/aws-sqs-post-exploitation/README.md {{#endref}} #### Persistencia {{#ref}} -../aws-persistence/aws-sqs-persistence.md +../aws-persistence/aws-sqs-persistence/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.md b/src/pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.md index a44d2af78..e34fa1c78 100644 --- a/src/pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.md @@ -302,19 +302,19 @@ aws stepfunctions list-executions --map-run-arn [--status-filter --token-code En la siguiente página puedes verificar cómo **abusar de los permisos de STS para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/aws-sts-privesc.md +../aws-privilege-escalation/aws-sts-privesc/README.md {{#endref}} ### Post Explotación {{#ref}} -../aws-post-exploitation/aws-sts-post-exploitation.md +../aws-post-exploitation/aws-sts-post-exploitation/README.md {{#endref}} ### Persistencia {{#ref}} -../aws-persistence/aws-sts-persistence.md +../aws-persistence/aws-sts-persistence/README.md {{#endref}} ## Referencias diff --git a/src/pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.md b/src/pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.md index 58baadcc2..7e4b480ad 100644 --- a/src/pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.md +++ b/src/pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.md @@ -67,7 +67,7 @@ aws scheduler list-tags-for-resource --resource-arn En la siguiente página, puedes verificar cómo **abusar de los permisos del programador de eventbridge para escalar privilegios**: {{#ref}} -../aws-privilege-escalation/eventbridgescheduler-privesc.md +../aws-privilege-escalation/eventbridgescheduler-privesc/README.md {{#endref}} ## Referencias