gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-14 13:56:30 -08:00
Code Issues Packages Projects Releases Wiki Activity

Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/

Browse Source
This commit is contained in:
Translator
2025-01-02 01:22:11 +00:00
parent 5a62f6b0a3
commit b43d62ebcb
237 changed files with 2953 additions and 2957 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/pentesting-cloud/aws-security/aws-post-exploitation/aws-sts-post-exploitation.md
View File

@@ -12,12 +12,12 @@ Kwa maelezo zaidi:
### Kutoka kwa IAM Creds hadi Console
Ikiwa umeweza kupata baadhi ya akreditif za IAM huenda ukavutiwa na **kuingia kwenye web console** ukitumia zana zifuatazo.\
Ikiwa umeweza kupata baadhi ya akreditivu za IAM huenda ukavutiwa na **kuingia kwenye web console** ukitumia zana zifuatazo.\
Kumbuka kwamba mtumiaji/role lazima iwe na ruhusa **`sts:GetFederationToken`**.
#### Skripti ya Kawaida
Skripti ifuatayo itatumia profaili ya kawaida na eneo la AWS la kawaida (sio gov na sio cn) kukupa URL iliyosainiwa ambayo unaweza kutumia kuingia ndani ya web console:
Skripti ifuatayo itatumia profaili ya kawaida na eneo la kawaida la AWS (sio gov na sio cn) kukupa URL iliyosainiwa ambayo unaweza kutumia kuingia ndani ya web console:
```bash
# Get federated creds (you must indicate a policy or they won't have any perms)
## Even if you don't have Admin access you can indicate that policy to make sure you get all your privileges
@@ -50,7 +50,6 @@ resp=$(curl -s "$federation_endpoint" \
signin_token=$(echo -n $resp | jq -r '.SigninToken' | tr -d '\n' | jq -sRr @uri)
# Give the URL to login
echo -n "https://signin.aws.amazon.com/federation?Action=login&Issuer=example.com&Destination=https%3A%2F%2Fconsole.aws.amazon.com%2F&SigninToken=$signin_token"
```
@@ -65,22 +64,22 @@ pip install aws-consoler
aws_consoler [params...] #This will generate a link to login into the console
```
> [!WARNING]
> Hakikisha mtumiaji wa IAM ana ruhusa ya `sts:GetFederationToken`, au toa jukumu la kukubali.
> Hakikisha mtumiaji wa IAM ana ruhusa ya `sts:GetFederationToken`, au toa jukumu la kuchukua.
#### aws-vault
[**aws-vault**](https://github.com/99designs/aws-vault) ni chombo cha kuhifadhi na kufikia kwa usalama akreditivu za AWS katika mazingira ya maendeleo.
[**aws-vault**](https://github.com/99designs/aws-vault) ni chombo cha kuhifadhi na kufikia kwa usalama akidi za AWS katika mazingira ya maendeleo.
```bash
aws-vault list
aws-vault exec jonsmith -- aws s3 ls # Execute aws cli with jonsmith creds
aws-vault login jonsmith # Open a browser logged as jonsmith
```
> [!NOTE]
> Unaweza pia kutumia **aws-vault** kupata **kipindi cha mkondoni cha kivinjari**
> Unaweza pia kutumia **aws-vault** kupata **kipindi cha kikao cha kivinjari**
### **Kupita vizuizi vya User-Agent kutoka Python**
Ikiwa kuna **kizuizi cha kufanya vitendo fulani kulingana na user agent** inayotumika (kama vile kupunguza matumizi ya maktaba ya python boto3 kulingana na user agent) inawezekana kutumia mbinu ya awali ili **kuungana na konsoli ya wavuti kupitia kivinjari**, au unaweza moja kwa moja **kubadilisha user-agent wa boto3** kwa kufanya:
Ikiwa kuna **kizuizi cha kufanya vitendo fulani kulingana na agent ya mtumiaji** inayotumika (kama vile kupunguza matumizi ya maktaba ya python boto3 kulingana na agent ya mtumiaji) inawezekana kutumia mbinu ya awali **kuungana na konsoli ya wavuti kupitia kivinjari**, au unaweza moja kwa moja **kubadilisha agent ya mtumiaji ya boto3** kwa kufanya:
```bash
# Shared by ex16x41
# Create a client