Merge pull request #158 from raadfhaddad/master

Update aws-macie-privesc.md
2025-12-27 21:23:07 -08:00 · 2025-02-15 02:14:40 +01:00
parent d2f2655fc4 3350e31738
commit ba04a6a2ff
1 changed files with 1 additions and 1 deletions
--- a/src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.md
+++ b/src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.md
@@ -16,7 +16,7 @@ AWS Macie is a security service that automatically detects sensitive data within

 However, a **bypass** has been identified where an attacker with sufficient permissions can **re-upload a file with the same name** but containing different, non-sensitive dummy data. This causes Macie to associate the newly uploaded file with the original finding, allowing the attacker to use the **"Reveal Sample" feature** to extract the previously detected secret. This issue poses a significant security risk, as secrets that were assumed to be deleted remain retrievable through this method.

-<img src="https://github.com/user-attachments/assets/c44228ae-12cd-41bd-9a04-57f503a63281" height="800" width="auto"/>
+![flow](https://github.com/user-attachments/assets/7b83f2d3-1690-41f1-98cc-05ccd0154a66)

 **Steps To Reproduce:**