Migrate to using mdbook

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-efs-post-exploitation.md

@@ -0,0 +1,54 @@
+# AWS - EFS Post Exploitation
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## EFS
+
+For more information check:
+
+{{#ref}}
+../aws-services/aws-efs-enum.md
+{{#endref}}
+
+### `elasticfilesystem:DeleteMountTarget`
+
+An attacker could delete a mount target, potentially disrupting access to the EFS file system for applications and users relying on that mount target.
+
+```sql
+aws efs delete-mount-target --mount-target-id <value>
+```
+
+**Potential Impact**: Disruption of file system access and potential data loss for users or applications.
+
+### `elasticfilesystem:DeleteFileSystem`
+
+An attacker could delete an entire EFS file system, which could lead to data loss and impact applications relying on the file system.
+
+```perl
+aws efs delete-file-system --file-system-id <value>
+```
+
+**Potential Impact**: Data loss and service disruption for applications using the deleted file system.
+
+### `elasticfilesystem:UpdateFileSystem`
+
+An attacker could update the EFS file system properties, such as throughput mode, to impact its performance or cause resource exhaustion.
+
+```sql
+aws efs update-file-system --file-system-id <value> --provisioned-throughput-in-mibps <value>
+```
+
+**Potential Impact**: Degradation of file system performance or resource exhaustion.
+
+### `elasticfilesystem:CreateAccessPoint` and `elasticfilesystem:DeleteAccessPoint`
+
+An attacker could create or delete access points, altering access control and potentially granting themselves unauthorized access to the file system.
+
+```arduino
+aws efs create-access-point --file-system-id <value> --posix-user <value> --root-directory <value>
+aws efs delete-access-point --access-point-id <value>
+```
+
+**Potential Impact**: Unauthorized access to the file system, data exposure or modification.
+
+{{#include ../../../banners/hacktricks-training.md}}