gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-09 11:44:59 -08:00
Code Issues Packages Projects Releases Wiki Activity

Migrate to using mdbook

Browse Source
This commit is contained in:
Congon4tor
2024-12-31 17:04:35 +01:00
parent b9a9fed802
commit cd27cf5a2e
1373 changed files with 26143 additions and 34152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

87
src/pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.md Normal file
View File

@@ -0,0 +1,87 @@
# AWS - SQS Post Exploitation
{{#include ../../../banners/hacktricks-training.md}}
## SQS
For more information check:
{{#ref}}
../aws-services/aws-sqs-and-sns-enum.md
{{#endref}}
### `sqs:SendMessage` , `sqs:SendMessageBatch`
An attacker could send malicious or unwanted messages to the SQS queue, potentially causing data corruption, triggering unintended actions, or exhausting resources.
```bash
aws sqs send-message --queue-url <value> --message-body <value>
aws sqs send-message-batch --queue-url <value> --entries <value>
```
**Potential Impact**: Vulnerability exploitation, Data corruption, unintended actions, or resource exhaustion.
### `sqs:ReceiveMessage`, `sqs:DeleteMessage`, `sqs:ChangeMessageVisibility`
An attacker could receive, delete, or modify the visibility of messages in an SQS queue, causing message loss, data corruption, or service disruption for applications relying on those messages.
```bash
aws sqs receive-message --queue-url <value>
aws sqs delete-message --queue-url <value> --receipt-handle <value>
aws sqs change-message-visibility --queue-url <value> --receipt-handle <value> --visibility-timeout <value>
```
**Potential Impact**: Steal sensitive information, Message loss, data corruption, and service disruption for applications relying on the affected messages.
### `sqs:DeleteQueue`
An attacker could delete an entire SQS queue, causing message loss and impacting applications relying on the queue.
```arduino
Copy codeaws sqs delete-queue --queue-url <value>
```
**Potential Impact**: Message loss and service disruption for applications using the deleted queue.
### `sqs:PurgeQueue`
An attacker could purge all messages from an SQS queue, leading to message loss and potential disruption of applications relying on those messages.
```arduino
Copy codeaws sqs purge-queue --queue-url <value>
```
**Potential Impact**: Message loss and service disruption for applications relying on the purged messages.
### `sqs:SetQueueAttributes`
An attacker could modify the attributes of an SQS queue, potentially affecting its performance, security, or availability.
```arduino
aws sqs set-queue-attributes --queue-url <value> --attributes <value>
```
**Potential Impact**: Misconfigurations leading to degraded performance, security issues, or reduced availability.
### `sqs:TagQueue` , `sqs:UntagQueue`
An attacker could add, modify, or remove tags from SQS resources, disrupting your organization's cost allocation, resource tracking, and access control policies based on tags.
```bash
aws sqs tag-queue --queue-url <value> --tags Key=<key>,Value=<value>
aws sqs untag-queue --queue-url <value> --tag-keys <key>
```
**Potential Impact**: Disruption of cost allocation, resource tracking, and tag-based access control policies.
### `sqs:RemovePermission`
An attacker could revoke permissions for legitimate users or services by removing policies associated with the SQS queue. This could lead to disruptions in the normal functioning of applications that rely on the queue.
```arduino
arduinoCopy codeaws sqs remove-permission --queue-url <value> --label <value>
```
**Potential Impact**: Disruption of normal functioning for applications relying on the queue due to unauthorized removal of permissions.
{{#include ../../../banners/hacktricks-training.md}}