mirror of
https://github.com/HackTricks-wiki/hacktricks-cloud.git
synced 2026-07-06 04:34:31 -07:00
trasnlate other half
This commit is contained in:
@@ -4,3 +4,5 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -34,3 +34,5 @@ Or just remove the use of API keys.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -44,3 +44,5 @@ By default this is disabled:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -65,3 +65,5 @@ The compromised instances or Lambda functions can periodically check the C2 tabl
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -56,3 +56,5 @@ Create a peering connection between the victim VPC and the attacker VPC so he wi
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -99,3 +99,5 @@ aws ecr put-replication-configuration \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -101,3 +101,5 @@ aws ecs create-service --service-name "undocumented-service" --task-definition "
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -23,3 +23,5 @@ You could **create an access point** (with root access to `/`) accessible from a
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -79,3 +79,5 @@ aws elasticbeanstalk update-environment --environment-name my-env --option-setti
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -51,3 +51,5 @@ If the account is already trusting a common identity provider (such as Github) t
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -41,3 +41,5 @@ aws kms list-grants --key-id <key-id>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -66,3 +66,5 @@ Here you have some ideas to make your **presence in AWS more stealth by creating
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
+2
@@ -44,3 +44,5 @@ The tool [**lambda-spy**](https://github.com/clearvector/lambda-spy) was created
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
+2
@@ -132,3 +132,5 @@ aws lambda remove-layer-version-permission --layer-name ExternalBackdoor --state
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -35,3 +35,5 @@ If domains are configured:
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -33,3 +33,5 @@ aws rds modify-db-snapshot-attribute --db-snapshot-identifier <snapshot-name> --
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -27,3 +27,5 @@ Although usually ACLs of buckets are disabled, an attacker with enough privilege
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -55,3 +55,5 @@ def generate_password():
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -83,3 +83,5 @@ aws sns subscribe --region <region> \
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -41,3 +41,5 @@ The following policy gives everyone in AWS access to everything in the queue cal
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -4,3 +4,5 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -23,3 +23,5 @@ If the AWS account is using aliases to call step functions it would be possible
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -133,3 +133,5 @@ Write-Host "Role juggling check complete."
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user