trasnlate other half

2026-01-01 07:25:51 -08:00 · 2024-12-31 18:48:54 +01:00
parent 4d622f5500
commit d96df379fd
245 changed files with 406 additions and 0 deletions
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/README.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/README.md
@@ -56,3 +56,5 @@ Other services found vulnerable:



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.md
@@ -47,3 +47,5 @@ Many AWS error messages (even access denied) will give that information.



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum.md
@@ -58,3 +58,5 @@ You can find more information in the [**original research**](https://blog.plerio



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cloudfront-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cloudfront-unauthenticated-enum.md
@@ -13,3 +13,5 @@ https://{random_id}.cloudfront.net



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-codebuild-unauthenticated-access.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-codebuild-unauthenticated-access.md
@@ -37,3 +37,5 @@ This new relationship between Github Actions and AWS creates another way to comp



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.md
@@ -50,3 +50,5 @@ Pacu (new:test) > run cognito__enum



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-documentdb-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-documentdb-enum.md
@@ -13,3 +13,5 @@



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-dynamodb-unauthenticated-access.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-dynamodb-unauthenticated-access.md
@@ -17,3 +17,5 @@ Apart from giving access to all AWS or some compromised external AWS account, or



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum.md
@@ -62,3 +62,5 @@ aws ec2 describe-instances --query "Reservations[].Instances[?PublicIpAddress!=n



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecr-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecr-unauthenticated-enum.md
@@ -36,3 +36,5 @@ crane ls <PRIVATE_REGISTRY_URL> | sed 's/ .*//'



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecs-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecs-unauthenticated-enum.md
@@ -27,3 +27,5 @@ aws elbv2 describe-load-balancers --query 'LoadBalancers[?Scheme == `internet-fa



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.md
@@ -39,3 +39,5 @@ aws elasticbeanstalk describe-environments --query 'Environments[?OptionSettings



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elasticsearch-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elasticsearch-unauthenticated-enum.md
@@ -14,3 +14,5 @@ https://search-{user_provided}-[random].[region].es.amazonaws.com



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.md
@@ -178,3 +178,5 @@ Note that **wildcard** (\*) before the **colon** (:). You can create an org such



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.md
@@ -133,3 +133,5 @@ For more info about this [**check this post**](https://mjg59.dreamwidth.org/6217



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iot-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iot-unauthenticated-enum.md
@@ -15,3 +15,5 @@ https://{random_id}.iot.{region}.amazonaws.com:443



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-kinesis-video-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-kinesis-video-unauthenticated-enum.md
@@ -13,3 +13,5 @@ https://{random_id}.kinesisvideo.{region}.amazonaws.com



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-lambda-unauthenticated-access.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-lambda-unauthenticated-access.md
@@ -24,3 +24,5 @@ You can find more information in the [**original research**](https://blog.plerio



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-media-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-media-unauthenticated-enum.md
@@ -15,3 +15,5 @@ https://{random_id}.data.mediastore.{region}.amazonaws.com



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum.md
@@ -24,3 +24,5 @@ ssl://b-{random_id}-{1,2}.mq.{region}.amazonaws.com:61617



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-msk-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-msk-unauthenticated-enum.md
@@ -20,3 +20,5 @@ b-{1,2,3,4}.{user_provided}.{random_id}.c{1,2}.kafka.{region}.amazonaws.com



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.md
@@ -46,3 +46,5 @@ postgres://{user_provided}.{random_id}.{region}.rds.amazonaws.com:5432



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-redshift-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-redshift-unauthenticated-enum.md
@@ -13,3 +13,5 @@



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.md
@@ -205,3 +205,5 @@ s3_client.put_bucket_acl(



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sns-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sns-unauthenticated-enum.md
@@ -23,3 +23,5 @@ So if you **find the ARN of topics** inside the account (or brute forcing potent



+
+
--- a/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum.md
+++ b/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum.md
@@ -25,3 +25,5 @@ It's possible to misconfigure a SQS queue policy and grant permissions to everyo



+
+
				`@@ -47,3 +47,5 @@ Many AWS error messages (even access denied) will give that information.`
				`@@ -58,3 +58,5 @@ You can find more information in the [original research](https://blog.plerio`
				`@@ -37,3 +37,5 @@ This new relationship between Github Actions and AWS creates another way to comp`
				`@@ -17,3 +17,5 @@ Apart from giving access to all AWS or some compromised external AWS account, or`
				`@@ -62,3 +62,5 @@ aws ec2 describe-instances --query "Reservations[].Instances[?PublicIpAddress!=n`
				`@@ -36,3 +36,5 @@ crane ls <PRIVATE_REGISTRY_URL> \| sed 's/ .*//'`
				@@ -27,3 +27,5 @@ aws elbv2 describe-load-balancers --query 'LoadBalancers[?Scheme == `internet-fa
				`@@ -39,3 +39,5 @@ aws elasticbeanstalk describe-environments --query 'Environments[?OptionSettings`
				`@@ -14,3 +14,5 @@ https://search-{user_provided}-[random].[region].es.amazonaws.com`
				`@@ -178,3 +178,5 @@ Note that wildcard (\) before the colon* (:). You can create an org such`