gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-03-12 21:22:57 -07:00
Code Issues Packages Projects Releases Wiki Activity

clier

Browse Source
This commit is contained in:
Carlos Polop
2026-01-18 12:44:12 +01:00
parent d925f6f442
commit df0aaa9a31
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/pentesting-cloud/aws-security/aws-post-exploitation/aws-sts-post-exploitation/README.md
View File

@@ -83,6 +83,10 @@ aws-vault login jonsmith # Open a browser logged as jonsmith
> [!NOTE]
> You can also use **aws-vault** to obtain an **browser console session**
### From Web Console to IAM Creds
The browser extension **<https://github.com/AI-redteam/clier>** is capable of intercepting from the network IAM credentials before they are protected in the memory of the browser.
### **Bypass User-Agent restrictions from Python**
If there is a **restriction to perform certain actions based on the user agent** used (like restricting the use of python boto3 library based on the user agent) it's possible to use the previous technique to **connect to the web console via a browser**, or you could directly **modify the boto3 user-agent** by doing: