Add instructions for automating temp creds with external process

2025-12-31 07:00:38 -08:00 · 2025-03-31 14:14:00 -05:00
parent d6a90112e4
commit fb64ce166d
1 changed files with 20 additions and 0 deletions
--- a/src/pentesting-cloud/aws-security/aws-basic-information/README.md
+++ b/src/pentesting-cloud/aws-security/aws-basic-information/README.md
@@ -397,6 +397,26 @@ aws --profile acc2 ...

 If you are looking for something **similar** to this but for the **browser** you can check the **extension** [**AWS Extend Switch Roles**](https://chrome.google.com/webstore/detail/aws-extend-switch-roles/jpmkfafbacpgapdghgdpembnojdlgkdl?hl=en).

+#### Automating temporary credentials
+
+If you are exploiting an application which generates temporary credentials, it can be tedious updating them in your terminal every few minutes when they expire. This can be fixed using a `credential_process` directive in the config file. For example, if you have some vulnerable webapp, you could do:
+
+```toml
+[victim]
+credential_process = curl -d 'PAYLOAD' https://some-site.com
+```
+
+Note that credentials _must_ be returned to STDOUT in the following format:
+```json
+{
+  "Version": 1,
+  "AccessKeyId": "an AWS access key",
+  "SecretAccessKey": "your AWS secret access key",
+  "SessionToken": "the AWS session token for temporary credentials", 
+  "Expiration": "ISO8601 timestamp when the credentials expire"
+}  
+```
+
 ## References

 - [https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html)