Merge pull request #217 from JaimePolop/master

KMS DOS explanation
2025-12-08 05:40:51 -08:00 · 2025-10-01 12:22:35 +02:00 · 2025-10-01 11:58:25 +02:00
1 changed files with 6 additions and 0 deletions
--- a/src/pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.md
+++ b/src/pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.md
@@ -30,6 +30,12 @@ aws secretsmanager put-secret-value \

 ### DoS Change KMS key

+If the attacker has the secretsmanager:UpdateSecret permission, they can configure the secret to use a KMS key owned by the attacker. That key is initially set up in such a way that anyone can access and use it, so updating the secret with the new key is possible. If the key was not accessible, the secret could not be updated.
+
+After changing the key for the secret, the attacker modifies the configuration of their key so that only they can access it. This way, in the subsequent versions of the secret, it will be encrypted with the new key, and since there is no access to it, the ability to retrieve the secret would be lost.
+
+It is important to note that this inaccessibility will only occur in later versions, after the content of the secret changes, since the current version is still encrypted with the original KMS key.
+
 ```bash
 aws secretsmanager update-secret \
    --secret-id MyTestSecret \
Author	SHA1	Message	Date
SirBroccoli	e9003a3050	Merge pull request #217 from JaimePolop/master KMS DOS explanation	2025-10-01 12:22:35 +02:00
JaimePolop	6411d85ebf	KMS DOS explanation	2025-10-01 11:58:25 +02:00