# AWS - SES Enum {{#include ../../../banners/hacktricks-training.md}} ## Osnovne informacije Amazon Simple Email Service (Amazon SES) je dizajniran za **slanje i primanje emailova**. Omogućava korisnicima da efikasno i sigurno šalju transakcione, marketinške ili obaveštajne emailove u velikim količinama. **Dobro se integriše sa drugim AWS uslugama**, pružajući robusno rešenje za upravljanje email komunikacijom za preduzeća svih veličina. Potrebno je registrovati **identitete**, koji mogu biti domeni ili email adrese koje će moći da komuniciraju sa SES (npr. šalju i primaju emailove). ### SMTP korisnik Moguće je povezati se na **SMTP server AWS-a da bi se izvršavale radnje** umesto korišćenja AWS API-ja (ili pored njega). Za to je potrebno kreirati korisnika sa politikom kao što je: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "ses:SendRawEmail", "Resource": "*" } ] } ``` Zatim prikupite **API ključ i tajnu** korisnika i pokrenite: ```bash git clone https://github.com/lisenet/ses-smtp-converter.git cd ./ses-smtp-converter chmod u+x ./ses-smtp-conv.sh ./ses-smtp-conv.sh ``` Takođe je moguće to uraditi iz AWS konzole na vebu. ### Enumeracija > [!WARNING] > Imajte na umu da SES ima 2 API-ja: **`ses`** i **`sesv2`**. Neke akcije su u oba API-ja, a druge su samo u jednom od njih. ```bash # Get info about the SES account aws sesv2 get-account aws ses get-account-sending-enabled # Check if enabled # Get registered domains and email addresses (identities) aws ses list-identities aws sesv2 list-email-identities aws sesv2 get-email-identity --email-identity #Get at once all the attributes # Get Resource Policies applied in the identity aws ses list-identity-policies --identity aws ses get-identity-policies --identity --policy-names aws sesv2 get-email-identity-policies --email-identity # Get attributes of the identity ## Check if verified aws ses get-identity-verification-attributes --identities ## DKIM settings, relevant for identities that are domains not emails aws ses get-identity-dkim-attributes --identities ## Get what happnes if the send mail from the identity fails aws ses get-identity-mail-from-domain-attributes --identities ## otifications attributes aws ses get-identity-notification-attributes --identities # Get email templates aws ses list-templates aws ses get-template --template-name aws sesv2 list-email-templates aws sesv2 get-email-template --template-name # Get custom verification email templates ## This is the email sent when an identity is verified, it can be customized aws ses list-custom-verification-email-templates aws sesv2 list-custom-verification-email-templates aws ses get-custom-verification-email-template --template-name aws sesv2 get-custom-verification-email-template --template-name # Get receipt rule sets ## Receipt rules indicate how to handle incoming mail by executing an ordered list of actions aws ses list-receipt-rule-sets aws ses describe-receipt-rule-set --rule-set-name aws ses describe-receipt-rule-set --rule-set-name --rule-name ## Metadata and receipt rules for the receipt rule set that is currently active aws ses describe-active-receipt-rule-set # Get suppressed destinations aws sesv2 list-suppressed-destinations aws sesv2 get-suppressed-destination --email-address # Get configuration sets ## These are set of rules applied to the identities related to the configuration set aws ses list-configuration-sets aws sesv2 list-configuration-sets aws ses describe-configuration-set --configuration-set-name --configuration-set-attribute-names eventDestinations trackingOptions deliveryOptions reputationOptions aws sesv2 get-configuration-set --configuration-set-name aws sesv2 get-configuration-set-event-destinations --configuration-set-name # Get Contacts list aws sesv2 list-contact-lists aws sesv2 list-contacts --contact-list-name aws sesv2 get-contact-list --contact-list-name aws sesv2 get-contact --contact-list-name --email-address # Private IPs aws sesv2 list-dedicated-ip-pools aws sesv2 get-dedicated-ip-pool --pool-name aws sesv2 get-dedicated-ips --pool-name #Only valid if ScalingMode is Standard aws sesv2 get-dedicated-ip --ip # Misc ## Get send quota aws ses get-send-quota ## Get statistics aws ses get-send-statistics ``` ### Post Eksploatacija {{#ref}} ../aws-post-exploitation/aws-ses-post-exploitation/README.md {{#endref}} {{#include ../../../banners/hacktricks-training.md}}