# AWS - SES Enum
{% hint style="success" %}
Learn & practice AWS Hacking: (1) (1) (1).png)
[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\
Learn & practice GCP Hacking:  (1).png)
[**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}
## Basic Information
Amazon Simple Email Service (Amazon SES) is designed for **sending and receiving emails**. It enables users to send transactional, marketing, or notification emails efficiently and securely at scale. It **integrates well with other AWS services**, providing a robust solution for managing email communications for businesses of all sizes.
You need to register **identities**, which can be domains or emails addresses that will be able to interact with SES (e.g. send and receive emails).
### SMTP User
It's possible to connect to a **SMTP server of AWS to perform actions** instead of using the AWS API (or in addition). For this you need to create a user with a policy such as:
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ses:SendRawEmail",
"Resource": "*"
}
]
}
```
Then, gather the **API key and secret** of the user and run:
```bash
git clone https://github.com/lisenet/ses-smtp-converter.git
cd ./ses-smtp-converter
chmod u+x ./ses-smtp-conv.sh
./ses-smtp-conv.sh
```
It's also possible to do this from the AWS console web.
### Enumeration
{% hint style="warning" %}
Note that SES has 2 APIs: **`ses`** and **`sesv2`**. Some actions are in both APIs and others are just in one of the two.
{% endhint %}
{% code overflow="wrap" %}
```bash
# Get info about the SES account
aws sesv2 get-account
aws ses get-account-sending-enabled # Check if enabled
# Get registered domains and email addresses (identities)
aws ses list-identities
aws sesv2 list-email-identities
aws sesv2 get-email-identity --email-identity #Get at once all the attributes
# Get Resource Policies applied in the identity
aws ses list-identity-policies --identity
aws ses get-identity-policies --identity --policy-names
aws sesv2 get-email-identity-policies --email-identity
# Get attributes of the identity
## Check if verified
aws ses get-identity-verification-attributes --identities
## DKIM settings, relevant for identities that are domains not emails
aws ses get-identity-dkim-attributes --identities
## Get what happnes if the send mail from the identity fails
aws ses get-identity-mail-from-domain-attributes --identities
## otifications attributes
aws ses get-identity-notification-attributes --identities
# Get email templates
aws ses list-templates
aws ses get-template --template-name
aws sesv2 list-email-templates
aws sesv2 get-email-template --template-name
# Get custom verification email templates
## This is the email sent when an identity is verified, it can be customized
aws ses list-custom-verification-email-templates
aws sesv2 list-custom-verification-email-templates
aws ses get-custom-verification-email-template --template-name
aws sesv2 get-custom-verification-email-template --template-name
# Get receipt rule sets
## Receipt rules indicate how to handle incoming mail by executing an ordered list of actions
aws ses list-receipt-rule-sets
aws ses describe-receipt-rule-set --rule-set-name
aws ses describe-receipt-rule-set --rule-set-name --rule-name
## Metadata and receipt rules for the receipt rule set that is currently active
aws ses describe-active-receipt-rule-set
# Get suppressed destinations
aws sesv2 list-suppressed-destinations
aws sesv2 get-suppressed-destination --email-address
# Get configuration sets
## These are set of rules applied to the identities related to the configuration set
aws ses list-configuration-sets
aws sesv2 list-configuration-sets
aws ses describe-configuration-set --configuration-set-name --configuration-set-attribute-names eventDestinations trackingOptions deliveryOptions reputationOptions
aws sesv2 get-configuration-set --configuration-set-name
aws sesv2 get-configuration-set-event-destinations --configuration-set-name
# Get Contacts list
aws sesv2 list-contact-lists
aws sesv2 list-contacts --contact-list-name
aws sesv2 get-contact-list --contact-list-name
aws sesv2 get-contact --contact-list-name --email-address
# Private IPs
aws sesv2 list-dedicated-ip-pools
aws sesv2 get-dedicated-ip-pool --pool-name
aws sesv2 get-dedicated-ips --pool-name #Only valid if ScalingMode is Standard
aws sesv2 get-dedicated-ip --ip
# Misc
## Get send quota
aws ses get-send-quota
## Get statistics
aws ses get-send-statistics
```
{% endcode %}
### Post Exploitation
{% content-ref url="../aws-post-exploitation/aws-ses-post-exploitation.md" %}
[aws-ses-post-exploitation.md](../aws-post-exploitation/aws-ses-post-exploitation.md)
{% endcontent-ref %}
{% hint style="success" %}
Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\
Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}