# AWS - SES Enum

{{#include ../../../banners/hacktricks-training.md}}

## Informazioni di base

Amazon Simple Email Service (Amazon SES) è progettato per **inviare e ricevere email**. Consente agli utenti di inviare email transazionali, di marketing o di notifica in modo efficiente e sicuro su larga scala. Si **integra bene con altri servizi AWS**, fornendo una soluzione robusta per gestire le comunicazioni email per aziende di tutte le dimensioni.

È necessario registrare **identità**, che possono essere domini o indirizzi email che potranno interagire con SES (ad es. inviare e ricevere email).

### Utente SMTP

È possibile connettersi a un **server SMTP di AWS per eseguire azioni** invece di utilizzare l'API AWS (o in aggiunta). Per questo è necessario creare un utente con una policy come:
```json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ses:SendRawEmail",
"Resource": "*"
}
]
}
```
Quindi, raccogli la **chiave API e il segreto** dell'utente e esegui:
```bash
git clone https://github.com/lisenet/ses-smtp-converter.git
cd ./ses-smtp-converter
chmod u+x ./ses-smtp-conv.sh
./ses-smtp-conv.sh <AccessKeyId> <SecretAccessKey>
```
È possibile farlo anche dalla console web di AWS.

### Enumerazione

> [!WARNING]
> Nota che SES ha 2 API: **`ses`** e **`sesv2`**. Alcune azioni sono presenti in entrambe le API e altre sono solo in una delle due.
```bash
# Get info about the SES account
aws sesv2 get-account
aws ses get-account-sending-enabled # Check if enabled

# Get registered domains and email addresses (identities)
aws ses list-identities
aws sesv2 list-email-identities
aws sesv2 get-email-identity --email-identity <identity> #Get at once all the attributes

# Get Resource Policies applied in the identity
aws ses list-identity-policies --identity <identity>
aws ses get-identity-policies --identity <identity> --policy-names <policy>
aws sesv2 get-email-identity-policies --email-identity <identity>

# Get attributes of the identity
## Check if verified
aws ses get-identity-verification-attributes --identities <identity>
## DKIM settings, relevant for identities that are domains not emails
aws ses get-identity-dkim-attributes --identities <identity>
## Get what happnes if the send mail from the identity fails
aws ses get-identity-mail-from-domain-attributes --identities <identity>
## otifications attributes
aws ses get-identity-notification-attributes --identities <identity>

# Get email templates
aws ses list-templates
aws ses get-template --template-name <name>
aws sesv2 list-email-templates
aws sesv2 get-email-template --template-name <name>

# Get custom verification email templates
## This is the email sent when an identity is verified, it can be customized
aws ses list-custom-verification-email-templates
aws sesv2 list-custom-verification-email-templates
aws ses get-custom-verification-email-template --template-name <name>
aws sesv2 get-custom-verification-email-template --template-name <name>

# Get receipt rule sets
## Receipt rules indicate how to handle incoming mail by executing an ordered list of actions
aws ses list-receipt-rule-sets
aws ses describe-receipt-rule-set --rule-set-name <name>
aws ses describe-receipt-rule-set --rule-set-name <name> --rule-name <name>
## Metadata and receipt rules for the receipt rule set that is currently active
aws ses describe-active-receipt-rule-set

# Get suppressed destinations
aws sesv2 list-suppressed-destinations
aws sesv2 get-suppressed-destination --email-address <email>

# Get configuration sets
## These are set of rules applied to the identities related to the configuration set
aws ses list-configuration-sets
aws sesv2 list-configuration-sets
aws ses describe-configuration-set --configuration-set-name <name> --configuration-set-attribute-names eventDestinations trackingOptions deliveryOptions reputationOptions
aws sesv2 get-configuration-set --configuration-set-name <name>
aws sesv2 get-configuration-set-event-destinations --configuration-set-name <name>

# Get Contacts list
aws sesv2 list-contact-lists
aws sesv2 list-contacts --contact-list-name <name>
aws sesv2 get-contact-list --contact-list-name <name>
aws sesv2 get-contact --contact-list-name <name> --email-address <name>

# Private IPs
aws sesv2 list-dedicated-ip-pools
aws sesv2 get-dedicated-ip-pool --pool-name <name>
aws sesv2 get-dedicated-ips --pool-name <name> #Only valid if ScalingMode is Standard
aws sesv2 get-dedicated-ip --ip <ip>

# Misc
## Get send quota
aws ses get-send-quota
## Get statistics
aws ses get-send-statistics
```
### Post Exploitation

{{#ref}}
../aws-post-exploitation/aws-ses-post-exploitation.md
{{#endref}}

{{#include ../../../banners/hacktricks-training.md}}