hacktricks-cloud/pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation

AWS - Lambda Post Exploitation

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

• Check the subscription plans!
• Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
• Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}

Lambda

For more information check:

{% content-ref url="../../aws-services/aws-lambda-enum.md" %} aws-lambda-enum.md {% endcontent-ref %}

Steal Others Lambda URL Requests

If an attacker somehow manage to get RCE inside a Lambda he will be able to steal other users HTTP requests to the lambda. If the requests contain sensitive information (cookies, credentials...) he will be able to steal them.

{% content-ref url="aws-warm-lambda-persistence.md" %} aws-warm-lambda-persistence.md {% endcontent-ref %}

Steal Others Lambda URL Requests & Extensions Requests

Abusing Lambda Layers it's also possible to abuse extensions and persist in the lambda but also steal and modify requests.

{% content-ref url="../../aws-persistence/aws-lambda-persistence/aws-abusing-lambda-extensions.md" %} aws-abusing-lambda-extensions.md {% endcontent-ref %}

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

• Check the subscription plans!
• Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
• Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}