hacktricks-cloud/pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.md

AWS - SQS Enum

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

• Check the subscription plans!
• Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
• Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}

SQS

Amazon Simple Queue Service (SQS) is presented as a fully managed message queuing service. Its main function is to assist in the scaling and decoupling of microservices, distributed systems, and serverless applications. The service is designed to remove the need for managing and operating message-oriented middleware, which can often be complex and resource-intensive. This elimination of complexity allows developers to direct their efforts towards more innovative and differentiating aspects of their work.

Enumeration

# Get queues info
aws sqs list-queues
aws sqs get-queue-attributes --queue-url <url> --attribute-names All

# More about this in privesc & post-exploitation
aws sqs receive-message --queue-url <value>

aws sqs send-message --queue-url <value> --message-body <value>

{% hint style="danger" %} Also, even if the --queue-url contains the region make sure you specify the correct region in --region or you will get an error that looks like indicate that you don't have access but the problem is the region. {% endhint %}

Unauthenticated Access

{% content-ref url="../aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum.md" %} aws-sqs-unauthenticated-enum.md {% endcontent-ref %}

Privilege Escalation

{% content-ref url="../aws-privilege-escalation/aws-sqs-privesc.md" %} aws-sqs-privesc.md {% endcontent-ref %}

Post Exploitation

{% content-ref url="../aws-post-exploitation/aws-sqs-post-exploitation.md" %} aws-sqs-post-exploitation.md {% endcontent-ref %}

Persistence

{% content-ref url="../aws-persistence/aws-sqs-persistence.md" %} aws-sqs-persistence.md {% endcontent-ref %}

References

• https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.aws_sqs/README.html

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

• Check the subscription plans!
• Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
• Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

{% endhint %}