gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-30 22:50:43 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
3d522731398b53a7259ed006cb987cc0110e3e0f
hacktricks-cloud/src/pentesting-cloud/aws-security/aws-privilege-escalation
History
Translator 3d52273139 Translated ['src/pentesting-cloud/aws-security/aws-privilege-escalation/
2025-01-06 17:11:52 +00:00
..
aws-cloudformation-privesc
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-codestar-privesc
Translated ['src/pentesting-cloud/aws-security/aws-privilege-escalation/
2025-01-05 10:37:29 +00:00
aws-apigateway-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-chime-privesc.md
Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/
2024-12-31 20:17:59 +00:00
aws-codebuild-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-codepipeline-privesc.md
Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/
2024-12-31 20:17:59 +00:00
aws-cognito-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-datapipeline-privesc.md
Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/
2024-12-31 20:17:59 +00:00
aws-directory-services-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-dynamodb-privesc.md
Translated ['src/pentesting-ci-cd/terraform-security.md', 'src/pentestin
2025-01-05 20:34:19 +00:00
aws-ebs-privesc.md
Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/
2024-12-31 20:17:59 +00:00
aws-ec2-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-ecr-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-ecs-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-efs-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-elastic-beanstalk-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-emr-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-gamelift.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-glue-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-iam-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-kms-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-lambda-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-lightsail-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-mediapackage-privesc.md
Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/
2024-12-31 20:17:59 +00:00
aws-mq-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-msk-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-organizations-prinvesc.md
Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/
2024-12-31 20:17:59 +00:00
aws-rds-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-redshift-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-s3-privesc.md
Translated ['src/pentesting-cloud/aws-security/aws-privilege-escalation/
2025-01-06 17:11:52 +00:00
aws-sagemaker-privesc.md
Translated ['src/pentesting-cloud/aws-security/aws-privilege-escalation/
2025-01-05 22:57:51 +00:00
aws-secrets-manager-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-sns-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-sqs-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-ssm-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-sso-and-identitystore-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-stepfunctions-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-sts-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
aws-workdocs-privesc.md
Translated ['src/README.md', 'src/banners/hacktricks-training.md', 'src/
2024-12-31 20:17:59 +00:00
eventbridgescheduler-privesc.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
README.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00
route53-createhostedzone-route53-changeresourcerecordsets-acm-pca-issuecertificate-acm-pca-getcer.md
Translated ['src/banners/hacktricks-training.md', 'src/pentesting-ci-cd/
2025-01-02 01:20:36 +00:00

README.md

AWS - Élévation de privilèges

{{#include ../../../banners/hacktricks-training.md}}

Élévation de privilèges AWS

La façon d'élever vos privilèges dans AWS est d'avoir suffisamment de permissions pour pouvoir, d'une manière ou d'une autre, accéder aux privilèges d'autres rôles/utilisateurs/groupes. Enchaînant les élévations jusqu'à obtenir un accès administrateur sur l'organisation.

Warning

AWS a des centaines (si ce n'est des milliers) de permissions qu'une entité peut se voir accorder. Dans ce livre, vous pouvez trouver toutes les permissions que je connais que vous pouvez abuser pour élever des privilèges, mais si vous connaissez un chemin non mentionné ici, merci de le partager.

Caution

Si une politique IAM a "Effect": "Allow" et "NotAction": "Someaction" indiquant une ressource... cela signifie que le principal autorisé a la permission de faire TOUT sauf cette action spécifiée.
Donc, rappelez-vous que c'est une autre façon de conceder des permissions privilégiées à un principal.

Les pages de cette section sont ordonnées par service AWS. Vous y trouverez des permissions qui vous permettront d'élever des privilèges.

Outils

{{#include ../../../banners/hacktricks-training.md}}

Reference in New Issue View Git Blame Copy Permalink