hacktricks-cloud/pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.md

# AWS - ECR Privesc

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

## ECR

### `ecr:GetAuthorizationToken`,`ecr:BatchGetImage`

An attacker with the **`ecr:GetAuthorizationToken`** and **`ecr:BatchGetImage`** can login to ECR and download images.

For more info on how to download images:

{% content-ref url="../aws-post-exploitation/aws-ecr-post-exploitation.md" %}
[aws-ecr-post-exploitation.md](../aws-post-exploitation/aws-ecr-post-exploitation.md)
{% endcontent-ref %}

**Potential Impact:** Indirect privesc by intercepting sensitive information in the traffic.

### `ecr:GetAuthorizationToken`, `ecr:BatchCheckLayerAvailability`, `ecr:CompleteLayerUpload`, `ecr:InitiateLayerUpload`, `ecr:PutImage`, `ecr:UploadLayerPart`

An attacker with the all those permissions **can login to ECR and upload images**. This can be useful to escalate privileges to other environments where those images are being used.

To learn how to upload a new image/update one, check:

{% content-ref url="../aws-services/aws-eks-enum.md" %}
[aws-eks-enum.md](../aws-services/aws-eks-enum.md)
{% endcontent-ref %}

### `ecr-public:GetAuthorizationToken`, `ecr-public:BatchCheckLayerAvailability, ecr-public:CompleteLayerUpload`, `ecr-public:InitiateLayerUpload, ecr-public:PutImage`, `ecr-public:UploadLayerPart`

Like the previous section, but for public repositories.

### `ecr:SetRepositoryPolicy`

An attacker with this permission could **change** the **repository** **policy** to grant himself (or even everyone) **read/write access**.\
For example, in this example read access is given to everyone.

```bash
aws ecr set-repository-policy \
    --repository-name <repo_name> \
    --policy-text file://my-policy.json
```

Contents of `my-policy.json`:

```json
{
    "Version" : "2008-10-17",
    "Statement" : [
        {
            "Sid" : "allow public pull",
            "Effect" : "Allow",
            "Principal" : "*",
            "Action" : [
                "ecr:BatchCheckLayerAvailability",
                "ecr:BatchGetImage",
                "ecr:GetDownloadUrlForLayer"
            ]
        }
    ]
}
```

### `ecr-public:SetRepositoryPolicy`

Like the previoous section, but for public repositories.\
An attacker can **modify the repository policy** of an ECR Public repository to grant unauthorized public access or to escalate their privileges.

{% code overflow="wrap" %}
```bash
bashCopy code# Create a JSON file with the malicious public repository policy
echo '{
  "Version": "2008-10-17",
  "Statement": [
    {
      "Sid": "MaliciousPublicRepoPolicy",
      "Effect": "Allow",
      "Principal": "*",
      "Action": [
        "ecr-public:GetDownloadUrlForLayer",
        "ecr-public:BatchGetImage",
        "ecr-public:BatchCheckLayerAvailability",
        "ecr-public:PutImage",
        "ecr-public:InitiateLayerUpload",
        "ecr-public:UploadLayerPart",
        "ecr-public:CompleteLayerUpload",
        "ecr-public:DeleteRepositoryPolicy"
      ]
    }
  ]
}' > malicious_public_repo_policy.json

# Apply the malicious public repository policy to the ECR Public repository
aws ecr-public set-repository-policy --repository-name your-ecr-public-repo-name --policy-text file://malicious_public_repo_policy.json
```
{% endcode %}

**Potential Impact**: Unauthorized public access to the ECR Public repository, allowing any user to push, pull, or delete images.

### `ecr:PutRegistryPolicy`

An attacker with this permission could **change** the **registry policy** to grant himself, his account (or even everyone) **read/write access**.

```bash
aws ecr set-repository-policy \
    --repository-name <repo_name> \
    --policy-text file://my-policy.json
```

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../../.gitbook/assets/image (1) (1) (1) (1).png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../../.gitbook/assets/image (2) (1).png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}