gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-31 15:05:44 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
716aa06779f5d760ee3c4410b2e20ab000636e74
hacktricks-cloud/src/pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation
History
Carlos Polop 716aa06779 translate 2
2025-01-01 23:55:27 +01:00
..
aws-warm-lambda-persistence.md
translate 2
2025-01-01 23:55:27 +01:00
README.md
translate 2
2025-01-01 23:55:27 +01:00

README.md

AWS - Lambda Post Exploitation

{{#include ../../../../banners/hacktricks-training.md}}

Lambda

For more information check:

{{#ref}} ../../aws-services/aws-lambda-enum.md {{#endref}}

Steal Others Lambda URL Requests

If an attacker somehow manage to get RCE inside a Lambda he will be able to steal other users HTTP requests to the lambda. If the requests contain sensitive information (cookies, credentials...) he will be able to steal them.

{{#ref}} aws-warm-lambda-persistence.md {{#endref}}

Steal Others Lambda URL Requests & Extensions Requests

Abusing Lambda Layers it's also possible to abuse extensions and persist in the lambda but also steal and modify requests.

{{#ref}} ../../aws-persistence/aws-lambda-persistence/aws-abusing-lambda-extensions.md {{#endref}}

{{#include ../../../../banners/hacktricks-training.md}}

Reference in New Issue View Git Blame Copy Permalink