gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-05 17:27:22 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a14c814155351efa2cac510e2ade246ef6cf9a90
hacktricks-cloud/src/pentesting-cloud/aws-security/aws-post-exploitation/aws-sso-and-identitystore-post-exploitation.md

975 B
Raw Blame History

AWS - SSO & identitystore Post Exploitation

{{#include ../../../banners/hacktricks-training.md}}

SSO & identitystore

Pour plus d'informations, consultez :

{{#ref}} ../aws-services/aws-iam-enum.md {{#endref}}

sso:DeletePermissionSet | sso:PutPermissionsBoundaryToPermissionSet | sso:DeleteAccountAssignment

Ces permissions peuvent être utilisées pour perturber les permissions :

aws sso-admin delete-permission-set --instance-arn <SSOInstanceARN> --permission-set-arn <PermissionSetARN>

aws sso-admin put-permissions-boundary-to-permission-set --instance-arn <SSOInstanceARN> --permission-set-arn <PermissionSetARN> --permissions-boundary-policy-arn <PolicyARN>

aws sso-admin delete-account-assignment --instance-arn <SSOInstanceARN> --target-id <TargetID> --target-type <TargetType> --permission-set-arn <PermissionSetARN> --principal-type <PrincipalType> --principal-id <PrincipalID>

{{#include ../../../banners/hacktricks-training.md}}

Reference in New Issue View Git Blame Copy Permalink