gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-13 13:26:31 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
a1718ef3d5ef2b5c37ca750a4ecfa8a9656bd733
hacktricks-cloud/src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-sns-privesc.md
Courtney Bell a1718ef3d5 arte-courtneybell-corrections 
Minor fixes (fix to one command based on testing, 2 typo corrections)
2025-04-19 18:38:14 -04:00

1.4 KiB
Raw Blame History

AWS - SNS Privesc

{{#include ../../../banners/hacktricks-training.md}}

SNS

For more information check:

{{#ref}} ../aws-services/aws-sns-enum.md {{#endref}}

sns:Publish

An attacker could send malicious or unwanted messages to the SNS topic, potentially causing data corruption, triggering unintended actions, or exhausting resources.

aws sns publish --topic-arn <value> --message <value>

Potential Impact: Vulnerability exploitation, Data corruption, unintended actions, or resource exhaustion.

sns:Subscribe

An attacker could subscribe or to an SNS topic, potentially gaining unauthorized access to messages or disrupting the normal functioning of applications relying on the topic.

aws sns subscribe --topic-arn <value> --protocol <value> --endpoint <value>

Potential Impact: Unauthorized access to messages (sensitive info), service disruption for applications relying on the affected topic.

sns:AddPermission

An attacker could grant unauthorized users or services access to an SNS topic, potentially getting further permissions.

aws sns add-permission --topic-arn <value> --label <value> --aws-account-id <value> --action-name <value>

Potential Impact: Unauthorized access to the topic, message exposure, or topic manipulation by unauthorized users or services, disruption of normal functioning for applications relying on the topic.

{{#include ../../../banners/hacktricks-training.md}}

Reference in New Issue View Git Blame Copy Permalink