hacktricks-cloud/src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.md

AWS - RDS Neautentifikovana Enumeracija

{{#include ../../../banners/hacktricks-training.md}}

RDS

Za više informacija pogledajte:

{{#ref}} ../aws-services/aws-relational-database-rds-enum.md {{#endref}}

Javni Port

Moguće je omogućiti javni pristup bazi podataka sa interneta. Napadač će i dalje morati da zna korisničko ime i lozinku, IAM pristup, ili neku eksploataciju da bi ušao u bazu podataka.

Javni RDS Snimci

AWS omogućava pristup svima da preuzmu RDS snimke. Možete lako nabrojati ove javne RDS snimke iz svog naloga:

# Public RDS snapshots
aws rds describe-db-snapshots --include-public

## Search by account ID
aws rds describe-db-snapshots --include-public --query 'DBSnapshots[?contains(DBSnapshotIdentifier, `284546856933:`) == `true`]'
## To share a RDS snapshot with everybody the RDS DB cannot be encrypted (so the snapshot won't be encryted)
## To share a RDS encrypted snapshot you need to share the KMS key also with the account


# From the own account you can check if there is any public snapshot with:
aws rds describe-db-snapshots --snapshot-type public [--region us-west-2]
## Even if in the console appear as there are public snapshot it might be public
## snapshots from other accounts used by the current account

Javni URL šablon

mysql://{user_provided}.{random_id}.{region}.rds.amazonaws.com:3306
postgres://{user_provided}.{random_id}.{region}.rds.amazonaws.com:5432

{{#include ../../../banners/hacktricks-training.md}}