gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-28 05:33:10 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
d8f2a08efae5c6ded8946ac2dcc5d7def8fab90c
hacktricks-cloud/src/pentesting-cloud/aws-security/aws-persistence/aws-api-gateway-persistence
History

README.md

AWS - API Gateway Persistence

{{#include ../../../../banners/hacktricks-training.md}}

API Gateway

For more information go to:

{{#ref}} ../../aws-services/aws-api-gateway-enum.md {{#endref}}

リソースポリシー

Modify the resource policy of the API gateway(s) to grant yourself access to them

Lambda Authorizers の変更

Modify the code of lambda authorizers to grant yourself access to all the endpoints.\
Or just remove the use of the authorizer.

IAM Permissions

If a resource is using IAM authorizer you could give yourself access to it modifying IAM permissions.\
Or just remove the use of the authorizer.

API Keys

If API keys are used, you could leak them to maintain persistence or even create new ones.\
Or just remove the use of API keys.

{{#include ../../../../banners/hacktricks-training.md}}

Reference in New Issue View Git Blame Copy Permalink