Hacking AWS end-to-end - remastered
Автор: Summit Route
Загружено: 2021-10-17
Просмотров: 7990
Описание:
A remastering of one of greatest cloud security talk ever given, Daniel Grzelak's Kiwicon 2016 presentation where he shows IAM principal enumeration using resource policies, abusing vendor trust relationship confused deputies, and more. Slides and code: https://github.com/dagrz/aws_pwn
Presenter: / dagrz
(Remastering by Scott Piper)
References
2009: Nicholas Arvanitis, Marco Slaviero, Haroon Meer, "Clobbering the clouds": • DEFCON 17: Clobbering the Cloud
2013: Andres Riancho presentation "Pivoting in the clouds": • Pivoting in Amazon Clouds - Andres Riancho...
2016: Dan Amiga, Dor Knafo: "Account Jumping Post Infection Persistency & Lateral Movement in AWS" • Account Jumping Post Infection Persistency...
Chapters:
0:00 - Introduction
00:45 - Start of talk
04:02 - Reconnaisance
05:22 - Determine if an account exists
07:23 - IAM principal enumeration through resource policies
08:28 - Determine if resource exists
10:58 - Compromise
12:11 - Pre-owned resources
13:02 - Phishing with S3 bucket websites
14:56 - Metadata endpoint
16:19 - IAM trust role relationships
19:00 - Confused deputy of vendors
21:17 - Log disruption
23:59 - Lambda event for Cloudtrail object deletion
24:26 - Exploration
26:26 - Viewing support cases
27:02 - Elevation
27:08 - IAM role assumption
28:04 - IAM policy privesc
28:21 - Cloudformation stack secrets
29:53 - Cloudtrail log information
30:39 - Using S3 access logs to read buckets you can't access
31:24 - Dumping EC2 userdata
32:20 - Subverting application trusted data (technique used by 2013 Andres Riancho presentation "Pivoting in the clouds")
32:41 - EC2 compromise through userdata #cloud-boothook
35:17 - Persistence
35:26 - Long session
36:38 - Backdooring IAM users
36:55 - IAM role trusts
37:35 - Using Lambda for persistence
39:01 - Exfiltration
40:15 - RDS read replica
40:40 - RDS change password
40:49 - Creating snapshots
40:55 - Snowball exfil
41:16 - Happy hacking
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке: