Skip to content

RedWiki

Amazon Web Services (AWS)

RedWiki

Welcome to MkDocs
Cheatsheets
Cheatsheets
Development
Development
- Development
Leveling up
Leveling up
- Leveling Up
Security
Security
- References
- Cloud
  Cloud
  - Amazon Web Services (AWS) Amazon Web Services (AWS)
    Table of contents
    
    Situational Awareness
    
    Enumerating Accounts
    
    References
- Linux
  Linux
  - Linux
- Windows
  Windows
  - Windows

Amazon Web Services (AWS)

Situational Awareness

Detect virtual environment

lsns 
hostnamectl
systemd-detect-virt

Useful Tools

docker binary - statically compiled docker binary
capsh - container capability enumeration capsh --print
sysdig - Container monitoring solution. Reports container actions/activities to the cloud.
- sysdig
- sysdig inspect
ttyd - run a tty session via server and get access in a browser
pmapper
pacu

Enumerating Accounts

AWS Policy Evaluation Logic
By adding an account # to your IAM Roles Trust Policy you can verify an accounts existence (same with users & roles in accounts)
Account IDs can be used as the starting point for enumerating accounts
root user will always be there

TOKEN=`curl -X PUT -H "X-aws-ec2-metadata-token-ttl-seconds: 21600" "http://169.254.169.254/latest/api/token" `

curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/

References

[Cloudshark)(https://www.cloudshark.org/captures/ff740838f1c2)