Cloud Ring
AWS CLI Intro
On this challenge we have an walkthrough on how to use AWS
Trufflehog Search
Question - Use Trufflehog to find secrets in a Git repo. What's the name of the file that has AWS credentials?
By running trufflehog git https://haugfactory.com/asnowball/aws_scripts.git we get some interesting results:
The next steps is to clone the repo and do git show 106d33e1ffd53eea753c1365eafc6588398279b5 to find the aws key id + secret key
Now that we have the credentials is time to run aws configure and move to the next challenge
Exploitation via AWS CLI
This challenge is a set of tasks that need to be answered (by providing the correct aws command)
First question - Managed (think: shared) policies can be attached to multiple users. Use the AWS CLI to find any policies attached to your user.
Second question - Now, view or get the policy that is attached to your user.
Third question - Attached policies can have multiple versions. View the default version of this policy
Fourth question - Inline policies are policies that are unique to a particular identity or resource. Use the AWS CLI to list the inline policies associated with your user.
Fifth question - Now, use the AWS CLI to get the only inline policy for your user.
Sixth question - The inline user policy named S3Perms disclosed the name of an S3 bucket that you have permissions to list objects. List those objects!
Seventh question - The attached user policy provided you several Lambda privileges. Use the AWS CLI to list Lambda functions.
Lambda functions can have public URLs from which they are directly accessible. Use the AWS CLI to get the configuration containing the public URL of the Lambda function.
With this answer we reach the end of this room and obtained the cloud ring
Last updated