Hacking AWS Services | iam_privesc_by_attachment (Medium / Moderate)

Поделиться
HTML-код
  • Опубликовано: 11 сен 2024
  • CloudGoat (☁️🐐)
    CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool.
    =-=-=-=-=-==-=-==-=-==-=-==-=-==-=-==-=-==-=-=
    Note: This is for educational purposes only!
    =-=-=-=-=-==-=-==-=-==-=-==-=-==-=-==-=-==-=-=
    Starting with a very limited set of permissions, the attacker is able to leverage the instance-profile-attachment permissions to create a new EC2 instance with significantly greater privileges than their own. With access to this new EC2 instance, the attacker gains full administrative powers within the target account and is able to accomplish the scenario's goal - deleting the cg-super-critical-security-server and paving the way for further nefarious actions.
    Note: This scenario may require you to create some AWS resources, and because CloudGoat can only manage resources it creates, you should remove them manually before running ./cloudgoat destroy.

Комментарии • 1

  • @ropz8677
    @ropz8677 8 месяцев назад +2

    Happy holidays brother, my best wishes to you and your channel!

Следующие
Автовоспроизведение
Hacking AWS Services | ec2_ssrf (Medium / Moderate)19:18Hacking AWS Services | ec2_ssrf (Medium / Moderate)
Hacking AWS Services | ec2_ssrf (Medium / Moderate)Little More Help
Просмотров 62
Hacking AWS Services | rce_web_app (Medium / Hard)29:17Hacking AWS Services | rce_web_app (Medium / Hard)
Hacking AWS Services | rce_web_app (Medium / Hard)Little More Help
Просмотров 138
Little-Known AI Tools Giving Academics an Unfair Advantage9:58Little-Known AI Tools Giving Academics an Unfair Advantage
Little-Known AI Tools Giving Academics an Unfair AdvantageAndy Stapleton
Просмотров 12 тыс.
iPhone 16/Pro Impressions: The Great Separation!16:14iPhone 16/Pro Impressions: The Great Separation!
iPhone 16/Pro Impressions: The Great Separation!Marques Brownlee
Просмотров 8 млн
September 06 2024 Papua New Guinea looks forward to Pope Francis' arrival01:01September 06 2024 Papua New Guinea looks forward to Pope Francis' arrival
September 06 2024 Papua New Guinea looks forward to Pope Francis' arrivalVatican News
Просмотров 112 тыс.
Pain Be Like08:03Pain Be Like
Pain Be LikeChainsFR
Просмотров 1,2 млн
Destiny Situation Just Got Crazier58:23Destiny Situation Just Got Crazier
Destiny Situation Just Got CrazierDatto
Просмотров 326 тыс.
LangGraph - Own AI App Business Logic - 01 Intro Components - Beginner Tutorial - #aiagents #ai #llm35:08LangGraph - Own AI App Business Logic - 01 Intro Components - Beginner Tutorial - #aiagents #ai #llm
LangGraph - Own AI App Business Logic - 01 Intro Components - Beginner Tutorial - #aiagents #ai #llmCreditizens NFT
Просмотров 93
How to use PGP Encryption | This is how Asymmetric Encryption Works DEMO | GNU PG12:15How to use PGP Encryption | This is how Asymmetric Encryption Works DEMO | GNU PG
How to use PGP Encryption | This is how Asymmetric Encryption Works DEMO | GNU PGLittle More Help
Просмотров 566
Hacking AWS Services | iam_privesc_by_rollback (Small / Easy)8:16Hacking AWS Services | iam_privesc_by_rollback (Small / Easy)
Hacking AWS Services | iam_privesc_by_rollback (Small / Easy)Little More Help
Просмотров 77
Cursor Is Beating VS Code (...by forking it)18:00Cursor Is Beating VS Code (...by forking it)
Cursor Is Beating VS Code (...by forking it)Theo - t3․gg
Просмотров 73 тыс.
Hacking AWS Services | lambda_privesc (Small / Easy)27:54Hacking AWS Services | lambda_privesc (Small / Easy)
Hacking AWS Services | lambda_privesc (Small / Easy)Little More Help
Просмотров 73
Introduction to Cloud Hacking| flaws.cloud LEVEL 414:23Introduction to Cloud Hacking| flaws.cloud LEVEL 4
Introduction to Cloud Hacking| flaws.cloud LEVEL 4Little More Help
Просмотров 398
Hacking AWS Services | vulnerable_cognito (Small / Moderate)22:05Hacking AWS Services | vulnerable_cognito (Small / Moderate)
Hacking AWS Services | vulnerable_cognito (Small / Moderate)Little More Help
Просмотров 136
Hacking AWS Services | ecs_takeover (Medium / Moderate)21:22Hacking AWS Services | ecs_takeover (Medium / Moderate)
Hacking AWS Services | ecs_takeover (Medium / Moderate)Little More Help
Просмотров 57
КРАСНОГЛАЗОМУ ЗОМБИ ПОФИГ НА МОЮ ОБОРОНУ! / PVZ ODD MOD00:48КРАСНОГЛАЗОМУ ЗОМБИ ПОФИГ НА МОЮ ОБОРОНУ! / PVZ ODD MOD
КРАСНОГЛАЗОМУ ЗОМБИ ПОФИГ НА МОЮ ОБОРОНУ! / PVZ ODD MODIGRARIUM - Игровые обзоры
Просмотров 550 тыс.
Good fragrance doesn’t have to come with a big price tag🏷️ #trending #shorts #catchysmells #itmaaz01:00Good fragrance doesn’t have to come with a big price tag🏷️ #trending #shorts #catchysmells #itmaaz
Good fragrance doesn’t have to come with a big price tag🏷️ #trending #shorts #catchysmells #itmaazIT Maaz
Просмотров 13 млн
🚫✨ Dive into these satisfying hacks that you should NOT try at home! #DontTryThis #SatisfyingHacks00:19🚫✨ Dive into these satisfying hacks that you should NOT try at home! #DontTryThis #SatisfyingHacks
🚫✨ Dive into these satisfying hacks that you should NOT try at home! #DontTryThis #SatisfyingHacksThat Little Puff
Просмотров 502 тыс.
Китайка и Зеленый Слайм😂😆00:20Китайка и Зеленый Слайм😂😆
Китайка и Зеленый Слайм😂😆KITAYSKAYA ZMEYKA
Просмотров 70 тыс.
Планы ВСУ провалились! #украина #россия #политика #новости #сво #всу #курск #покровск #shorts00:23Планы ВСУ провалились! #украина #россия #политика #новости #сво #всу #курск #покровск #shorts
Планы ВСУ провалились! #украина #россия #политика #новости #сво #всу #курск #покровск #shortsCTVBY
Просмотров 2,5 млн
БЕЛКА РОЖАЕТ?#cat00:28БЕЛКА РОЖАЕТ?#cat
БЕЛКА РОЖАЕТ?#catЛайки Like
Просмотров 132 тыс.
Нельзя смеяться | Смех с водой | 78 #shorts00:57Нельзя смеяться | Смех с водой | 78 #shorts
Нельзя смеяться | Смех с водой | 78 #shortsКоммент.Шоу
Просмотров 1,2 млн
爸爸误以为钱生钱,怎料又被儿子套路了! #funny #萌娃 #comedy00:46爸爸误以为钱生钱,怎料又被儿子套路了! #funny #萌娃 #comedy
爸爸误以为钱生钱,怎料又被儿子套路了! #funny #萌娃 #comedy搞笑爸爸带俩娃
Просмотров 4,8 млн