I hereby claim:
- I am godinezj on github.
- I am godinezj (https://keybase.io/godinezj) on keybase.
- I have a public key ASDEiV4b_DIA4Ux1sxDusT9B_bPMWLBEAL85fU5WkNwkAAo
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
aws_create_iam_user is a simple post module that can be used to take over AWS accounts. Sure, it is fun enough to take over a single host, but you can own all hosts in the account if you simply create an admin user.
This module depends on administrators being lazy and not using the least privileges possible. Only on rare cases should instances have the following privileges.
#aws_console
Because sometimes we just need to show others that we have full control of an AWS account.
msf post(aws_create_iam_user) > use auxiliary/gather/aws_console
msf auxiliary(aws_console) > set ACCESS_KEY AKIA...
ACCESS_KEY => AKIA...
msf auxiliary(aws_console) > set SECRET abc...
SECRET => abc...
By popular demand, here are my notes for running the demo I presented at Blackhat Arsenal 2017. These are not full instructions on how to setup the full environment, please let me know if you are interested in such a thing.
References: