AWS - API Gateway Persistence
API Gateway
For more information go to:
pageAWS - API Gateway EnumResource Policy
Modify the resource policy of the API gateway(s) to grant yourself access to them
Modify Lambda Authorizers
Modify the code of lambda authorizers to grant yourself access to all the endpoints. Or just remove the use of the authorizer.
IAM Permissions
If a resource is using IAM authorizer you could give yourself access to it modifying IAM permissions. Or just remove the use of the authorizer.
API Keys
If API keys are used, you could leak them to maintain persistence or even create new ones. Or just remove the use of API keys.
Last updated