Links

AWS - Lightsail Persistence

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks:

Lightsail

For more information check:

Download Instance SSH keys & DB passwords

They won't be changed probably so just having them is a good option for persistence

Backdoor Instances

An attacker could get access to the instances and backdoor them:
  • Using a traditional rootkit for example
  • Adding a new public SSH key
  • Expose a port with port knocking with a backdoor

DNS persistence

If domains are configured:
  • Create a subdomain pointing your IP so you will have a subdomain takeover
  • Create SPF record allowing you to send emails from the domain
  • Configure the main domain IP to your own one and perform a MitM from your IP to the legit ones
Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!
Other ways to support HackTricks: