AWS - Lightsail Persistence
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
For more information check:
They won't be changed probably so just having them is a good option for persistence
An attacker could get access to the instances and backdoor them:
Using a traditional rootkit for example
Adding a new public SSH key
Expose a port with port knocking with a backdoor
If domains are configured:
Create a subdomain pointing your IP so you will have a subdomain takeover
Create SPF record allowing you to send emails from the domain
Configure the main domain IP to your own one and perform a MitM from your IP to the legit ones
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)