AWS - Elastic Beanstalk Post Exploitation
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
For more information:
AWS - Elastic Beanstalk Enumelasticbeanstalk:DeleteApplicationVersion
TODO: Test if more permissions are required for this
An attacker with the permission elasticbeanstalk:DeleteApplicationVersion
can delete an existing application version. This action could disrupt application deployment pipelines or cause loss of specific application versions if not backed up.
Potential Impact: Disruption of application deployment and potential loss of application versions.
elasticbeanstalk:TerminateEnvironment
TODO: Test if more permissions are required for this
An attacker with the permission elasticbeanstalk:TerminateEnvironment
can terminate an existing Elastic Beanstalk environment, causing downtime for the application and potential data loss if the environment is not configured for backups.
Potential Impact: Downtime of the application, potential data loss, and disruption of services.
elasticbeanstalk:DeleteApplication
TODO: Test if more permissions are required for this
An attacker with the permission elasticbeanstalk:DeleteApplication
can delete an entire Elastic Beanstalk application, including all its versions and environments. This action could cause a significant loss of application resources and configurations if not backed up.
Potential Impact: Loss of application resources, configurations, environments, and application versions, leading to service disruption and potential data loss.
elasticbeanstalk:SwapEnvironmentCNAMEs
TODO: Test if more permissions are required for this
An attacker with the elasticbeanstalk:SwapEnvironmentCNAMEs
permission can swap the CNAME records of two Elastic Beanstalk environments, which might cause the wrong version of the application to be served to users or lead to unintended behavior.
Potential Impact: Serving the wrong version of the application to users or causing unintended behavior in the application due to swapped environments.
elasticbeanstalk:AddTags
, elasticbeanstalk:RemoveTags
TODO: Test if more permissions are required for this
An attacker with the elasticbeanstalk:AddTags
and elasticbeanstalk:RemoveTags
permissions can add or remove tags on Elastic Beanstalk resources. This action could lead to incorrect resource allocation, billing, or resource management.
Potential Impact: Incorrect resource allocation, billing, or resource management due to added or removed tags.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)