AWS - SNS Post Exploitation

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
Get the official PEASS & HackTricks swag
Discover The PEASS Family, our collection of exclusive NFTs
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

SNS

For more information:

Disrupt Messages

In several cases, SNS topics are used to send messages to platforms that are being monitored (emails, slack messages...). If an attacker prevents sending the messages that alert about it presence in the cloud, he could remain undetected.

An attacker could delete an entire SNS topic, causing message loss and impacting applications relying on the topic.

aws sns delete-topic --topic-arn <value>

Potential Impact: Message loss and service disruption for applications using the deleted topic.

An attacker could send malicious or unwanted messages to the SNS topic, potentially causing data corruption, triggering unintended actions, or exhausting resources.

aws sns publish --topic-arn <value> --message <value>

Potential Impact: Data corruption, unintended actions, or resource exhaustion.

An attacker could modify the attributes of an SNS topic, potentially affecting its performance, security, or availability.

aws sns set-topic-attributes --topic-arn <value> --attribute-name <value> --attribute-value <value>

Potential Impact: Misconfigurations leading to degraded performance, security issues, or reduced availability.

An attacker could subscribe or unsubscribe to an SNS topic, potentially gaining unauthorized access to messages or disrupting the normal functioning of applications relying on the topic.

aws sns subscribe --topic-arn <value> --protocol <value> --endpoint <value>
aws sns unsubscribe --subscription-arn <value>

Potential Impact: Unauthorized access to messages, service disruption for applications relying on the affected topic.

An attacker could grant unauthorized users or services access to an SNS topic, or revoke permissions for legitimate users, causing disruptions in the normal functioning of applications that rely on the topic.

aws sns add-permission --topic-arn <value> --label <value> --aws-account-id <value> --action-name <value>
aws sns remove-permission --topic-arn <value> --label <value>

Potential Impact: Unauthorized access to the topic, message exposure, or topic manipulation by unauthorized users or services, disruption of normal functioning for applications relying on the topic.

An attacker could add, modify, or remove tags from SNS resources, disrupting your organization's cost allocation, resource tracking, and access control policies based on tags.

aws sns tag-resource --resource-arn <value> --tags Key=<key>,Value=<value>
aws sns untag-resource --resource-arn <value> --tag-keys <key>

Potential Impact: Disruption of cost allocation, resource tracking, and tag-based access control policies.

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

If you want to see your company advertised in HackTricks or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
Get the official PEASS & HackTricks swag
Discover The PEASS Family, our collection of exclusive NFTs
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

PreviousAWS - SES Post Exploitation NextAWS - SQS Post Exploitation

Last updated 2 months ago

SNS

Disrupt Messages

sns:DeleteTopic

sns:Publish

sns:SetTopicAttributes

sns:Subscribe , sns:Unsubscribe

sns:AddPermission , sns:RemovePermission

sns:TagResource , sns:UntagResource

`sns:DeleteTopic`

`sns:Publish`

`sns:SetTopicAttributes`

`sns:Subscribe` , `sns:Unsubscribe`

`sns:AddPermission` , `sns:RemovePermission`

`sns:TagResource` , `sns:UntagResource`