AWS - SQS Post Exploitation
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
For more information check:
AWS - SQS Enumsqs:SendMessage
, sqs:SendMessageBatch
An attacker could send malicious or unwanted messages to the SQS queue, potentially causing data corruption, triggering unintended actions, or exhausting resources.
Potential Impact: Vulnerability exploitation, Data corruption, unintended actions, or resource exhaustion.
sqs:ReceiveMessage
, sqs:DeleteMessage
, sqs:ChangeMessageVisibility
An attacker could receive, delete, or modify the visibility of messages in an SQS queue, causing message loss, data corruption, or service disruption for applications relying on those messages.
Potential Impact: Steal sensitive information, Message loss, data corruption, and service disruption for applications relying on the affected messages.
sqs:DeleteQueue
An attacker could delete an entire SQS queue, causing message loss and impacting applications relying on the queue.
Potential Impact: Message loss and service disruption for applications using the deleted queue.
sqs:PurgeQueue
An attacker could purge all messages from an SQS queue, leading to message loss and potential disruption of applications relying on those messages.
Potential Impact: Message loss and service disruption for applications relying on the purged messages.
sqs:SetQueueAttributes
An attacker could modify the attributes of an SQS queue, potentially affecting its performance, security, or availability.
Potential Impact: Misconfigurations leading to degraded performance, security issues, or reduced availability.
sqs:TagQueue
, sqs:UntagQueue
An attacker could add, modify, or remove tags from SQS resources, disrupting your organization's cost allocation, resource tracking, and access control policies based on tags.
Potential Impact: Disruption of cost allocation, resource tracking, and tag-based access control policies.
sqs:RemovePermission
An attacker could revoke permissions for legitimate users or services by removing policies associated with the SQS queue. This could lead to disruptions in the normal functioning of applications that rely on the queue.
Potential Impact: Disruption of normal functioning for applications relying on the queue due to unauthorized removal of permissions.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)