HackTricks Cloud
HackTricks Training Twitter Linkedin Sponsor

AWS - SQS Enum

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

SQS

Amazon Simple Queue Service (SQS) is presented as a fully managed message queuing service. Its main function is to assist in the scaling and decoupling of microservices, distributed systems, and serverless applications. The service is designed to remove the need for managing and operating message-oriented middleware, which can often be complex and resource-intensive. This elimination of complexity allows developers to direct their efforts towards more innovative and differentiating aspects of their work.

Enumeration

# Get queues info
aws sqs list-queues
aws sqs get-queue-attributes --queue-url <url> --attribute-names All

# More about this in privesc & post-exploitation
aws sqs receive-message --queue-url <value>

aws sqs send-message --queue-url <value> --message-body <value>

Also, even if the --queue-url contains the region make sure you specify the correct region in --region or you will get an error that looks like indicate that you don't have access but the problem is the region.

Unauthenticated Access

pageAWS - SQS Unauthenticated Enum

Privilege Escalation

pageAWS - SQS Privesc

Post Exploitation

pageAWS - SQS Post Exploitation

Persistence

pageAWS - SQS Persistence

References

  • https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.aws_sqs/README.html

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

PreviousAWS - SNS EnumNextAWS - S3, Athena & Glacier Enum

Last updated