AWS - EC2 Unauthenticated Enum
EC2 & Related Services
Check in this page more information about this:
pageAWS - EC2, EBS, ELB, SSM, VPC & VPN EnumPublic Ports
It's possible to expose the any port of the virtual machines to the internet. Depending on what is running in the exposed the port an attacker could abuse it.
SSRF
Public AMIs & EBS Snapshots
AWS allows to give access to anyone to download AMIs and Snapshots. You can list these resources very easily from your own account:
If you find a snapshot that is restorable by anyone, make sure to check AWS - EBS Snapshot Dump for directions on downloading and looting the snapshot.
Public URL template
Enumerate EC2 instances with public IP
Last updated