AWS - EC2 Unauthenticated Enum
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Check in this page more information about this:
It's possible to expose the any port of the virtual machines to the internet. Depending on what is running in the exposed the port an attacker could abuse it.
AWS allows to give access to anyone to download AMIs and Snapshots. You can list these resources very easily from your own account:
If you find a snapshot that is restorable by anyone, make sure to check AWS - EBS Snapshot Dump for directions on downloading and looting the snapshot.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)