AWS - SNS Unauthenticated Enum
Last updated
Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
For more information about SNS check:
When you configure a SNS topic from the web console it's possible to indicate that Everyone can publish and subscribe to the topic:
So if you find the ARN of topics inside the account (or brute forcing potential names for topics) you can check if you can publish or subscribe to them.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)