AWS - Cognito Persistence

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Cognito

Kwa maelezo zaidi, tembelea:

AWS - Cognito Enum

User persistence

Cognito ni huduma inayoruhusu kutoa majukumu kwa watumiaji wasio na uthibitisho na watumiaji walio na uthibitisho na kudhibiti directory ya watumiaji. Mipangilio kadhaa tofauti zinaweza kubadilishwa ili kudumisha baadhi ya uvumilivu, kama vile:

Kuongeza User Pool inayodhibitiwa na mtumiaji kwa Identity Pool
Kutoa IAM role kwa Identity Pool isiyo na uthibitisho na kuruhusu Basic auth flow
Au kwa Identity Pool iliyo na uthibitisho ikiwa mshambuliaji anaweza kuingia
Au kuboresha ruhusa za majukumu yaliyotolewa
Kuunda, kuthibitisha & privesc kupitia sifa zinazodhibitiwa na watumiaji au watumiaji wapya katika User Pool
Kuruhusu Watoa Utambulisho wa Nje kuingia katika User Pool au katika Identity Pool

Angalia jinsi ya kufanya vitendo hivi katika

AWS - Cognito Privesc

`cognito-idp:SetRiskConfiguration`

Mshambuliaji mwenye ruhusa hii anaweza kubadilisha usanidi wa hatari ili kuweza kuingia kama mtumiaji wa Cognito bila kuanzisha alama za tahadhari. Angalia cli ili kuangalia chaguzi zote:

aws cognito-idp set-risk-configuration --user-pool-id <pool-id> --compromised-credentials-risk-configuration EventFilter=SIGN_UP,Actions={EventAction=NO_ACTION}

Kwa kawaida hii imezimwa:

Jifunze & fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Jifunze & fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki hila za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud github repos.

PreviousAWS - API Gateway Persistence NextAWS - DynamoDB Persistence

Last updated 1 month ago