AWS - MSK Privesc

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

MSK

Kwa maelezo zaidi kuhusu MSK (Kafka) angalia:

AWS - MSK Enum

`msk:ListClusters`, `msk:UpdateSecurity`

Kwa hizi privileges na ufikiaji wa VPC ambapo brokers za kafka zipo, unaweza kuongeza None authentication ili kuzipata.

aws msk --client-authentication <value> --cluster-arn <value> --current-version <value>

Unahitaji ufikiaji wa VPC kwa sababu huwezi kuwezesha uthibitisho wa None na Kafka iliyofichuliwa hadharani. Ikiwa imefichuliwa hadharani, ikiwa uthibitisho wa SASL/SCRAM unatumika, unaweza kusoma siri ili kupata ufikiaji (utahitaji ruhusa za ziada kusoma siri hiyo). Ikiwa uthibitisho wa msingi wa jukumu la IAM unatumika na kafka imefichuliwa hadharani bado unaweza kutumia ruhusa hizi kukupa ruhusa za kuipata.

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za udukuzi kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousAWS - MQ Privesc NextAWS - RDS Privesc

Last updated 1 month ago

MSK

msk:ListClusters, msk:UpdateSecurity

`msk:ListClusters`, `msk:UpdateSecurity`