AWS - Accounts Unauthenticated Enum
Last updated
Last updated
Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Ikiwa una lengo kuna njia za kujaribu kubaini IDs za akaunti za akaunti zinazohusiana na lengo hilo.
Unaunda orodha ya IDs za akaunti zinazowezekana na majina na kuziangalia.
You can automate this process with this tool.
Tafuta urls ambazo zina <alias>.signin.aws.amazon.com
zikiwa na alias inayohusiana na shirika.
Ikiwa muuzaji ana instances katika soko, unaweza kupata id ya mmiliki (account id) ya akaunti ya AWS aliyoitumia.
Public EBS snapshots (EC2 -> Snapshots -> Public Snapshots)
RDS public snapshots (RDS -> Snapshots -> All Public Snapshots)
Public AMIs (EC2 -> AMIs -> Public images)
Ujumbe mwingi wa makosa ya AWS (hata ufikiaji umekataliwa) utaeleza hiyo taarifa.
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)