Amazon Simple Email Service (Amazon SES)는 이메일 송수신을 위해 설계되었습니다. 사용자가 트랜잭션, 마케팅 또는 알림 이메일을 효율적이고 안전하게 대규모로 보낼 수 있게 해줍니다. 다른 AWS 서비스와 잘 통합되어 모든 규모의 비즈니스를 위한 이메일 통신 관리를 위한 강력한 솔루션을 제공합니다.
도메인 또는 이메일 주소와 같은 아이덴티티를 등록해야 SES와 상호작용할 수 있습니다 (예: 이메일 송수신).
SMTP 사용자
AWS API를 사용하지 않고 (또는 추가로) AWS의 SMTP 서버에 연결하여 작업을 수행할 수 있습니다. 이를 위해 다음과 같은 정책을 가진 사용자를 생성해야 합니다:
It's also possible to do this from the AWS console web.
Enumeration
SES에는 2개의 API가 있습니다: **ses**와 sesv2. 일부 작업은 두 API에 모두 있으며, 다른 작업은 둘 중 하나에만 있습니다.
# Get info about the SES accountawssesv2get-accountawssesget-account-sending-enabled# Check if enabled# Get registered domains and email addresses (identities)awsseslist-identitiesawssesv2list-email-identitiesawssesv2get-email-identity--email-identity<identity>#Get at once all the attributes# Get Resource Policies applied in the identityawsseslist-identity-policies--identity<identity>awssesget-identity-policies--identity<identity>--policy-names<policy>awssesv2get-email-identity-policies--email-identity<identity># Get attributes of the identity## Check if verifiedawssesget-identity-verification-attributes--identities<identity>## DKIM settings, relevant for identities that are domains not emailsawssesget-identity-dkim-attributes--identities<identity>## Get what happnes if the send mail from the identity failsawssesget-identity-mail-from-domain-attributes--identities<identity>## otifications attributesawssesget-identity-notification-attributes--identities<identity># Get email templatesawsseslist-templatesawssesget-template--template-name<name>awssesv2list-email-templatesawssesv2get-email-template--template-name<name># Get custom verification email templates## This is the email sent when an identity is verified, it can be customizedawsseslist-custom-verification-email-templatesawssesv2list-custom-verification-email-templatesawssesget-custom-verification-email-template--template-name<name>awssesv2get-custom-verification-email-template--template-name<name># Get receipt rule sets## Receipt rules indicate how to handle incoming mail by executing an ordered list of actionsawsseslist-receipt-rule-setsawssesdescribe-receipt-rule-set--rule-set-name<name>awssesdescribe-receipt-rule-set--rule-set-name<name>--rule-name<name>## Metadata and receipt rules for the receipt rule set that is currently activeawssesdescribe-active-receipt-rule-set# Get suppressed destinationsawssesv2list-suppressed-destinationsawssesv2get-suppressed-destination--email-address<email># Get configuration sets## These are set of rules applied to the identities related to the configuration setawsseslist-configuration-setsawssesv2list-configuration-setsaws ses describe-configuration-set --configuration-set-name <name> --configuration-set-attribute-names eventDestinations trackingOptions deliveryOptions reputationOptions
awssesv2get-configuration-set--configuration-set-name<name>awssesv2get-configuration-set-event-destinations--configuration-set-name<name># Get Contacts listawssesv2list-contact-listsawssesv2list-contacts--contact-list-name<name>awssesv2get-contact-list--contact-list-name<name>awssesv2get-contact--contact-list-name<name>--email-address<name># Private IPsawssesv2list-dedicated-ip-poolsawssesv2get-dedicated-ip-pool--pool-name<name>awssesv2get-dedicated-ips--pool-name<name>#Only valid if ScalingMode is Standardawssesv2get-dedicated-ip--ip<ip># Misc## Get send quotaawssesget-send-quota## Get statisticsawssesget-send-statistics
HackTricks Training AWS Red Team Expert (ARTE)
HackTricks Training GCP Red Team Expert (GRTE)