Cloud

Basic Commands

aws s3 ls s3://<bucketname>
aws s3 cp ./poc.txt s3://<bucketname>/poc.txt
aws s3 sync s3://<bucketname>

Command below enumerates your access and secret key. Additional buckets can be found via this way.

python3 /opt/enumerate-iam/enumerate-iam.py --access-key <accesskey> --secret-key <secretkey>

Set your credentials under ~/.aws/credentials

❯ cat ~/.aws/credentials
[default]
aws_access_key_id = <accesskey>
aws_secret_access_key = <secretkey>

Some s3api command examples

aws s3api list-buckets --query "Buckets[].Name"
aws s3api get-bucket-tagging --bucket <bucketname>

If the key has access to lambda function we can check what functions it have

aws lambda list-functions
aws lambda list-tags --resource arn:aws:lambda:eu-west-1:957405373060:function:lambdaThrusters-8697c51

EC2

aws ec2 describe-tags

Last updated 2 years ago