Skip to content

Commit

Permalink
Address nccgroup#108: Add AWS Consoler permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
Frichetten committed Jan 23, 2022
1 parent d0bc30e commit 4f3f4b4
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions content/aws/post_exploitation/aws_consoler.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ description: "Leverage stolen credentials to use the AWS Console."
Original Research: [Ian Williams](https://blog.netspi.com/gaining-aws-console-access-via-api-keys/)
Link to Tool: [GitHub](https://github.com/NetSPI/aws_consoler)

__Required IAM Permissions__: sts:GetFederationToken OR sts:AssumeRole.

When performing an AWS assessment you will likely encounter IAM Credentials. Traditionally, the majority of these that you would find would only be usable from the AWS CLI. Using a tool called [AWS Consoler](https://github.com/NetSPI/aws_consoler) you can create links that will allow you to access the AWS Console. In this example we will walk through gathering credentials and using those credentials along with Consoler to generate a Console link.

First, we need to gather valid IAM credentials. These are typically found a number of different ways. In this example, we have shell access to an EC2 instance with an attached role and we will curl the metadata service to access them.
Expand Down

0 comments on commit 4f3f4b4

Please sign in to comment.