whx
/
killchain-compendium
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

bump

This commit is contained in:
Stefan Etringer 2023-02-21 21:18:14 +01:00
parent ca53f6bcb9
commit ce52b5aa9d
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Enumeration/AWS.md
View File

@ -4,6 +4,7 @@
* [Regions](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-segions)
* `--region`
### Simple Storage Service (S3)
* [S3](https://aws.amazon.com/s3/)
* Methods of access control are as follows
@ -29,10 +30,12 @@ aws s3 cp s3://<bucketname>/foo_public.xml . --no-sign-request
```
#### ACL
* `Anyone`, just `curl`
* `AuthenticatedUsers`, `s3` cli with aws key
## IAM
* Not necessarily used by s3
* Access key ID, starts with `AKIA` + 20 chars
* Secret access key
@ -82,3 +85,10 @@ aws secretsmanager list-secrets
ws secretsmanager get-secret-value --secret-id <Name> --region <region>
```
## Check Permissions on S3 Bucket
* Do a `PUT` method to see if the bucket may be writeable to upload a file via
```sh
curl -vvv -X PUT $BUCKET_URL --data "Test of write permissions"
```