AWS IAM privilege escalation paths (iam-vulnerable)
Hi readers recently I aws looking for resources to learn about IAM misconfigurations in AWS which might lead to privilege escalation. I came across a awsome project named
iam-vulnerable(https://github.com/BishopFox/iam-vulnerable) which allows to setup your own lab environment to play and test these misconfigured users, roles and groups. Here we will be looking into lab setup and some privesc paths :)
Setup:
Note: For viewing raw http requests sent from aws cli in a proxy tool like burpsuite (Check Appendix in the last) -
- Create a new group named “Administrators” and attach “AdministratorAccess” policy to it.
2. Next add a new user(“terraform” in my case) and make this user member of “Administators” group.
3. Click on the “terraform” user and create access keys by going to “Security Credentials” tab.