Home Ā» Learning Series: Cloud Penetration Testing (AWS)
Cloud

Learning Series: Cloud Penetration Testing (AWS)

by ThreatNinja | Penetration Testing
written by ThreatNinja | Penetration Testing 0 comment

In the post, i would like to share some knowledge on Cloud Penetration Testing for learning purposes

What is Cloud Penetration Testing?

There are some Penetration Testing that has been executed within the organization and one of them is Cloud Penetration Testing Activity. It is an activity that has been designed so that the tester will access the strength and weaknesses of any application that resides inside the cloud system.

The main purpose for the activity are such as follows:

Identify risks, vulnerabilities, and gaps
Impact of exploitable vulnerabilities
Determine how to leverage any access obtained via exploitation
Deliver clear and actionable remediation information
Provide best practices in maintaining visibility

Demonstration on the Cloud Penetration Testing

The writeup is taken from here for those who are willing to read further on the process

Now, we know that system is using Amazon Web Services or also known as AWS.

Tools use:Ā Installing AWScli

We need to install AWScli in order to play with the machine.

We will execute the commandĀ sudo apt update && apt install awscli

AWS Configurations

Now we can try to gain access to the machine via reverse shell.

Before we can get the reverse shell, it is required to setup the AWS configuration.

We donā€™t have to key-in the real key because this is for HTB room purposes.

We can run the commandĀ aws dynamodb list-tables ā€“endpoint-url http://s3.bucket.htb

Oh, wait! We got an error with the command and we found out that the command will need to execute with root privilege.

Therefore, we need to know any available tables in the machine and we found nothing.

We donā€™t have any use for that information for now. But we will come back here when needed later on.

aws ā€“endpoint-url http://s3.bucket.htb. s3 ls

When we execute the commandĀ sudo aws ā€“endpoint-url http://s3.bucket.htb. s3 ls, we did notice that adserver directory is there for some reason.

Letā€™s check what has been stored in that directory by executingĀ sudo aws ā€“endpoint-url http://s3.bucket.htb. s3 ls s3://adserver

Thereā€™s a website file such as index.html stored in the directory. I have been thinking that maybe we can upload any file into the directory.

Letā€™s upload the PHP reverse shell inside.

I have modified the name of the file and we are set with the PHP reverse shell.

We have successfully uploaded the shell into the AWS environment.

Source: Read More

You may also like

Resolving cloudflare ?

Cloud Act Erodes Privacy – How to Protect Yourself

Google Cloud introduces an AI tool designed to help retailers keep track of their...

As the enterprise looks for an ‘evolved cloud’ state, price performance is critical

How CloudSaver is ‘cleaning up the cloud’ with new Tag Manager

Upbound seeks to capitalize on Kubernetes’ growing role as an operating system for the...

Leave a Comment

CyberNonStop

Cybernonstop is created to bring news and knowledge through articles to visitors.

Do not forget to subscribe.

  • 3033 Ogden Ave. Suite 113, Lisle IL USA
  • Email: nonstop@cybernonstop.com

About Links

Useful Links

Laest News

Source: the CEO of Clearco, which offers capital to e-commerce firms for a cut of future revenue, resigns as growth at the well-funded startup grinds to a halt (Jon Victor/The Information)
How McLaren leverages data for both its F1 and esport teams
Data You Trust, Compliance You Can Trust Blog by anecdotes
Kaspersky finds negligence towards work devices protections and difficulties in matching empathy with cyber vigilance

@2021 – All Right Reserved. Designed and Developed by PenciDesign

Facebook Twitter Instagram Linkedin Youtube Email
Close