Main Takeaway: Starting off as a low-privileged user, a misconfiguration in the Lambda service made lateral movement to a user with EC2 access ... Starting with no access to the AWS account, we compromise a webapp hosted in an EC2 instance by finding both an SSRF and ...
Hacking In The Cloud Cloudgoat 27739 -
Starting off as a low-privileged user, a misconfiguration in the Lambda service made lateral movement to a user with EC2 access ... Starting with no access to the AWS account, we compromise a webapp hosted in an EC2 instance by finding both an SSRF and ... We start off as a fairly high-privileged user who can perform multiple IAM and EC2 API calls.
Important details found
- Starting off as a low-privileged user, a misconfiguration in the Lambda service made lateral movement to a user with EC2 access ...
- Starting with no access to the AWS account, we compromise a webapp hosted in an EC2 instance by finding both an SSRF and ...
- We start off as a fairly high-privileged user who can perform multiple IAM and EC2 API calls.
- We start off as a low-privileged user who can perform IAM Get and IAM List on all resources.
Why this topic is useful
This topic is useful when readers need a quick overview first, then want to move into supporting details and related references.
Frequently Asked Questions
Why are related topics included?
Related topics help readers compare nearby references and understand the broader subject.
What is this page about?
This page summarizes Hacking In The Cloud Cloudgoat 27739 and connects it with related entries, references, and supporting context.
Is the information always complete?
Not always. Some topics may need verification from official or primary sources.
