At a Glance: Starting with no access to the AWS account, we compromise a webapp hosted in an EC2 instance by finding both an SSRF and ... We start off as a fairly high-privileged user who can perform multiple IAM and EC2 API calls.
Hacking In The Cloud Cloudgoat Vulnerable Lambda -
Starting with no access to the AWS account, we compromise a webapp hosted in an EC2 instance by finding both an SSRF and ... We start off as a fairly high-privileged user who can perform multiple IAM and EC2 API calls. We start off as a low-privileged user who can perform IAM Get and IAM List on all resources.
Important details found
- Starting with no access to the AWS account, we compromise a webapp hosted in an EC2 instance by finding both an SSRF and ...
- We start off as a fairly high-privileged user who can perform multiple IAM and EC2 API calls.
- We start off as a low-privileged user who can perform IAM Get and IAM List on all resources.
- Resources: Enroll in my Courses (search for Tyler Ramsbey) Support me on Ko-Fi ...
Why this topic is useful
This topic is useful when readers need a quick overview first, then want to move into supporting details and related references.
Frequently Asked Questions
Why are related topics included?
Related topics help readers compare nearby references and understand the broader subject.
What is this page about?
This page summarizes Hacking In The Cloud Cloudgoat Vulnerable Lambda and connects it with related entries, references, and supporting context.
Is the information always complete?
Not always. Some topics may need verification from official or primary sources.
