-
Pacu can be used to test an AWS account. Setup: Unauthorized enumeration Requires only an AWS access key and secret key. Enumerate roles. Create a list with possible roles to check. run iam__enum_roles --word-list /tmp/roles.txt --account-id $accountId Enumerate users which belong to a (previously found) role. Create also a list of possible user names. run iam__enum_users --word-list…
-
Initial (network) enumeration Check where a service is hosted by quering the nameserver records for our target domain: host -t ns $domain Get more information / confirmation via a whois query to one previously found domain. whois $previouslyFoundDomain Check where a host is running: host $domainhost $ipFromTheDomain Check more domains of this organisation / of…
-
Main concepts: Tenant The “space” which an organization “rents”. Has a name. Users Groups Applications Identity model Cloud only Accounts are only in foreign systems (“cloud”) Synchronized Accounts are created and managed on-premise and synchronized to foreign systems (“cloud”) Federated Accounts are created, managed and authentificated on-premise; foreign systems (“cloud”) are also checking againts a on-premise system.…