HackTricks CloudAWS - Lightsail Persistence
Reading time: 2 minutes
tip
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Lightsail
For more information check:
Download Instance SSH keys & DB passwords
They won't be changed probably so just having them is a good option for persistence
Backdoor Instances
An attacker could get access to the instances and backdoor them:
- Using a traditional rootkit for example
- Adding a new public SSH key
- Expose a port with port knocking with a backdoor
DNS persistence
If domains are configured:
- Create a subdomain pointing your IP so you will have a subdomain takeover
- Create SPF record allowing you to send emails from the domain
- Configure the main domain IP to your own one and perform a MitM from your IP to the legit ones
tip
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Support HackTricks
- Check the subscription plans!
- Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.