HackTricks CloudAWS - Lightsail Persistence
Tip
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking:HackTricks Training GCP Red Team Expert (GRTE)
Learn & practice Az Hacking:HackTricks Training Azure Red Team Expert (AzRTE)
Support HackTricks
- Check the subscription plans!
- Join the π¬ Discord group or the telegram group or follow us on Twitter π¦ @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Lightsail
For more information check:
Download Instance SSH keys & DB passwords
They wonβt be changed probably so just having them is a good option for persistence
Backdoor Instances
An attacker could get access to the instances and backdoor them:
- Using a traditional rootkit for example
- Adding a new public SSH key
- Expose a port with port knocking with a backdoor
DNS persistence
If domains are configured:
- Create a subdomain pointing your IP so you will have a subdomain takeover
- Create SPF record allowing you to send emails from the domain
- Configure the main domain IP to your own one and perform a MitM from your IP to the legit ones
Tip
Learn & practice AWS Hacking:
Learn & practice GCP Hacking:
Learn & practice Az Hacking:Support HackTricks
- Check the subscription plans!
- Join the π¬ Discord group or the telegram group or follow us on Twitter π¦ @hacktricks_live.
- Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.