AWS - SQS Post Exploitation

Reading time: 3 minutes

tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

SQS

For more information check:

AWS - SQS Enum

`sqs:SendMessage` , `sqs:SendMessageBatch`

An attacker could send malicious or unwanted messages to the SQS queue, potentially causing data corruption, triggering unintended actions, or exhausting resources.

bash

aws sqs send-message --queue-url <value> --message-body <value>
aws sqs send-message-batch --queue-url <value> --entries <value>

Potential Impact: Vulnerability exploitation, Data corruption, unintended actions, or resource exhaustion.

`sqs:ReceiveMessage`, `sqs:DeleteMessage`, `sqs:ChangeMessageVisibility`

An attacker could receive, delete, or modify the visibility of messages in an SQS queue, causing message loss, data corruption, or service disruption for applications relying on those messages.

bash

aws sqs receive-message --queue-url <value>
aws sqs delete-message --queue-url <value> --receipt-handle <value>
aws sqs change-message-visibility --queue-url <value> --receipt-handle <value> --visibility-timeout <value>

Potential Impact: Steal sensitive information, Message loss, data corruption, and service disruption for applications relying on the affected messages.

`sqs:DeleteQueue`

An attacker could delete an entire SQS queue, causing message loss and impacting applications relying on the queue.

arduino

Copy codeaws sqs delete-queue --queue-url <value>

Potential Impact: Message loss and service disruption for applications using the deleted queue.

`sqs:PurgeQueue`

An attacker could purge all messages from an SQS queue, leading to message loss and potential disruption of applications relying on those messages.

arduino

Copy codeaws sqs purge-queue --queue-url <value>

Potential Impact: Message loss and service disruption for applications relying on the purged messages.

`sqs:SetQueueAttributes`

An attacker could modify the attributes of an SQS queue, potentially affecting its performance, security, or availability.

arduino

aws sqs set-queue-attributes --queue-url <value> --attributes <value>

Potential Impact: Misconfigurations leading to degraded performance, security issues, or reduced availability.

`sqs:TagQueue` , `sqs:UntagQueue`

An attacker could add, modify, or remove tags from SQS resources, disrupting your organization's cost allocation, resource tracking, and access control policies based on tags.

bash

aws sqs tag-queue --queue-url <value> --tags Key=<key>,Value=<value>
aws sqs untag-queue --queue-url <value> --tag-keys <key>

Potential Impact: Disruption of cost allocation, resource tracking, and tag-based access control policies.

An attacker could revoke permissions for legitimate users or services by removing policies associated with the SQS queue. This could lead to disruptions in the normal functioning of applications that rely on the queue.

arduino

arduinoCopy codeaws sqs remove-permission --queue-url <value> --label <value>

Potential Impact: Disruption of normal functioning for applications relying on the queue due to unauthorized removal of permissions.

tip

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

HackTricks Cloud