HackTricks CloudAWS - Codebuild Uorodheshaji
Tip
Jifunze na ufanye mazoezi ya AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na ufanye mazoezi ya GCP Hacking:HackTricks Training GCP Red Team Expert (GRTE)
Jifunze na ufanye mazoezi ya Az Hacking:HackTricks Training Azure Red Team Expert (AzRTE)
Saidia HackTricks
- Angalia the subscription plans!
- Jiunge na 💬 Discord group au the telegram group au utufuate kwenye Twitter 🐦 @hacktricks_live.
- Shiriki hacking tricks kwa kutuma PRs kwa HackTricks and HackTricks Cloud github repos.
CodeBuild
AWS CodeBuild inatambulika kama huduma iliyosimamiwa kikamilifu ya continuous integration. Madhumuni yake kuu ni kuendesha kwa otomatiki mfululizo wa kukusanya msimbo wa chanzo, kuendesha majaribio, na kuandaa programu katika vifurushi kwa ajili ya deployment. Faida kuu ya CodeBuild ni kuondoa haja ya watumiaji kuanzisha, kusimamia, na kupanua servers za build, kwa sababu huduma yenyewe ndiyo inayosimamia haya yote. Sifa muhimu za AWS CodeBuild ni pamoja na:
- Managed Service: CodeBuild inasimamia na kupanua build servers, ikiacha watumiaji bila kazi ya matengenezo ya server.
- Continuous Integration: Inajiunganisha na mtiririko wa maendeleo na deployment, ikiautomatiki hatua za build na test za mchakato wa utoaji wa programu.
- Package Production: Baada ya hatua za build na test, inatayarisha vifurushi vya programu, ikivifanya kuwa tayari kwa deployment.
AWS CodeBuild inashirikiana kwa urahisi na huduma nyingine za AWS, ikiboresha ufanisi na uaminifu wa pipeline ya CI/CD (Continuous Integration/Continuous Deployment).
Github/Gitlab/Bitbucket Cheti
Cheti za chanzo za chaguo-msingi
Hii ni chaguo la jadi ambapo inawezekana kusanidi aina fulani ya ufikiaji (kama Github token au app) ambao utaoshirikiwa kati ya miradi ya CodeBuild ili miradi yote iweze kutumia seti hii ya cheti iliyosanidiwa.
Cheti yaliyohifadhiwa (tokens, nywila…) yanadhibitiwa na CodeBuild na hakuna njia ya umma ya kuyapata kupitia AWS APIs.
Cheti cha chanzo maalum
Kulingana na jukwaa la repository (Github, Gitlab na Bitbucket) zinazotolewa ni chaguzi tofauti. Lakini kwa ujumla, chaguo lolote linalotaka kuhifadhi token au nywila litahifadhiwa kama siri katika secrets manager.
Hii inaruhusu miradi tofauti ya CodeBuild kutumia ufikiaji tofauti uliosanidiwa kwa watoaji badala ya kutumia tu ile chaguo-msingi iliyosanidiwa.
Uorodheshaji
# List external repo creds (such as github tokens)
## It doesn't return the token but just the ARN where it's located
aws codebuild list-source-credentials
# Projects
aws codebuild list-shared-projects
aws codebuild list-projects
aws codebuild batch-get-projects --names <project_name> # Check for creds in env vars
# Builds
aws codebuild list-builds
aws codebuild list-builds-for-project --project-name <p_name>
aws codebuild list-build-batches
aws codebuild list-build-batches-for-project --project-name <p_name>
# Reports
aws codebuild list-reports
aws codebuild describe-test-cases --report-arn <ARN>
Tip
Ikiwa una
codebuild:StartBuild, kumbuka mara nyingi unaweza ku-override env vars wakati wa build (--environment-variables-override). Hii inaweza kutosha kwa baadhi ya attacks hata bilaUpdateProjectaubuildspecoverrides (kwa mfano: redirecting artifact/upload buckets ili exfiltrate secrets, au abusing language/runtime env vars kutekeleza commands).
Privesc
Kwenye ukurasa ufuatao, unaweza kuona jinsi ya abuse codebuild permissions to escalate privileges:
Post Exploitation
AWS - CodeBuild Post Exploitation
Ufikiaji Bila Uthibitisho
AWS - CodeBuild Unauthenticated Access
Marejeo
Tip
Jifunze na ufanye mazoezi ya AWS Hacking:
Jifunze na ufanye mazoezi ya GCP Hacking:
Jifunze na ufanye mazoezi ya Az Hacking:Saidia HackTricks
- Angalia the subscription plans!
- Jiunge na 💬 Discord group au the telegram group au utufuate kwenye Twitter 🐦 @hacktricks_live.
- Shiriki hacking tricks kwa kutuma PRs kwa HackTricks and HackTricks Cloud github repos.