all InfoSec news
AWS EC2 Auto Scaling Privilege Escalation
InfoSec Write-ups - Medium infosecwriteups.com
Introduction
This article is about a privilege escalation abusing AWS managed policies and default configurations.
IAM permission misconfigurations and privilege escalations on AWS have been thoroughly discussed in the past, especially from Rhino Security Labs and Bishop Fox, so at I created an AWS laboratory account to test old and new attacks on the AWS infrastructure, especially the IAM service.
While searching for strange permissions provided by Amazon managed policies and their combination it was found that the policy …
abusing account amazon article attacks auto aws bishop fox blue team cloud services default ec2 escalation fox iam infrastructure labs managed misconfigurations old permission permissions policies privesc privilege privilege escalation red team rhino scaling security service test