-
Notifications
You must be signed in to change notification settings - Fork 78
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #34 from teamssix/main
feat: add aliyun oss bucket readable scenario
- Loading branch information
Showing
8 changed files
with
198 additions
and
47 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
# Alibaba Cloud OSS Bucket Policy Readable Vulnerable Environment | ||
|
||
English | [中文](./README_CN.md) | ||
|
||
## Description | ||
|
||
This is a scenario used to build the Alibaba Cloud OSS bucket policy readable vulnerability environment. | ||
|
||
After building the environment with Terraform, Anyone can access the contents of the bucket policy. | ||
|
||
## Deployment Environment | ||
|
||
Execute the following command in the container | ||
|
||
```shell | ||
cd /TerraformGoat/aliyun/oss/bucket_policy_readable | ||
``` | ||
|
||
Configure Alibaba Cloud Access Credentials | ||
|
||
```shell | ||
aliyun configure | ||
``` | ||
|
||
> You can create and view your AccessKey on the [AccessKey page](https://ram.console.aliyun.com/manage/ak) of the Alibaba Cloud console | ||
Deploy Vulnerable Environment | ||
|
||
```shell | ||
terraform init | ||
terraform apply | ||
``` | ||
|
||
> When the terminal prompts `Enter a value:`, enter `yes` | ||
After the environment is set up, You can see the bucket url of the scenario at Outputs. | ||
|
||
## Vulnerability Utilization | ||
|
||
Access the bucket url to get the content of the bucket policy | ||
|
||
```shell | ||
https://huoxian-terraformgoat-bucket-xxx.oss-cn-beijing.aliyuncs.com/?policy | ||
``` | ||
|
||
![img](../../../images/1652866766.png) | ||
|
||
## Destroy the environment | ||
|
||
```shell | ||
terraform destroy | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
# 阿里云 OSS Bucket 策略公开可读漏洞环境 | ||
|
||
[English](./README.md) | 中文 | ||
|
||
## 描述信息 | ||
|
||
这是一个用于构建阿里云 OSS Bucket 策略公开可读漏洞环境的靶场。 | ||
|
||
使用 Terraform 构建环境后,任何人都可以直接访问到 Bucket 策略内容。 | ||
|
||
## 环境搭建 | ||
|
||
在容器中执行以下命令 | ||
|
||
```shell | ||
cd /TerraformGoat/aliyun/oss/bucket_policy_readable | ||
``` | ||
|
||
配置阿里云访问凭证 | ||
|
||
```shell | ||
aliyun configure | ||
``` | ||
|
||
> 在阿里云控制台的 [AccessKey 页面](https://ram.console.aliyun.com/manage/ak) 可以创建和查看您的 AccessKey | ||
部署靶场 | ||
|
||
```shell | ||
terraform init | ||
terraform apply | ||
``` | ||
|
||
> 在终端提示 `Enter a value:` 时,输入 `yes` 即可 | ||
环境搭建完后,在 Outputs 处可以看到 OSS 的 URL | ||
|
||
## 漏洞利用 | ||
|
||
访问 Outputs 中的 URL,可以直接访问到 Bucket 策略的内容 | ||
|
||
```shell | ||
https://huoxian-terraformgoat-bucket-xxx.oss-cn-beijing.aliyuncs.com/?policy | ||
``` | ||
|
||
![img](../../../images/1652866766.png) | ||
|
||
## 销毁环境 | ||
|
||
```shell | ||
terraform destroy | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
provider "alicloud" { | ||
profile = "default" | ||
region = "cn-beijing" | ||
} | ||
|
||
resource "alicloud_oss_bucket" "huoxian_terraformgoat_bucket" { | ||
acl = "private" | ||
force_destroy = true | ||
bucket = "huoxian-terraformgoat-bucket-${random_string.random_suffix.result}" | ||
policy = <<POLICY | ||
{ | ||
"Version": "1", | ||
"Statement": [{ | ||
"Effect": "Allow", | ||
"Action": [ | ||
"oss:GetBucketPolicy" | ||
], | ||
"Principal": [ | ||
"*" | ||
], | ||
"Resource": [ | ||
"acs:oss:*:*:*" | ||
] | ||
}] | ||
} | ||
POLICY | ||
} | ||
|
||
resource "random_string" "random_suffix" { | ||
length = 5 | ||
special = false | ||
upper = false | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
output "aliyun_oss_url" { | ||
description = "aliyun oss url" | ||
value = "https://${alicloud_oss_bucket.huoxian_terraformgoat_bucket.bucket}.oss-cn-beijing.aliyuncs.com/?policy" | ||
} |
Oops, something went wrong.