Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Creates an AWS IAM User from pwned AWS host #7604
Given a meterpreter session to an AWS instance having weak privs, do:
see loot, e.g., $ cat ~/.msf4/loot/20161121175902_default_18.104.22.168_AKIA_881948.txt
Overall this looks great so far. I've submitted godinezj#1 to address some minor cleanup/feedback I had. As indicated, please document how to use the module more clearly with regards to IAM. For example, for this to work out of the box, the victim EC2 instance must have an IAM role that has sufficient privileges. If an IAM role is not available, credentials may be inferred from the AWS metadata service. Lastly, explicit key/secret/token options can be provided. Add documentation around all 3 of these scenarios.
Sorry for the delays in testing. Had some other stuff come up and then had difficulty tracking down a proper account to test this from.