Enumeration

AWSCLI Configuration

We can configure Profile using awscli

aws configure --profile McDuck

Getting Basic Information

First Thing you need to do after setting the credentials is that you need to see your details and information

aws sts get-caller-identity --profile user1
aws iam get-user

List Groups 

aws --profile user4 iam list-groups-for-user --user-name r_waterhouse

List Policies

aws --profile user4 iam list-group-policies --group-name cg-developers

List Group Policy

aws --profile user4 iam get-group-policy --group-name cg-developers --policy-name developer_policy

S3 Buckets

List s3 Buckets

aws s3 ls --profile McDuck

Recursively Look at the S3 Buckets

We can recursively see the S3 Buckets

aws s3 ls s3://cg-keystore-s3-bucket-rce-webapp --recursive --profile McDuck

Download Files From S3 Buckets

aws s3 cp s3://cg-keystore-s3-bucket-rce-webapp/cloudgoat . --profile McDuck

Describe-Instances

aws ec2 describe-instances --profile McDuck

Describe DB Instances

aws rds describe-db-instances --region us-east-1

PreviousAttacking Office 365 & ExchangeNextSimplehelp CVE-2024-57727

Last updated