Я попал на авс ,мне доступно много айпи ec2 lambda iam ,но они все только выводят инфу,то есть я могу смотреть политики, юзеров ,инстансы(не метадату),но не могу например задеплоить инстанс .Также пользователя которого вывело aws sts get-caller-identity нет в списке который вывело aws iam list roles.использовать aws sts assume-role не получается (permission denied).Подскажите пж,в какую сторону копать,и есть ли вообще в таком случае шанс добраться до чего-нибудь интересного.
-
XSS.stack #1 – первый литературный журнал от юзеров форума
aws
- Автор темы CCod
- Дата начала
- Автор темы
- Добавить закладку
- #2
Доступные айпи:
autoscaling describe-adjustment-types
autoscaling describe-account-limits
autoscaling describe-auto-scaling-groups
autoscaling describe-auto-scaling-instances
autoscaling describe-policies
autoscaling describe-scaling-process-types
autoscaling describe-auto-scaling-notification-types
autoscaling describe-scheduled-actions
autoscaling describe-termination-policy-types
autoscaling describe-tags
autoscaling describe-launch-configurations
autoscaling describe-lifecycle-hook-types
autoscaling describe-metric-collection-types
autoscaling describe-notification-configurations
autoscaling describe-scaling-activities
cloudformation describe-stacks
cloudwatch describe-alarms
cloudwatch describe-alarm-history
cloudwatch describe-anomaly-detectors
cloudwatch describe-insight-rules
cloudwatch list-metric-streams
cloudwatch list-dashboards
cloudwatch list-metrics
dynamodb describe-endpoints
ec2 describe-addresses
ec2 describe-addresses-attribute
ec2 describe-capacity-reservation-fleets
ec2 describe-account-attributes
ec2 describe-bundle-tasks
ec2 describe-coip-pools
ec2 describe-client-vpn-endpoints
ec2 describe-conversion-tasks
ec2 describe-customer-gateways
ec2 describe-capacity-reservations
ec2 describe-egress-only-internet-gateways
ec2 describe-export-image-tasks
ec2 describe-export-tasks
ec2 describe-fast-launch-images
ec2 describe-fast-snapshot-restores
ec2 describe-flow-logs
ec2 describe-fpga-images
ec2 describe-host-reservations
ec2 describe-hosts
ec2 describe-import-snapshot-tasks
ec2 describe-import-image-tasks
ec2 describe-instance-credit-specifications
ec2 describe-instance-event-notification-attributes
ec2 describe-instance-event-windows
ec2 describe-instance-status
ec2 describe-internet-gateways
ec2 describe-fleets
ec2 describe-dhcp-options
ec2 describe-ipam-scopes
ec2 describe-ipams
ec2 describe-key-pairs
ec2 describe-iam-instance-profile-associations
ec2 describe-launch-templates
ec2 describe-local-gateway-route-table-vpc-associations
ec2 describe-local-gateway-route-table-virtual-interface-group-associations
ec2 describe-local-gateway-route-tables
ec2 describe-local-gateway-virtual-interface-groups
ec2 describe-local-gateway-virtual-interfaces
ec2 describe-managed-prefix-lists
ec2 describe-nat-gateways
ec2 describe-network-acls
ec2 describe-network-insights-access-scope-analyses
ec2 describe-network-insights-access-scopes
ec2 describe-ipam-pools
ec2 describe-network-interface-permissions
ec2 describe-ipv6-pools
ec2 describe-network-insights-paths
ec2 describe-placement-groups
ec2 describe-prefix-lists
ec2 describe-reserved-instances
ec2 describe-public-ipv4-pools
ec2 describe-reserved-instances-modifications
ec2 describe-local-gateways
ec2 describe-route-tables
ec2 describe-snapshots
ec2 describe-store-image-tasks
ec2 describe-replace-root-volume-tasks
ec2 describe-subnets
ec2 describe-tags
ec2 describe-network-interfaces
ec2 describe-instances
ec2 describe-snapshot-tier-status
ec2 describe-spot-fleet-requests
ec2 describe-traffic-mirror-filters
ec2 describe-traffic-mirror-sessions
ec2 describe-spot-instance-requests
ec2 describe-traffic-mirror-targets
ec2 describe-security-group-rules
ec2 describe-transit-gateway-attachments
ec2 describe-transit-gateway-connects
ec2 describe-transit-gateway-connect-peers
ec2 describe-transit-gateway-peering-attachments
ec2 describe-transit-gateway-multicast-domains
ec2 describe-transit-gateway-policy-tables
ec2 describe-transit-gateway-route-table-announcements
ec2 describe-transit-gateway-vpc-attachments
ec2 describe-transit-gateway-route-tables
ec2 describe-transit-gateways
ec2 describe-network-insights-analyses
ec2 describe-volumes-modifications
ec2 describe-vpc-endpoint-connection-notifications
ec2 describe-vpc-endpoint-connections
ec2 describe-vpc-endpoints
ec2 describe-vpc-peering-connections
ec2 describe-volume-status
ec2 describe-vpn-gateways
ec2 get-ebs-default-kms-key-id
ec2 describe-volumes
ec2 get-ebs-encryption-by-default
ec2 get-serial-console-access-status
ec2 list-images-in-recycle-bin
ec2 describe-vpc-endpoint-service-configurations
ec2 describe-vpn-connections
ec2 describe-vpcs
ec2 list-snapshots-in-recycle-bin
ec2 describe-security-groups
elasticbeanstalk describe-applications
elasticbeanstalk describe-application-versions
elasticbeanstalk describe-environments
elasticbeanstalk describe-events
elb describe-account-limits
elb describe-load-balancers
elbv2 describe-load-balancers
elbv2 describe-account-limits
elbv2 describe-target-groups
elbv2 describe-ssl-policies
elb describe-load-balancer-policies
iam list-roles
kinesis-video-archived-media get-dash-streaming-session-url
kinesis-video-archived-media get-hls-streaming-session-url
kinesis-video-archived-media list-fragments
kms list-aliases
lambda list-event-source-mappings
lambda get-account-settings
lambda list-code-signing-configs
lambda list-layers
lambda list-functions
logs describe-log-groups
resourcegroupstaggingapi get-resources
route53 get-geo-location
stepfunctions list-state-machines
sts get-caller-identity
sts get-session-token
iam get-role
ec2 get-password-data
iam get-role
iam list-attached-role-policies
iam list-role-policies
iam list-attached-role-policies
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
iam get-role
iam get-policy
iam get-role-policy
iam get-policy-version
autoscaling describe-adjustment-types
autoscaling describe-account-limits
autoscaling describe-auto-scaling-groups
autoscaling describe-auto-scaling-instances
autoscaling describe-policies
autoscaling describe-scaling-process-types
autoscaling describe-auto-scaling-notification-types
autoscaling describe-scheduled-actions
autoscaling describe-termination-policy-types
autoscaling describe-tags
autoscaling describe-launch-configurations
autoscaling describe-lifecycle-hook-types
autoscaling describe-metric-collection-types
autoscaling describe-notification-configurations
autoscaling describe-scaling-activities
cloudformation describe-stacks
cloudwatch describe-alarms
cloudwatch describe-alarm-history
cloudwatch describe-anomaly-detectors
cloudwatch describe-insight-rules
cloudwatch list-metric-streams
cloudwatch list-dashboards
cloudwatch list-metrics
dynamodb describe-endpoints
ec2 describe-addresses
ec2 describe-addresses-attribute
ec2 describe-capacity-reservation-fleets
ec2 describe-account-attributes
ec2 describe-bundle-tasks
ec2 describe-coip-pools
ec2 describe-client-vpn-endpoints
ec2 describe-conversion-tasks
ec2 describe-customer-gateways
ec2 describe-capacity-reservations
ec2 describe-egress-only-internet-gateways
ec2 describe-export-image-tasks
ec2 describe-export-tasks
ec2 describe-fast-launch-images
ec2 describe-fast-snapshot-restores
ec2 describe-flow-logs
ec2 describe-fpga-images
ec2 describe-host-reservations
ec2 describe-hosts
ec2 describe-import-snapshot-tasks
ec2 describe-import-image-tasks
ec2 describe-instance-credit-specifications
ec2 describe-instance-event-notification-attributes
ec2 describe-instance-event-windows
ec2 describe-instance-status
ec2 describe-internet-gateways
ec2 describe-fleets
ec2 describe-dhcp-options
ec2 describe-ipam-scopes
ec2 describe-ipams
ec2 describe-key-pairs
ec2 describe-iam-instance-profile-associations
ec2 describe-launch-templates
ec2 describe-local-gateway-route-table-vpc-associations
ec2 describe-local-gateway-route-table-virtual-interface-group-associations
ec2 describe-local-gateway-route-tables
ec2 describe-local-gateway-virtual-interface-groups
ec2 describe-local-gateway-virtual-interfaces
ec2 describe-managed-prefix-lists
ec2 describe-nat-gateways
ec2 describe-network-acls
ec2 describe-network-insights-access-scope-analyses
ec2 describe-network-insights-access-scopes
ec2 describe-ipam-pools
ec2 describe-network-interface-permissions
ec2 describe-ipv6-pools
ec2 describe-network-insights-paths
ec2 describe-placement-groups
ec2 describe-prefix-lists
ec2 describe-reserved-instances
ec2 describe-public-ipv4-pools
ec2 describe-reserved-instances-modifications
ec2 describe-local-gateways
ec2 describe-route-tables
ec2 describe-snapshots
ec2 describe-store-image-tasks
ec2 describe-replace-root-volume-tasks
ec2 describe-subnets
ec2 describe-tags
ec2 describe-network-interfaces
ec2 describe-instances
ec2 describe-snapshot-tier-status
ec2 describe-spot-fleet-requests
ec2 describe-traffic-mirror-filters
ec2 describe-traffic-mirror-sessions
ec2 describe-spot-instance-requests
ec2 describe-traffic-mirror-targets
ec2 describe-security-group-rules
ec2 describe-transit-gateway-attachments
ec2 describe-transit-gateway-connects
ec2 describe-transit-gateway-connect-peers
ec2 describe-transit-gateway-peering-attachments
ec2 describe-transit-gateway-multicast-domains
ec2 describe-transit-gateway-policy-tables
ec2 describe-transit-gateway-route-table-announcements
ec2 describe-transit-gateway-vpc-attachments
ec2 describe-transit-gateway-route-tables
ec2 describe-transit-gateways
ec2 describe-network-insights-analyses
ec2 describe-volumes-modifications
ec2 describe-vpc-endpoint-connection-notifications
ec2 describe-vpc-endpoint-connections
ec2 describe-vpc-endpoints
ec2 describe-vpc-peering-connections
ec2 describe-volume-status
ec2 describe-vpn-gateways
ec2 get-ebs-default-kms-key-id
ec2 describe-volumes
ec2 get-ebs-encryption-by-default
ec2 get-serial-console-access-status
ec2 list-images-in-recycle-bin
ec2 describe-vpc-endpoint-service-configurations
ec2 describe-vpn-connections
ec2 describe-vpcs
ec2 list-snapshots-in-recycle-bin
ec2 describe-security-groups
elasticbeanstalk describe-applications
elasticbeanstalk describe-application-versions
elasticbeanstalk describe-environments
elasticbeanstalk describe-events
elb describe-account-limits
elb describe-load-balancers
elbv2 describe-load-balancers
elbv2 describe-account-limits
elbv2 describe-target-groups
elbv2 describe-ssl-policies
elb describe-load-balancer-policies
iam list-roles
kinesis-video-archived-media get-dash-streaming-session-url
kinesis-video-archived-media get-hls-streaming-session-url
kinesis-video-archived-media list-fragments
kms list-aliases
lambda list-event-source-mappings
lambda get-account-settings
lambda list-code-signing-configs
lambda list-layers
lambda list-functions
logs describe-log-groups
resourcegroupstaggingapi get-resources
route53 get-geo-location
stepfunctions list-state-machines
sts get-caller-identity
sts get-session-token
iam get-role
ec2 get-password-data
iam get-role
iam list-attached-role-policies
iam list-role-policies
iam list-attached-role-policies
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
lambda get-function
iam get-role
iam get-policy
iam get-role-policy
iam get-policy-version