A deep dive into AWS SSM Run Command shows that there are multiple documents attackers can use for executing code remotely on EC2 instances. In
Tag: post exploitation
EC2StepShell: A Tool for Getting Reverse Shells on Instances with Network Restrictions
A tool for getting reverse shells in EC2 instances where network communication to your host is restricted. In my last article, AWS ssm:SendCommand or network
AWS ssm:SendCommand or network agnostic built-in RCE as root
Post-exploitation in cloud can be fun and easy if you have the right permissions. There is no other permission that I would rather have than
Pivoting to internal network via non-interactive shell
During a recent penetration test we have experienced the situation where we’ve gained remote code execution with limited privileges to a web server and had
Security Café 