Skip to content

This Bash script allows you to interact with AWS Identity and Access Management (IAM) and EC2 services to check AWS credentials and permissions related to EC2 instances.

Notifications You must be signed in to change notification settings

im-hanzou/awskey-iam-privescheck

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 

Repository files navigation

AWS IAM Privescheck

This Bash script allows you to interact with AWS Identity and Access Management (IAM) and EC2 services to check AWS credentials and permissions related to EC2 instances. It provides the following functionalities:

  1. Use AWS Credentials: Set up your AWS credentials using aws configure.
  2. Check EC2 Permission: Determine whether you have permission to create EC2 instances.
  3. List Roles for EC2 Instances: View a list of IAM roles associated with EC2 instances.
  4. List Attached Policies: Retrieve attached IAM policies for a specified IAM role.

Prerequisites

Before using this script, make sure you have the following prerequisites installed:

  • AWS CLI : Ensure you have the AWS Command Line Interface installed and configured with your AWS credentials.
  • jq : This script utilizes jq to parse JSON output from AWS CLI commands. Please install it before running the script. Install jq on gitbash curl -L -o /usr/bin/jq.exe https://github.com/stedolan/jq/releases/latest/download/jq-win64.exe

Usage

To use the script, follow these steps:

  1. Clone this repository to your local machine:
  2. git clone https://github.com/im-hanzou/awskey-iam-privescheck.git
  3. Navigate to the script's directory:
  4. cd awskey-iam-privescheck
  5. Make the script executable:
  6. chmod +x awskey-privesc.sh
  7. Run the script:
  8. ./awskey-privesc.sh

Reference

Here is the reference and the next steps for exploitation.

  • https://infosecwriteups.com/exploiting-fine-grained-aws-iam-permissions-for-total-cloud-compromise-a-real-world-example-part-5a2f3de4be08
  • https://infosecwriteups.com/exploiting-aws-iam-permissions-for-total-cloud-compromise-a-real-world-example-part-2-2-f27e4b57454e
  • Disclaimer

    This script interacts with AWS services, and improper use can result in unintended consequences. Use it responsibly, and ensure that your AWS credentials have appropriate permissions for the actions you perform.

    About

    This Bash script allows you to interact with AWS Identity and Access Management (IAM) and EC2 services to check AWS credentials and permissions related to EC2 instances.

    Resources

    Stars

    Watchers

    Forks

    Releases

    No releases published

    Packages

    No packages published

    Languages