Advertisement
joemccray

HCA Cloud Security

Mar 2nd, 2020
1,429
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Login to this page:
  2. https://786199696183.signin.aws.amazon.com/console
  3.  
  4.  
  5. Use one of these usernames:
  6. ---------------------------
  7. hca_student001
  8. hca_student002
  9. hca_student003
  10. hca_student004
  11. hca_student005
  12. hca_student006
  13. hca_student007
  14. hca_student008
  15. hca_student009
  16. hca_student010
  17. hca_student011
  18. hca_student012
  19. hca_student013
  20. hca_student014
  21. hca_student015
  22. hca_student016
  23. hca_student017
  24. hca_student018
  25. hca_student019
  26. hca_student020
  27.  
  28.  
  29.  
  30.  
  31. #####################################
  32. --------######## # Day 1: AWS Intro & Pentesting AWS # ########--------
  33. #####################################
  34.  
  35.  
  36. ###################
  37. # Getting Started #
  38. ###################
  39. https://portal.aws.amazon.com/billing/signup#/start
  40. - Create an account
  41. - Enter valid credit card (expect today and tomorrow to be FREE, but a valid credit card is required)
  42.  
  43.  
  44.  
  45. -- Let's look at the FREE stuff --
  46. https://aws.amazon.com/free/
  47.  
  48.  
  49.  
  50. -- Let's spin up an instance in EC2 --
  51. https://console.aws.amazon.com/
  52.  
  53. Task 1: Spin up a Linux instance
  54. - SSH setup with putty
  55. - delete the instance
  56.  
  57. Task 2: Spin up a Windows instance
  58. - delete the instance
  59.  
  60.  
  61. -- Let's build a web app --
  62. https://us-west-1.console.aws.amazon.com/elasticbeanstalk/home?region=us-west-1#/gettingStarted
  63.  
  64. - Step 1: You can use this application:
  65. https://infosecaddicts-files.s3.amazonaws.com/AWS-Course/0-aws-first-nodejs-app.zip
  66. - Step 2
  67. - Step 3
  68. - Step 4
  69. - Step 5
  70. - Step 6
  71. **** about 6 min ****
  72.  
  73.  
  74. --- It's broke ---
  75. -- says degraded --
  76.  
  77. - Click "Configuration", then "Software/modify"
  78. - In the "Node command" field type: npm start, at the bottom of the screen click "Apply"
  79. **** about 2 min ****
  80.  
  81. Reference:
  82. https://javascript.tutorialhorizon.com/2015/08/11/what-does-npm-start-do-in-nodejs/
  83.  
  84.  
  85.  
  86. --- Look in EC2 ---
  87. https://us-west-1.console.aws.amazon.com/ec2/v2/home?region=us-west-1#Instances:sort=instanceId
  88.  
  89. --- Back to Beanstalk ---
  90. https://us-west-1.console.aws.amazon.com/elasticbeanstalk/home?region=us-west-1#/applications
  91. - Step 1: Delete the app
  92. - Step 2
  93.  
  94.  
  95. #################
  96. # AWS IAM Intro #
  97. #################
  98.  
  99. - Step 1: Create a group
  100. - Step 2: Create a user
  101. - Step 3: Enable MFA
  102. - Step 4: Apply IAM password policy
  103. - Step 5: Apply a policy
  104. - Step 6: Apply a role
  105.  
  106.  
  107. ##################################################
  108. # Try to install something a little more complex #
  109. ##################################################
  110. Deploy Wordpress using the following tutorial:
  111. https://www.essycode.com/posts/wordpress-and-elastic-beanstalk/
  112.  
  113.  
  114.  
  115. ########################
  116. # AWS Lambda functions #
  117. ########################
  118. --- Lambdas take 3 Arguments ---
  119.  
  120. Event = event data, request data, basically a trigger
  121. Context = Some additional info about what's going on and what to do
  122. Callback = let's lambda know we are done (error, success)
  123.  
  124.  
  125. def lambda_handler(event, context):
  126. # Do something
  127. print('received create event{}'.format(event))
  128. return ''
  129.  
  130.  
  131.  
  132.  
  133. #################
  134. # Setup AWS CLI #
  135. #################
  136.  
  137.  
  138. --- AWS CLI in Windows ---
  139. Reference: https://docs.aws.amazon.com/cli/latest/userguide/install-windows.html#install-msi-on-windows
  140.  
  141. 1. Download/install the aws cli msi file
  142. https://s3.amazonaws.com/aws-cli/AWSCLI64PY3.msi
  143.  
  144. -------------Type this--------------------
  145. C:\Users\SecureNinja>where aws
  146. C:\Program Files\Amazon\AWSCLI\bin\aws.exe
  147.  
  148. C:\Users\SecureNinja>aws --version
  149. aws-cli/1.16.139 Python/3.6.0 Windows/7 botocore/1.12.129
  150. ------------------------------------------
  151.  
  152.  
  153.  
  154. 2. Install Python3 and awscli
  155. -------------Type this--------------------
  156. C:\Users\SecureNinja>python --version
  157. Python 3.7.3
  158.  
  159. C:\Users\SecureNinja>pip3 --version
  160. pip 19.0.3 from c:\users\secureninja\appdata\local\programs\python\python37\lib\site-packages\pip (python 3.7)
  161.  
  162. C:\Users\SecureNinja>pip3 install awscli
  163. ------------------------------------------
  164.  
  165.  
  166.  
  167. 3. Configure awscli
  168. -------------Type this--------------------
  169. C:\Users\SecureNinja>aws configure
  170. AWS Access Key ID [None]: AKIAJWN4LNF7********
  171. AWS Secret Access Key [None]: fdbgAYf5SnmZ11YndhVQwRysljZCCyNH********
  172. Default region name [786199696183]: us-east-1
  173. Default output format [None]: json
  174. C:\Users\SecureNinja>aws s3 ls
  175. 2019-04-04 07:17:15 virtualmachines05
  176.  
  177. References:
  178. https://cloudacademy.com/blog/aws-cli-10-useful-commands/
  179.  
  180.  
  181.  
  182. #######################
  183. # Pentesting From AWS #
  184. #######################
  185. Deploy Kali Linux using the following tutorial:
  186. https://www.alienvault.com/blogs/security-essentials/configuring-kali-linux-on-amazon-aws-cloud-for-free
  187.  
  188. root@kali:/home/ec2-user# history
  189. sudo /bin/bash
  190. apt-get update
  191. apt-get install kali-linux-top10
  192. apt-get install -y xfce4 xfce4-goodies tightvncserver gnome-core kali-defaults kali-root-login desktop-base
  193. tightvncserver :1
  194. nmap localhost -p 5900-5901
  195.  
  196.  
  197. #################################
  198. # Building a pentest lab in AWS #
  199. #################################
  200. Here is some code to take a look at (it's old, but should give you an idea of where to start)
  201. https://github.com/averagesecurityguy/AWSlab
  202.  
  203. Although this is designed for OpenStack instead of AWS it should give you some ideas of what to do in your lab.
  204. https://github.com/Sliim/pentest-lab
  205.  
  206.  
  207.  
  208. ##################
  209. # Pentesting AWS #
  210. ##################
  211. https://www.slideshare.net/VengateshNagarajan/pentesting-cloud-environment
  212. https://www.slideshare.net/TeriRadichel/red-team-vs-blue-team-on-aws-rsa-2018
  213. https://www.slideshare.net/wojdwo/attacking-aws-the-full-cyber-kill-chain-144590283
  214.  
  215.  
  216. ############################
  217. # Practicing Attacking AWs #
  218. ############################
  219. https://github.com/RhinoSecurityLabs/cloudgoat
  220.  
  221. https://medium.com/@rzepsky/playing-with-cloudgoat-part-1-hacking-aws-ec2-service-for-privilege-escalation-4c42cc83f9da
  222. https://medium.com/@rzepsky/playing-with-cloudgoat-part-2-fooling-cloudtrail-and-getting-persistence-access-6a1257bb3f7c
  223. https://medium.com/@rzepsky/playing-with-cloudgoat-part-3-using-aws-lambda-for-privilege-escalation-and-exploring-a-lightsail-4a48688335fa
  224. https://medium.com/@rzepsky/playing-with-cloudgoat-part-4-security-nuances-of-aws-glue-codebuild-and-s3-services-cc67fb88cc46
  225. https://medium.com/@rzepsky/playing-with-cloudgoat-part-5-hacking-aws-with-pacu-6abe1cf5780d
  226.  
  227.  
  228. ##################################
  229. --------######## # Day 2: Preparing for AWS exams # ########--------
  230. ##################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement