View difference between Paste ID: 9BWmeeqg and mJjt1BDW
SHOW: | | - or go back to the newest paste.
1
Login to this page:
2
https://786199696183.signin.aws.amazon.com/console
3
 
4
 
5
Use one of these usernames:
6
---------------------------
7
hca_student001
8
hca_student002
9
hca_student003
10-
    - Create an account
10+
hca_student004
11-
    - Enter valid credit card (expect today and tomorrow to be FREE, but a valid credit card is required)
11+
hca_student005
12
hca_student006
13
hca_student007
14
hca_student008
15
hca_student009
16
hca_student010
17
hca_student011
18
hca_student012
19
hca_student013
20
hca_student014
21
hca_student015
22
hca_student016
23-
    Task 1: Spin up a Linux instance
23+
hca_student017
24-
    - SSH setup with putty
24+
hca_student018
25-
    - delete the instance  
25+
hca_student019
26
hca_student020
27-
    Task 2: Spin up a Windows instance
27+
28-
    - delete the instance
28+
29
30
31
                 #####################################
32-
    https://us-west-1.console.aws.amazon.com/elasticbeanstalk/home?region=us-west-1#/gettingStarted
32+
33
                 #####################################
34-
    - Step 1: You can use this application:
34+
35-
    https://infosecaddicts-files.s3.amazonaws.com/AWS-Course/0-aws-first-nodejs-app.zip
35+
36-
    - Step 2
36+
37-
    - Step 3
37+
38-
    - Step 4
38+
39-
    - Step 5
39+
40-
    - Step 6
40+
	- Create an account
41-
    **** about 6 min ****
41+
	- Enter valid credit card (expect today and tomorrow to be FREE, but a valid credit card is required)
42
43
44
45-
    -- says degraded --
45+
46
https://aws.amazon.com/free/
47-
    - Click "Configuration", then "Software/modify"
47+
48-
    - In the "Node command" field type: npm start, at the bottom of the screen click "Apply"
48+
49-
    **** about 2 min ****
49+
50
-- Let's spin up an instance in EC2 --
51-
    Reference:
51+
52-
    https://javascript.tutorialhorizon.com/2015/08/11/what-does-npm-start-do-in-nodejs/
52+
53
	Task 1: Spin up a Linux instance
54
	- SSH setup with putty
55
	- delete the instance	
56
57
	Task 2: Spin up a Windows instance
58
	- delete the instance
59
60
61-
    - Step 1: Delete the app
61+
62-
    - Step 2
62+
	https://us-west-1.console.aws.amazon.com/elasticbeanstalk/home?region=us-west-1#/gettingStarted
63
64
	- Step 1: You can use this application: 
65
	https://infosecaddicts-files.s3.amazonaws.com/AWS-Course/0-aws-first-nodejs-app.zip
66
	- Step 2
67
	- Step 3
68
	- Step 4
69-
    - Step 1: Create a group
69+
	- Step 5
70-
    - Step 2: Create a user
70+
	- Step 6
71-
    - Step 3: Enable MFA
71+
	**** about 6 min ****
72-
    - Step 4: Apply IAM password policy
72+
73-
    - Step 5: Apply a policy
73+
74-
    - Step 6: Apply a role
74+
75
	-- says degraded --
76
77
	- Click "Configuration", then "Software/modify"
78
	- In the "Node command" field type: npm start, at the bottom of the screen click "Apply"
79
	**** about 2 min ****
80
81
	Reference:
82
	https://javascript.tutorialhorizon.com/2015/08/11/what-does-npm-start-do-in-nodejs/
83
84
85
86
--- Look in EC2 ---
87
https://us-west-1.console.aws.amazon.com/ec2/v2/home?region=us-west-1#Instances:sort=instanceId
88
89
--- Back to Beanstalk ---
90-
Event       = event data, request data, basically a trigger
90+
91-
Context     = Some additional info about what's going on and what to do
91+
	- Step 1: Delete the app
92-
Callback    = let's lambda know we are done (error, success)
92+
	- Step 2
93
94
95
#################
96-
    # Do something
96+
97-
    print('received create event{}'.format(event))
97+
98-
    return ''
98+
99
	- Step 1: Create a group
100
	- Step 2: Create a user
101
	- Step 3: Enable MFA
102
	- Step 4: Apply IAM password policy
103
	- Step 5: Apply a policy
104
	- Step 6: Apply a role
105
106
107
##################################################
108
# Try to install something a little more complex #
109
##################################################
110
Deploy Wordpress using the following tutorial:
111
https://www.essycode.com/posts/wordpress-and-elastic-beanstalk/
112
113
114
115
########################
116
# AWS Lambda functions #
117
########################
118
--- Lambdas take 3 Arguments ---
119
120
Event		= event data, request data, basically a trigger
121
Context		= Some additional info about what's going on and what to do
122
Callback	= let's lambda know we are done (error, success)
123
124
125
def lambda_handler(event, context):
126
	# Do something
127
	print('received create event{}'.format(event))
128
	return ''
129
130
131
132
133
#################
134
# Setup AWS CLI #
135
#################
136
137
138
--- AWS CLI in Windows ---
139
Reference: https://docs.aws.amazon.com/cli/latest/userguide/install-windows.html#install-msi-on-windows
140
141
1. Download/install the aws cli msi file
142
https://s3.amazonaws.com/aws-cli/AWSCLI64PY3.msi
143
144
-------------Type this--------------------
145
C:\Users\SecureNinja>where aws
146
C:\Program Files\Amazon\AWSCLI\bin\aws.exe
147
148
C:\Users\SecureNinja>aws --version
149
aws-cli/1.16.139 Python/3.6.0 Windows/7 botocore/1.12.129
150
------------------------------------------
151
152
153
154
2. Install Python3 and awscli
155
-------------Type this--------------------
156
C:\Users\SecureNinja>python --version
157
Python 3.7.3
158
159
C:\Users\SecureNinja>pip3 --version
160
pip 19.0.3 from c:\users\secureninja\appdata\local\programs\python\python37\lib\site-packages\pip (python 3.7)
161
162
C:\Users\SecureNinja>pip3 install awscli
163
------------------------------------------
164
165
166
167
3. Configure awscli
168
-------------Type this--------------------
169
C:\Users\SecureNinja>aws configure
170
AWS Access Key ID [None]: AKIAJWN4LNF7********
171
AWS Secret Access Key [None]: fdbgAYf5SnmZ11YndhVQwRysljZCCyNH********
172
Default region name [786199696183]: us-east-1
173
Default output format [None]: json
174
C:\Users\SecureNinja>aws s3 ls
175
2019-04-04 07:17:15 virtualmachines05
176
177
References:
178
https://cloudacademy.com/blog/aws-cli-10-useful-commands/
179
180
181
182
#######################
183
# Pentesting From AWS #
184
#######################
185
Deploy Kali Linux using the following tutorial:
186
https://www.alienvault.com/blogs/security-essentials/configuring-kali-linux-on-amazon-aws-cloud-for-free
187
188
root@kali:/home/ec2-user# history
189
sudo /bin/bash
190
apt-get update
191
apt-get install kali-linux-top10
192
apt-get install -y xfce4 xfce4-goodies tightvncserver gnome-core kali-defaults kali-root-login desktop-base
193
tightvncserver :1
194
nmap localhost -p 5900-5901
195
196
197
#################################
198
# Building a pentest lab in AWS #
199
#################################
200
Here is some code to take a look at (it's old, but should give you an idea of where to start)
201
https://github.com/averagesecurityguy/AWSlab
202
203
Although this is designed for OpenStack instead of AWS it should give you some ideas of what to do in your lab.
204
https://github.com/Sliim/pentest-lab
205
206
207-
###########
207+
208-
# Task 1: #
208+
209-
###########
209+
210
##################
211-
  #######################
211+
212-
  # 1) Deploy cloudgoat #
212+
213-
  #######################
213+
214
215-
   ---step 1: create linux instance---
215+
216-
	Ubuntu Server 18.04 LTS (HVM), SSD Volume Type - ami-0fc20dd1da406780b (64-bit x86) / ami-0959e8feedaf156bf (64-bit Arm)
216+
217-
	(https://us-east-2.console.aws.amazon.com/ec2/v2/home?region=us-east-2#LaunchInstanceWizard:)
217+
218
############################
219-
   ---step 2: login server via ssh---
219+
220-
	ip addr: 18.189.31.144
220+
221-
	pem = aws-security-train.pem
221+
222-
	username= ubuntu
222+
223
https://medium.com/@rzepsky/playing-with-cloudgoat-part-3-using-aws-lambda-for-privilege-escalation-and-exploring-a-lightsail-4a48688335fa
224-
   ---step 3: initialize---
224+
225-
        -------------Type this--------------------
225+
226-
	sudo su
226+
227-
	apt-get update
227+
228-
	
228+
229-
	- install unzip
229+
230-
         -------------Type this--------------------
230+
                 ##################################