diff --git a/.gitbook/assets/telegram-cloud-photo-size-4-5920521132757336440-y.jpg b/.gitbook/assets/telegram-cloud-photo-size-4-5920521132757336440-y.jpg new file mode 100644 index 0000000000..f8d42cbb30 Binary files /dev/null and b/.gitbook/assets/telegram-cloud-photo-size-4-5920521132757336440-y.jpg differ diff --git a/pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.md b/pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.md index 9ca95356aa..bf7b01b4ee 100644 --- a/pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.md +++ b/pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.md @@ -23,6 +23,19 @@ For more information about this AWS service, check: [aws-stepfunctions-enum.md](../aws-services/aws-stepfunctions-enum.md) {% endcontent-ref %} +### Task Resources + +These privilege escalation techniques are going to require to use some AWS step function resources in order to perform the desired privilege escalation actions. + +In order to check all the possible actions, you could go to your own AWS account select the action you would like to use and see the parameters it's using, like in: + +
+ +Or you could also go to the API AWS documentation and check each action docs: + +* [**AddUserToGroup**](https://docs.aws.amazon.com/IAM/latest/APIReference/API\_AddUserToGroup.html) +* [**GetSecretValue**](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API\_GetSecretValue.html) + ### `states:TestState` & `iam:PassRole` An attacker with the **`states:TestState`** & **`iam:PassRole`** permissions can test any state and pass any IAM role to it without creating or updating an existing state machine, enabling unauthorized access to other AWS services with the roles' permissions. potentially. Combined, these permissions can lead to extensive unauthorized actions, from manipulating workflows to alter data to data breaches, resource manipulation, and privilege escalation.