April 2019
Intermediate to advanced
508 pages
11h 57m
English
As an attacker, it is important to understand how IAM policies work, because once you can read them, you can determine exactly what access you have to an environment and why certain API calls that you make will fail with an access denied error, even when it seems like they should be allowed. It's possible that you are targeting a resource that was not specified in the policy, you aren't multi-factor authenticated, or it could be for various other reasons.
When we are inspecting compromised keys during an attack, what we love to see is a statement like the following:
{ "Effect": "Allow", "Action": "*", "Resource": "*"}
This statement gives us administrator-level permissions. Because it allows for the use of the ...
Read now
Unlock full access