April 2019
Intermediate to advanced
508 pages
11h 57m
English
Prior to trying to detect and exploit privilege escalation for our target user, we are going to add another policy that will make the user vulnerable to privilege escalation. Add an inline policy named PutUserPolicy to our original Test user with the following document before proceeding:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:PutUserPolicy",
"Resource": "*"
}
]
}
This policy gives our user access to run the iam:PutUserPolicy API action on any user.
Read now
Unlock full access