April 2019
Intermediate to advanced
508 pages
11h 57m
English
The first step in establishing this kind of persistence will be to find a suitable role to target. Not all roles allow you to update their trust policy document, which means we don't want to target those roles. They are generally service-linked roles, which are a unique type of IAM role that is linked directly to an AWS service (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html).
These roles can be quickly identified from the IAM roles page of the AWS web console in a few different ways. First, you will likely see that they begin with AWSServiceRoleFor in their name and will be followed by the AWS service they are for. Another indicator is in the trusted entities column of the ...
Read now
Unlock full access