12 Apotheosis
While we were fiddling around with our Lambda backdoor, someone at Gretsch Politico was kind enough to trigger the reverse shell nested in the ecr-login.sh script. Not once, but multiple times. Most sessions seemed to time out after about 30 minutes, so we need to be swift and efficient in assessing this new environment and finding novel ways of pivoting inside. We open one of the meterpreter sessions and spawn a shell on the remote machine:
meterpreter > shell
Channel 1 created.
# id
1 uid=0(root) gid=0(root) groups=0(root)
# hostname
2 e56951c17be0
We can see that weâre running as root 1 inside a randomly named machine ...
Get How to Hack Like a Ghost now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.