This document discusses how cloud service provider marketplaces can help with white hat and black hat vulnerability research. It provides examples of analyzing images from AWS Marketplace, Azure Marketplace, and Google Cloud Marketplace. The key findings are that AWS Marketplace most strongly protects seller intellectual property, while Azure and GCP Marketplaces have advantages for security researchers by allowing low-cost access and analysis of listed products with few restrictions. The document cautions that legal risks must be considered before conducting any security research activities.

1. Shopping for
Vulnerabilities
How Cloud Service Provider Marketplaces can Help
White and Black Hat Vulnerability Research
VULNS

2. sts:GetCallerIdentity
arn:aws:iam:sa-east-1:*:user/GlayssonTomaz
Cloud Security Researcher @ Tenchi Security
arn:aws:iam:sa-east-1:*:user/AlexandreSieira
Co-Founder and CTO @ Tenchi Security
> 25+ years in cybersecurity - old_man_yells_at_cloud.gif
> Co-founder & CTO @ Cipher (acquired by Prosegur)
> Co-founder & CTO @ Niddel (acquired by Verizon)
> Global Head of Detection & Response products @ Verizon
> AWS Certified Security - Specialty
> 12+ years of experience in Cybersecurity
> Security researcher in AppSec, IoT, Cloud
arn:aws:iam:sa-east-1:*:user/MarceloLima
Cloud Security Consultant @ Tenchi Security
> 25+ years of experience in Infrastructure and security
> Cloud Infrastructure Manager @ Claro
> GCP Professional Cloud Security Engineerl
asieira@tenchisecurity.com
@AlexandreSieira
gtomaz@tenchisecurity.com
https://github.com/s4dhulabs
mlima@tenchisecurity.com

3. Why should you care?
https://www.trellix.com/en-us/about/newsroom/stories/threat-labs/conti-leaks-examining-the-panama-
papers-of-ransomware.html
Black hats are looking for a way in:
● Access brokers want to exploit Internet-facing
products;
● Malware developers want to bypass your
detection and prevention security products;
● Perimeter security appliances are a double
whammy!
White hats want the fun and the profit:
● Evaluate product security;
● Profit from bug bounties;
● Create logos and name vulnerabilities.

4. Why should you care?
A few notable examples:
Data collected August 3rd, 2022

5. AWS Marketplace
Product codes (a.k.a. offer IDs) != product IDs.
Seem designed to ensure software isn't executed
on instances not created by AWS Marketplace
(https://docs.aws.amazon.com/marketplace/latest/userguide/best-practices-fo
r-building-your-amis.html#verifying-ami-runtime)
Shown to buyers in at least four places:
● the marketplace wizard;
● notification e-mail;
● instance identity document of EC2
instances;
● ec2:DescribeInstances.
Console calls undocumented APIs at
discovery.marketplace.us-east-1.amazonaws.com
and "offerId" is used to return the product code.

6. AWS Marketplace
Product code has potential uses for defenders (asset management) and attackers (recon).
If you visit https://aws.amazon.com/marketplace/pp/ref=bill_eml_2?sku=<product code> you can manually
discover the seller and product of a product code.
List all instances with a Marketplace product code:
aws ec2 describe-instances --filters Name=product-code.type,Values=marketplace
List all instances with a specified Marketplace product code:
aws ec2 describe-instances --filters Name=product-code,Values=<product code>
List all public AMIs associated with a specified Marketplace product code:
aws ec2 describe-images --filters Name=product-code,Values=<product code>

7. AWS Marketplace
Trying to run an instance with a Marketplace AMI without a subscription:
$ aws –region us-east-1 ec2 run-instances --image-id ami-0ceb5feceacf87c44 --subnet-id
subnet-<redacted>
An error occurred (OptInRequired) when calling the RunInstances operation: In order to
use this AWS Marketplace product you need to accept terms and subscribe. To do so please
visit https://aws.amazon.com/marketplace/pp?sku=
f2ew2wrz425a1jagnifd02u5t
After launching an instance through the Marketplace and subscribing:
$ aws ec2 describe-instances --instance-id i-<redacted> | jq
'.Reservations[].Instances[] | .ProductCodes'
[
{
"ProductCodeId": "
6njl1pau431dv1qxipg63mvah",
"ProductCodeType": "marketplace"
}
]

8. AWS Marketplace
Boot volume seems normal under "aws ec2 describe-volumes", no product
codes. Let's try to mount at as a secondary disk on a new analysis instance to
rummage through it:
1. Detach from Marketplace instance: ✅
2. Create new Linux instance and stop it: ✅
3. Attach volume as secondary disk on the analysis instance: 🛑
$ aws ec2 attach-volume --device xvdb --instance-id
i-<redacted> --volume-id vol-<redacted>
An error occurred (OperationNotPermitted) when calling the
AttachVolume operation: One or more of
[6njl1pau431dv1qxipg63mvah] are not allowed as secondary volume
xvdb

9. AWS Marketplace
Only visible association to the original AMI and the Marketplace is through
the snapshot it was created from. So let's try:
1. Create a new snapshot of the volume: ✅
2. Create a new volume from this snapshot: ✅
3. Attach newly created volume as secondary disk on the analysis
instance: 🛑
$ aws ec2 attach-volume --device xvdb --instance-id
i-<redacted> --volume-id vol-<redacted>
An error occurred (OperationNotPermitted) when calling the
AttachVolume operation: One or more of
[6njl1pau431dv1qxipg63mvah] are not allowed as secondary
volume xvdb

10. AWS Marketplace
Maybe the association is via the AMI? So let's try this:
1. Create an AMI from the Marketplace instance: ✅
2. Create a new instance from that AMI: ✅
3. Detach the boot volume from new instance: ✅
4. Attach volume as secondary disk on the new instance: 🛑
$ | => aws ec2 attach-volume --device xvdb --instance-id
i-02f09c8ee2628f46e --volume-id vol-09db9337b82217687
An error occurred (OperationNotPermitted) when calling the
AttachVolume operation: One or more of
[6njl1pau431dv1qxipg63mvah] are not allowed as secondary
volume xvdb

11. AWS Marketplace
Found an old mailing list post mentioning a workaround
(https://www.mail-archive.com/packer-tool@googlegroups.com/msg04649.
html):
1. Create an AMI from the Marketplace instance: ✅
2. Share it with another account: ✅
3. Create an instance at other account using the shared AMI: 🛑
ec2:DescribeImages still shows the product codes associated with the
new AMI, so AWS closed that loophole at some point.
Also tried copying a snapshot to S3 and using direct access APIs. All
blocked.

12. AWS Marketplace
No KYC, domain, URL or logo validation required
to become a seller eligible to publish free products.
KYC is required to sell paid products to EMEA,
apparently, though T&Cs allows them across the
board.
AWS purports to do regular scanning of images to
check for vulnerabilities, and provides on-demand
scanning to sellers.
Defines security standards for images, such as:
● no known vulnerabilities;
● no hardcoded passwords;
● no remote access by seller.

13. Azure Marketplace
Azure is kind enough to have documented APIs and CLI commands to interact with Marketplace images!
(https://docs.microsoft.com/en-us/cli/azure/vm/image?view=azure-cli-latest)

14. Azure Marketplace
You can attach a marketplace boot disk as a secondary disk in another VM!
1) First find the Publisher.Offer part of the URL:
https://azuremarketplace.microsoft.com/en-us/marketplace/apps/tidalmediainc.tinyproxy-easy-ub
untu?tab=Overview
2) Obtain the SKU name:
$ az vm image list-skus -l brazilsouth -p tidalmediainc -f tinyproxy-easy-ubuntu | jq
.[].name
"tinyproxy-easy-ubuntu"
3) Obtain the URN of the images:
$ az vm image list -p tidalmediainc -s tinyproxy-easy-ubuntu --all | jq .[].urn
"tidalmediainc:tinyproxy-easy-proxy-server-ubuntu:tinyproxy-easy-ubuntu-server:1.0.1"
"tidalmediainc:tinyproxy-easy-ubuntu:tinyproxy-easy-ubuntu:1.0.0"

15. Azure Marketplace
4) Accept the terms of the license (appears to be optional):
$ az vm image terms accept --urn
"tidalmediainc:tinyproxy-easy-proxy-server-ubuntu:tinyproxy-easy-ubuntu-server:1.0.1"
5) Create a disk based on that image:
$ az disk create -g <resource group> -n <disk name> -l brazilsouth --image-reference
tidalmediainc:tinyproxy-easy-ubuntu:tinyproxy-easy-ubuntu:1.0.1
6) Attach as a secondary disk on an analysis VM:
$ az vm disk attach -g <resource group> –vm-name <VM name>
-n <disk name> -l brazilsouth
7) Profit!

16. Google Cloud Marketplace
GCP provides an easy way to deploy any marketplace infrastructure with predefined deployments. You can
filter for the kind of software you want, select it and the GCP will do all the rest.
You can attach a marketplace boot disk as a secondary disk in another VM!
1) Open Google Cloud console and go to the Marketplace:
https://console.cloud.google.com/marketplace
2) Pick up a vendor product with Virtual Machines type. Use filters to choose on
3) Deploy the application and stop the virtual machine(s).
$ gcloud compute instances stop <marketplace-product-instance-name>
4) Create a snapshot from the instance you just stopped.
$ gcloud compute snapshots create <snapshot-name> --zone=<zone>
--source-disk=<marketplace-instance-disk>

17. Google Cloud Marketplace
5) Create a disk from the snapshot
$ gcloud compute disks create <disk-name> --source=<snapshot-name> --zone=<zone>
6) Create a new instance and attach the new disk as a secondary disk to the VM.
$ gcloud compute instances create <new-instance-name> --machine-type=<machine-type>
--disk=boot=no,device-name=<disk-name>,mode=rw,name=<disk-name> --zone=<zone>
7) From the GCP console SSH to the new VM
8) Run fdisk to see the disks and mount the disk (it should be /dev/sdbX where X is the physical partition)
$ sudo fdisk -l
$ sudo mount /dev/sdbX /<mounting-point>

18. Google Cloud Marketplace
9) If the disk is not mounted it is probably because it has an invalid partition type or it is a volume group.
In both cases run a logical volume scan in the physical partition and mount it. You should see
something similar as /dev/sdbX/<logical-volume>.
$ sudo lvscan -a
$ sudo mount /dev/sdbX/<logical-volume> /<mounting-point>
10) Start digging

19. Final Words
● AWS Marketplace seems to offer better protection for seller
intellectual property than selling hardware appliances, kudos!
○ Should have documented APIs, SDK and CLI support for
buyers;
○ Beware of instance restrictions (backup, etc).
● Azure and GCP Marketplaces offers big advantages to white
and black hat security researchers:
○ Low or no cost (BYOL or pay-as-you-go);
○ No pesky sanctions or logistics-related difficulties to
obtaining access to products;
○ Very low barrier to entry (account with fake/stolen
payment data);
○ Very amenable to automation! DevSecResearchOps
FTW
IANL disclaimer - don't do any
of this before you are sure of
the legal risks involved.

20. Thank you!
> Alex Sieira
asieira@tenchisecurity.com
@AlexandreSieira