Speaker
✓ Transformation Day for free
✓ Save up to 867€
✓ Amazon Echo Dot or Arduino for free
Register now
✓ Transformation Day gratis
✓ Sparen Sie bis zu 867 €
✓ Amazon Echo Dot oder Arduino gratis
Jetzt anmelden
Infos
Description
Demo of SSRF methodology of a website attack to takeover temporary AWS credentials. We will cover two demo’s showing how we can hijack access to EC2 using reserve shell with userdata script. Moreover we will follow approach to inject malicious code to Lambda function without having permissions to update code. End of session will be dedicated to show some examples of JSON policies solving most popular challenges regarding permissions in AWS.