GITBOOK-495: change request with no subject merged in GitBook

HackTricks-wiki · Dec 18, 2023 · 0605b82 · 0605b82
1 parent 1b96405
commit 0605b82
Showing 1 changed file with 27 additions and 1 deletion.
diff --git a/pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.md b/pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.md
@@ -66,7 +66,33 @@ An attacker, that needs to be **from the same account**, if not  the error `The
 ```bash
 # Update Bucket policy
 aws s3api put-bucket-policy --policy file:///root/policy.json --bucket <bucket-name>
-##JSON policy example
+
+## JSON giving permissions to a user and mantaining some previous root access
+{
+    "Id": "Policy1568185116930",
+    "Version":"2012-10-17",
+    "Statement":[
+        {
+            "Effect":"Allow",
+            "Principal":{
+                "AWS":"arn:aws:iam::123123123123:root"
+            },
+            "Action":"s3:ListBucket",
+            "Resource":"arn:aws:s3:::somebucketname"
+        },
+        {
+            "Effect":"Allow",
+            "Principal":{
+                "AWS":"arn:aws:iam::123123123123:user/username"
+            },
+            "Action":"s3:*",
+            "Resource":"arn:aws:s3:::somebucketname/*"
+        }
+    ]
+}
+
+## JSON Public policy example
+### IF THE S3 BUCKET IS PROTECTED FROM BEING PUBLICLY EXPOSED, THIS WILL THROW AN ACCESS DENIED EVEN IF YOU HAVE ENOUGH PERMISSIONS
 {
   "Id": "Policy1568185116930",
   "Version": "2012-10-17",