Skip to content

Commit

Permalink
GITBOOK-497: change request with no subject merged in GitBook
Browse files Browse the repository at this point in the history
  • Loading branch information
@carlospolop @gitbook-bot
carlospolop authored and gitbook-bot committed Dec 19, 2023
1 parent 3e4ebb2 commit 10e589f
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 1 deletion.
2 changes: 1 addition & 1 deletion ...security/aws-services/aws-security-and-detection-services/aws-inspector-enum.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ aws inspector list-exclusions --assessment-run-arn <arn>
aws inspector list-rules-packages
```

### Post Exploitation
## Post Exploitation

{% hint style="success" %}
From an attackers perspective, this service can help the attacker to find vulnerabilities and network exposures that could help him to compromise other instances/containers.
Expand Down
36 changes: 36 additions & 0 deletions ...d/aws-security/aws-services/aws-security-and-detection-services/aws-waf-enum.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,42 @@ If an **incoming request does not meet any rule** within the Web ACL then the re

WAF CloudWatch metrics are reported **in one minute intervals by default** and are kept for a two week period. The metrics monitored are AllowedRequests, BlockedRequests, CountedRequests, and PassedRequests.

## Enumeration

scope can also be CLOUDFRONT, but when checking for a WAF not related to CLoudfront you need to use REGIONAL.

```
# Get web acls
aws wafv2 list-web-acls --scope REGIONAL
aws wafv2 get-web-acl --scope REGIONAL --name <name> --id <id>
aws wafv2 list-resources-for-web-acl --web-acl-arn <web-acl-arn> #Resources associated with the ACL
aws wafv2 get-web-acl-for-resource --resource-arn <arn> # Get web acl of the resource
# Rule groups
aws wafv2 list-rule-groups --scope REGIONAL
aws wafv2 get-rule-group --scope REGIONAL --name <name> --id <id>
# Get IP sets
aws wafv2 list-ip-sets --scope=REGIONAL
aws wafv2 get-ip-set --scope=REGIONAL --name <name> --id <id>
# Get regex patterns
aws wafv2 list-regex-pattern-sets --scope REGIONAL
# Get logging config (buckets storing the logs)
aws wafv2 list-logging-configurations --scope=REGIONAL
```

## Post Exploitation / Bypass

{% hint style="success" %}
From an attackers perspective, this service can help the attacker to identify WAF protections and network exposures that could help him to compromise other webs.

However, an attacker could also be interested in disrupting this service so the webs aren't protected by the WAF.
{% endhint %}

TODO: PRs are welcome

<details>

<summary><strong>Support HackTricks and get benefits!</strong></summary>
Expand Down

0 comments on commit 10e589f

Please sign in to comment.