GITBOOK-659: No subject

HackTricks-wiki · Aug 20, 2024 · ab3d551 · ab3d551
1 parent 0f6a0c2
commit ab3d551
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/.gitbook/assets/image (348).png b/.gitbook/assets/image (348).png
diff --git a/...cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.md b/...cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.md
@@ -23,6 +23,12 @@ For more information about this AWS service, check:
 [aws-stepfunctions-enum.md](../aws-services/aws-stepfunctions-enum.md)
 {% endcontent-ref %}
 
+### `states:RevealSecrets`
+
+This permission allows to **reveal secret data inside an execution**. For it, it's needed to set Inspection level to TRACE and the revealSecrets parameter to true.
+
+<figure><img src="../../../.gitbook/assets/image (348).png" alt=""><figcaption></figcaption></figure>
+
 ### `states:DeleteStateMachine`, `states:DeleteStateMachineVersion`, `states:DeleteStateMachineAlias`
 
 An attacker with these permissions would be able to permanently delete state machines, their versions, and aliases. This can disrupt critical workflows, result in data loss, and require significant time to recover and restore the affected state machines. In addition, it would allow an attacker to cover the tracks used, disrupt forensic investigations, and potentially cripple operations by removing essential automation processes and state configurations.