Member-only story
Tryhackme Hackfinity Battle CTF — Cloud sanity check writeup
Hello everyone, I hope you are doing well and great, My name is Mohammed and i am a junior penetration testing and a CTF player at DzalmusCTF team.
During this CTF challenges i was playing along with my talented teammate 0xrar
In today’s writeup i will be showing you how i solved the cloud challenge: Cloud Sanity Check challenge.
At the beginning we need to understand the given before trying to do anything.
This is a cloud challenge and here we are dealing with AWS.
We are recommended to use the aws-cli so we will use it.
We need to find which service has the flag in addition this service we only have permission on meaning that all other things will result in permission denied.
# Installing aws in linux:
sudo apt install awscliThe next step is to configure AWS by providing the given credentials. This will allow us to use AWS services and make API requests using:
aws configureWe will be prompted with:
AWS Access Key ID [None]: <access_key>
AWS Secret Access Key [None]: <secret_access_key>
Default region name [None]: <add_region>
Default output format [None]: json #json as an exampleIf all good, now we can run the following command to verify it:
aws sts get-caller-identity
result:
{
"UserId": "ID",
"Account": "numbers",
"Arn": "arn:aws:iam::ID:user/user0"
}Now you are done, You can now start using aws-cli and make calls.
But here is the issue, I am not that familiar with using aws-cli and i don’t know actually what to search for? and how will i know which service i need to search for?
So i spent some time reading about awscli , how to use it and what are the available functions, i keep trying some them like:
aws iam get-user
aws logs describe-log-groups
aws iam list-roles
and much more commands.
