AWS - Privilege Escalation
{{#include ../../../banners/hacktricks-training.md}}
AWS Privilege Escalation
The way to escalate your privileges in AWS is to have enough permissions to be able to, somehow, access other roles/users/groups privileges. Chaining escalations until you have admin access over the organization.
β οΈ Warning
AWS has **hundreds** (if not thousands) of **permissions** that an entity can be granted. In this book you can find **all the permissions that I know** that you can abuse to **escalate privileges**, but if you **know some path** not mentioned here, **please share it**.
β οΈ Caution
If an IAM policy has `"Effect": "Allow"` and `"NotAction": "Someaction"` indicating a **resource**... that means that the **allowed principal** has **permission to do ANYTHING but that specified action**.\
So remember that this is another way to **grant privileged permissions** to a principal.
The pages of this section are ordered by AWS service. In there you will be able to find permissions that will allow you to escalate privileges.
Mindmap
Tools
- https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/aws_escalate.py
- Pacu
{{#include ../../../banners/hacktricks-training.md}}