首页
靶机库
MazeSec
靶机下载
此内容已加密
如需密码请联系作者
解锁
AWS
1. Early Access
1.1. 信息收集
1.2. AWS web
1.2.1. apply for job
1.2.2. 目录扫描
1.2.3. JS Deobfuscation
1.2.4. Get token
2. Inspector
2.1. 接口探测
2.1.1. Get log
3. Statement
3.1. tyler
3.2. git泄露
3.3. jobs.amzcorp.local
3.3.1. 权限提升
3.3.2. sql注入
3.4. company-support.amzcorp.local
3.4.1. SSTI
3.4.2. JWT k复用
3.5. admin for jobs.amzcorp.local
3.5.1. get role
3.5.2. update role
3.6. sql注入
4. Relentless
4.1. shell as www-data
4.1.1. JWT 伪造
4.1.2. ssti
5. Magnified
5.1. 提权
5.1.1. backup_tool
6. Shortcut
6.1. DirtyPipe
7. Long Run
7.1. 主机探测
7.2. mail
7.3. AS-rep roasting
7.3.1. hashcrack via rules
7.4. smb shares
7.5. AWS auth as john
7.6. aws DynamoDB
7.7. 密码喷洒
7.8. shell as david
8. Jerry-built
8.1. workflow.amzcorp.local
8.1.1. Apache Airflow
8.2. AWS auth as will
8.3. Lambda exploit
8.3.1. 创建自定义函数
8.3.2. 运行函数
8.3.3. 权限提升
8.3.4. tracking_api function
9. Line Up
10. Long Run
11. Demolish
11.1. 列存储桶
11.2. 密码喷洒
11.3. Hashes
12. References