jiraffe icon indicating copy to clipboard operation
jiraffe copied to clipboard

Published 20 hours ago verified publisher icon 0x48piraj

Detecting the hosting platform

Open 0x48piraj opened this issue 5 years ago • 2 comments

For targeted payloads on specific vendors. (AWS, gcloud, ...)

References —

  • https://www.coengoedegebure.com/how-i-got-access-to-local-aws-info-via-jira/
  • https://medium.com/@Skylinearafat/how-outdated-jira-instances-suffers-from-multiple-security-vulnerabilities-6a88c45e9ec6
  • https://blog.detectify.com/2019/01/29/hacking-isnt-an-exact-science/

0x48piraj avatar Feb 09 '20 09:02 0x48piraj

https://github.com/0x48piraj/Jiraffe/commit/e9650a7a59754a8ff8f921c7bd239b6b39265379 implements attack for leaking Amazon AWS credentials.

0x48piraj avatar Feb 24 '20 14:02 0x48piraj

Reference — Abusing the AWS metadata service using SSRF vulnerabilities

0x48piraj avatar Jul 22 '20 08:07 0x48piraj