cloudgoat
cloudgoat copied to clipboard
RhinoSecurityLabs
Scenario | ecs_privesc_evade_protection
Add a new scenario which abuses an ECS & reverse shell to escalate privileges.
We have addressed all the requirements. Please let us know if there are any other requests or suggestions. :)
Terraform version >= 2.0 was definitely a misnomer. According to Hasicorp, the latest version of terraform is 1.6.3. The version has been modified accordingly.
and I added vpc.tf reflecting the feedback. => https://discord.com/channels/969671994599669760/1168866493451214859/1170108321819275334
The following data sources are now unused
- data.aws_vpc.default
- data.aws_subnets.all_subnets
I would also recommend adding a required version for the archive & time providers
Have the scenario create the CloudWatch group that the lambda will write to. Then when the scenario is destroyed it is also cleaned up
I was thinking about adding an easy path and decided to create a separate secret-string file for each path. S3 is now accessible with web credentials, and users can also see both secret files. However, users can only read the contents of the easy-path file. Users must do ECS Privesc to read the Hard Path file.
941aa8206d81ae86f87bd7c030362c7259e0ec75
The change to the platform are still building as arm, the ECS tasks then fails.
I think the only thing needed to be added is the platform tag to force it to be amd64
docker_build_cmd = f"docker build --platform=linux/amd64 -t {repository_uri}:{image_tag} {path}"
Everything else looks great 🙌