pacu
pacu copied to clipboard
RhinoSecurityLabs
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
* When I run the iam__enum_permissions module for a user who has an inline policy attached but no managed policy attached, the correct value is not printed in the "MODULE...
I'm getting this error when I try to install pacu with `bash install.sh` or `pip install -U pacu` in windows, using python 3.10 and python 3.9 Same error as in...
Currently for the module cfn__resource_injection takes two input 1. s3-access-key : Victims key 2. attacker-key: Attackers key In the code we are checking if current session is victims key or...
Pacu expects the IAM Policyblocks to always have the structure Effect, Action, Resource. But AWS allows for a different definition of which resources are affected. The NotResource definition. ( https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notresource.html...
Currently, when invoking aws cli commands (e.g. 'aws configure list'), the aws cli profile is the same as when pacu was started. If you want to switch to another aws...
Newly installed pacu failed to initiate its functionality. Let me know what can I do to fix this # my environment ``` % uname -a Darwin my machine name 20.6.0...
It looks like this line is looking for an IAM boto client object. However, `client` gets overwritten with an STS boto client on line 80 if a user arn is...
[systemsmanager__rce_ec2] Successfully attacked the following instances: ['i-017971a4501522fec', 'i-0541868fd20e98d31', 'i-0a21788575cfb2fde', 'i-0f21d30d2893b2151', 'i-001392a747cd92709', 'i-0126393217951f21f'] It is already a vulnerable example, but it is wrong Checked the error message. This is it /root/.local/share/pacu/haixing/error_log.txt
Metadata
Owner
Metadata
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.