본문 바로가기

The Big IAM Challeng6

[The Big IAM Challenge] One final push One final push 문제 설명 Anonymous access no more. Let's see what can you do now. Now try it with the authenticated role: arn:aws:iam::092297851374:role/Cognito_s3accessAuth_Role IAM Policy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Federated": "cognito-identity.amazonaws.com" }, "Action": "sts:AssumeRoleWithWebIdentity", "Condition": { "StringEquals": { "cognito-.. 2023. 7. 9.
[The Big IAM Challenge] Do I know you? Do I Know you? 문제 설명 We configured AWS Cognito as our main identity provider. Let's hope we didn't make any mistakes IAM Policy { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "mobileanalytics:PutEvents", "cognito-sync:*" ], "Resource": "*" }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "s3:GetObject", "s3:ListBucket" ], "Resource":.. 2023. 7. 9.
[The Big IAM Challenge] Admin only? Admin only? 문제 설명 We learned from our mistakes from the past. Now our bucket only allows access to one specific admin user. Or does it? IAM Policy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::thebigiamchallenge-admin-storage-abf1321/*" }, { "Effect": "Allow", "Principal": "*", "Action": "s3:ListBucket", "Reso.. 2023. 7. 9.
[The Big IAM Challenge] Enable Push Notifications Enable Push Notifications 문제 설명 We got a message for you. Can you get it? IAM Policy { "Version": "2008-10-17", "Id": "Statement1", "Statement": [ { "Sid": "Statement1", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "SNS:Subscribe", "Resource": "arn:aws:sns:us-east-1:092297851374:TBICWizPushNotifications", "Condition": { "StringLike": { "sns:Endpoint": "*@tbic.wiz.io" } } } ] } 풀이 이번.. 2023. 7. 9.
[The Big IAM Challenge] Google Analytics Google Analytics 문제 설명 We created our own analytics system specifically for this challenge. We think it's so good that we even used it on this page. What could go wrong? Join our queue and get the secret flag IAM Policy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": [ "sqs:SendMessage", "sqs:ReceiveMessage" ], "Resource": "arn:aws:sqs:us-east-1:0922978.. 2023. 7. 9.
[The Big IAM Challenge] Buckets of Fun 문제 설명 Buckets of Fun : We all know that public buckets are risky. But can you find the flag? IAM Policy { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::thebigiamchallenge-storage-9979f4b/*" }, { "Effect": "Allow", "Principal": "*", "Action": "s3:ListBucket", "Resource": "arn:aws:s3:::thebigiamchallenge-storage-9.. 2023. 7. 9.

티스토리툴바