This page has moved to https://0xdstn.site/wiki/infosec/recon. Please update your link to view the latest version.
~dustin hello writing thoughts reading feeds
..

📘 Recon

Below are my notes regarding Recon research.

  1. Notes
  2. Tools

Notes

Validate AWS credentials

You can validate AWS creds by running the following. I took this from this comment on github:

export AWS_ACCESS_KEY_ID="AKIAYUBS5O3BYC7WBJWO"
export AWS_SECRET_ACCESS_KEY="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"

aws sts get-caller-identity

If valid, you will get some json like this:

{
 "UserId": "ABCDEFGHIJKLMNOPQRSTU",
 "Account": "123456789012",
 "Arn": "arn:aws:iam::123456789012:user/person"
}

If invalid you will get an error:

An error occurred (InvalidClientTokenId) when calling the GetCallerIdentity operation: The security token included in the request is invalid.

Tools

👋 Hey! Thanks for reading! If you have any comments or questions about this post, or anything else, I'd love to chat! You can find the best way to contact me on my hello page or send me an email.