Open andresriancho opened 5 years ago
There are multiple VPN client-servers, I need to choose one that is easy to install in Lambda and does real VPN networking, not just port forwarding.
https://github.com/0x36/VPNPivot https://blog.rapid7.com/2011/12/29/jumping-into-another-network-with-vpn-pivoting/ https://0xdf.gitlab.io/2019/01/28/pwk-notes-tunneling-update1.html https://artkond.com/2017/03/23/pivoting-guide/ https://medium.com/@6c2e6e2e/network-pivoting-like-a-pro-2fa04a569d8c
The initial implementation of
vpc-vpn-pivot
is starting a VPN server in AWS Client VPN. In order to do that, the compromised AWS credentials require rather uncommon privileges (unless you have*:*
).A great improvement for this tool would be to:
If the attacker has privileges to create the AWS Client VPN, then the initial method should be used, else: