AWS Ethical Hacking Tutorial

Introduction

I found this awesome brisk, one-hour, self-paced tutorial on finding & avoiding security gotchas in your AWS setup. I learned a lot going through it. Highly recommend this for your AWS teams. Go to: flaws

Summary

Through a series of levels you’ll learn about common mistakes and gotchas when using Amazon Web Services (AWS). The author (Scott Piper) provides a series of hints that will teach you how to discover the information you’ll need to further yourselves to the next level. If you don’t want to actually run any commands, you can just keep following the hints which will give you the solution to the next level. At the start of each level, you’ll learn how to avoid the problem the previous level exhibited.

Lesson learned

It is common to give people and entities read-only permissions such as the SecurityAudit policy. The ability to read your own and other’s IAM policies can really help an attacker figure out what exists in your environment and look for weaknesses and mistakes.

Avoiding this mistake

Don’t hand out any permissions liberally, even permissions that only let you read meta-data or know what your permissions are.

Authenticating to GitHub using SSH

You can use SSH to connect and authenticate to GitHub. This allows you to check-in your artifacts to GitHub from the CLI without having to provide your username and password during every git push. Here are some notes on how to enable SSH for GitHub.

Generating a new SSH key

Open Terminal.

Paste the text below, substituting in your GitHub email address.

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

This creates a new ssh key, using the provided email as a label.

Generating public/private rsa key pair.

When you’re prompted to Enter a file in which to save the key, press Enter. This accepts the default file location.

 Enter a file in which to save the key (/Users/you/.ssh/id_rsa): [Press enter]

At the prompt, type a secure passphrase.

Enter passphrase (empty for no passphrase): [Type a passphrase]
Enter same passphrase again: [Type passphrase again]

Adding your SSH key to the ssh-agent

Before adding a new SSH key to the ssh-agent to manage your keys, you should have checked for existing SSH keys and generated a new SSH key. When adding your SSH key to the agent, use the default macOS ssh-add command, and not an application installed by macports, homebrew, or some other external source.

Start the ssh-agent in the background.

eval "$(ssh-agent -s)"
Agent pid 4356

If you’re using macOS Sierra 10.12.2 or later, you will need to modify your ~/.ssh/config file to automatically load keys into the ssh-agent and store passphrases in your keychain.

Host *
 AddKeysToAgent yes
 UseKeychain yes
 IdentityFile ~/.ssh/id_rsa

Add your SSH private key to the ssh-agent and store your passphrase in the keychain. If you created your key with a different name, or if you are adding an existing key that has a different name, replace id_rsa in the command with the name of your private key file.

$ ssh-add -K ~/.ssh/id_rsa

Add the SSH key to your GitHub account

Copy the SSH key to your clipboard.

If your SSH key file has a different name than the example code, modify the filename to match your current setup. When copying your key, don’t add any newlines or whitespace.

$ pbcopy < ~/.ssh/id_rsa.pub
# Copies the contents of the id_rsa.pub file to your clipboard

Tip: If pbcopy isn’t working, you can locate the hidden .ssh folder, open the file in your favorite text editor, and copy it to your clipboard.

Now login to your GitHub account in a browser. In the upper-right corner of any page, click your profile photo, then click Settings.

In the user settings sidebar, click SSH and GPG keys.

Click New SSH key or Add SSH key.

In the Title field, add a descriptive label for the new key. For example, if you’re using a Mac, you might call this key “My Mac”. Paste your key into the “Key” field.

Click Add SSH key.

If prompted, confirm your GitHub password.


Switching remote URLs from HTTPS to SSH

Open Terminal.

Change the current working directory to your local project.

List your existing remotes in order to get the name of the remote you want to change.

git remote -v
origin  https://github.com/USERNAME/REPOSITORY.git (fetch)
origin  https://github.com/USERNAME/REPOSITORY.git (push)

Change your remote’s URL from HTTPS to SSH with the git remote set-url command.

git remote set-url origin git@github.com:USERNAME/REPOSITORY.git

Verify that the remote URL has changed.

git remote -v
# Verify new remote URL
origin  git@github.com:USERNAME/REPOSITORY.git (fetch)
origin  git@github.com:USERNAME/REPOSITORY.git (push)